It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Need a better way to deny access to most spaces for a small group of users

I am working on a special Confluence server and in this case, for a long time, all spaces were available to all users, so it was fine to leave the confluence-users group in place with its default settings in the space permissions for all the spaces that were created.

Recently it became necessary to add a small but specific group in Confluence - users in this group should only have access to a single space and NOTHING else.

Given that there is no explicit deny, I had to create a new group, put everyone in Confluence-users minus the small group in there, go to all of the spaces that were previously created, and then remove confluence-users from the permissions, and add the new group. 

So now every time someone makes a space, since the confluence-users group is added automatically, the space creator has to remember to take confluence-users out and add this other group. There has to be a better way.  

1 answer

0 votes
Diego Atlassian Team Apr 02, 2020

Hello @Rob Horan !

There is another way of doing this, yes. As I understand, a very specific set of users should not be able to access a pretty good chunk of your Confluence instance. This group of users should have access solely to a specific set of spaces.

Since the confluence-users is the default group for users created in Confluence, what we want to do is this:

  1. Create the users that need access solely to the specific spaces (let us call this Team A)
  2. Remove said users from the confluence-users group
  3. Now, go into Cog Icon > General Configuration
  4. On the left side of the page, look for the "Groups" option
  5. Select the “Groups” option
  6. Click the "Add Group" link at the top of the page, right under the Groups word.
  7. Create a new group (let us call it group-special-access)
  8. Go back to the left side of the page and find the "Global Permissions" option
  9. Select the "Global Permissions" option
  10. Click the "Edit permissions:  button at the top right corner
  11. In the “Grant browse permission to” field, type out group-special-access
  12. Click the “Add” button on the right side of the field
  13. Select the desired permissions for this group (By default, they will have only the “Can Use” one)
  14. Scroll Down
  15. Click the “Save All” button
  16. Go back to the “Groups” option
  17. Find the newly created group (confluence-special-access)
  18. Add the needed users (Team A) there
  19. Save


The results of this procedure will be these:

  • Newly created spaces will not include confluence-special-access in their permissions
  • Newly created users will not be part of this newly created group
  • Team A will still have access to Confluence

If you need more insight into permissions and groups, you can take a look here:


I hope this helps you out! Looking forward to your reply.

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted in Confluence

Lessons and Learnings: Six Months of Working Remote [Discussion]

Hey there, folks! For most of us, the past six months- yes, you read that right- have been a journey. More people than ever before have pivoted to working remotely, and navigating being on-scre...

8,196 views 6 6
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you