Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Why am I getting "Access to the resources was denied due to missing scope"?


When I used the REST API from the documentation to get the list of users in a Confluence group using group id,I get the following error. What am I missing here?

Twitter conversation on the same issue 

1 answer

1 accepted

1 vote
Answer accepted
Matte Atlassian Team Dec 07, 2022

Hello Saravana,

Matt from Cloud Support, primary Confluence! I was chatting with some of our social teams and they asked me to take a look at this. I recently went through the process of figuring some of this out myself, so I am happy to share the knowledge where I can!

Based on your description, and the screenshot provided, it looks like you’re trying to:

  • pull group information from your Confluence site.
  • See which users are part of specific groups. 


You won't be able to work with Product groups at the organization level with the Cloud Admin API. The Atlassian management system is arranged similarly to how permissions/restrictions work. Within an Organization, you may have multiple sites, composed of different Atlassian product instances. All of these sites share the organization's user-base, however groups currently are managed at the site level.


Getting Started

Pulling a list of all groups from the Confluence Cloud REST API

- Documentation:

  1. First things first, we need a product level API key! You can find instructions on generating one of these in the reference panel below: [1] - Generating an API Key at the product level. 
  2. Now that we have an API key for the products, lets hit just the group endpoint with a GET request! I'll be using Postman to demonstrate this. 
    1. Open PostMan
      1. Select, GET and Enter the API endpoint url: https://[yoursite]
        1. Make note to replace "[yoursite]" with the name of your site. 
      2. In Postman, under authorization 
        1. Select Basic Auth - see [2] - Product REST API Authentication 
          1. Enter your email address in the username field
          2. Enter your API Key generated in step 1 in the password field
        2. This should be all we need for now. Go ahead and hit SEND in postman. You should get back a response body with all the groups you have access to on your site. 
          1. Nested within the response body should be the ID(s) of all the related groups. 
      3. Below, you'll find a de-identified screenshot demonstrating my Postman setup from the instructions above. GetgroupsViaRESTAPI .png

Pull Users via a group name

- Documentation:

After following the steps above, we should have gotten a list of groups with self-identifying links we can use in the response body to get a list of the users in the group: 

  1. Grab a group name from the response body, or one you already have. 
  2. Change your request URL: 
    1. from: https://[yoursite]
    2. to: https://[yoursite][groupname]/member
      1. EX:
      2. This should give you a response back containing the users that are in the Confluence groups. 


I hope this helps! Please let me know if you have any questions on the information above, or if you're getting stuck somewhere along in the process. 

- Matt




[1] - Generating an API Key at the product level.

  1. Create an API token from your Atlassian account:
  2. Log in to
  3. Click Create API token.
  4. From the dialog that appears, enter a memorable and concise Label for your token and click Create.
  5. Click Copy to clipboard, then paste the token to your script, or elsewhere to save for later
  • NOTE: once you have exited the dialog you won’t be able to view the API Key again, so make sure you store it in a safe place
  • NOTE: Never share this API key with anyone!

[2] - Product REST API authentication

Officially, basic authentication via the REST API, has been deprecated. Instead what you will need to do to authenticate is by replacing your account password in the basic auth header with the API Key generated in Reference block [1] above. 

Thank you Matt. This was useful & was able to get the list of users using group API's. 

If possible could you raise it to the documentation team to update the API documentations .  

Matte Atlassian Team Dec 08, 2022

I am glad to hear that, and happy to help! I'll bubble this up to the documentation team and see what we can do. 

- Matt

Suggest an answer

Log in or Sign up to answer

Atlassian Community Events