Feedback Request Confluence Public Links

Hi folks!
I’m a Product Manager for Confluence Permissions, working on the Public Links feature. 

Public links allow Confluence users to generate a URL to share a view-only version of any Confluence page to anyone on the internet with the link.

We had released the feature to some customers in 2021. Since then we have received some great insights on feature enhancements that are underway. Now we are looking to improve the feature specifically informed by your needs, knowing how important trust and security are for you!

Help shape our feature:
Is this something you would use in your organization? What are the basic must-have security controls that would give you confidence in using the Public Links feature?

 

Update on August 07, 2023:

Check out our latest update here on Confluence public links!

13 comments

Comment

Log in or Sign up to comment
Jared Pittman March 17, 2023

Basic must-have controls: the ability to turn public link creation off globally, as well as per space. Especially for customers utilizing a HIPAA-compliant configuration.

Like # people like this
Michael Corvin March 17, 2023

Totally irrelevant to us.

Meanwhile, Atlassian has failed to restore essential functionality that is relevant to us.

Like Nidhi Raj likes this
Nidhi Raj
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 17, 2023

Thank you for your input! We're actively noting your feedback, so do keep them coming! 

Jeff Yantha March 22, 2023

First off I would like to +1 to what @Jared Pittman noted about including a way to disable the feature globally, and on a per space case.  We would also need a visual aid on the page to notify users that this page is publicly available, especially in cases where the space is normally private. 

I would go a step further and include the option for a pop-up on editing to page that ensures users understand that this page is currently shared publicly.  If businesses don't feel confident that users will know which pages are public, then they are likely to default to the feature above and just disable it.

Like Nidhi Raj likes this
Jeff Yantha March 28, 2023

Additionally, it would be good if we could control permissions within the space using the existing permissions grip to enable or disable the ability to create public links of a group by group basis.

Regarding existing links, it would be very useful to be able to list them centrally, so that Administrators or managers can review them from as needed, and centrally remove them as needed, rather than needing to hunt through the entire wiki to find old public links.

As a bonus feature it could also be useful to be able to temporarily make a public link like SharePoint does, and have it end after a set period of time, which would essentially automate the above process of cleaning up old links.

Like Nidhi Raj likes this
Nidhi Raj
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 5, 2023

Thank you for sharing your thoughts Jeff! 

Eric Mumpton May 24, 2023

I have yet to work with the Public Links feature but find it intriguing and will be seeing what it does and how far I can extend it's use.

An enhancement that would really be exciting is a Private (Share) Link.   Very prevalent in collaboration system sharing.   Maybe that is doable by taking the Public Link and presenting the content in an access controled web page?

Eric M.

Syracuse University

Like # people like this
Ronhit Neema June 1, 2023

I don't have direct access to user insights or specific organizational needs. However, I can provide some general considerations and suggestions regarding the use of the Public Links feature in Confluence and the security controls that might be important for organizations.

Usage in Organizations:
1. Public links can be valuable in organizations when there is a need to share view-only versions of Confluence pages with external stakeholders, such as clients, vendors, or contractors.
2. It allows for efficient collaboration without the need for users to have a Confluence account or occupy additional seats.
Must-Have Security Controls:
To ensure trust and security while using the Public Links feature, consider the following controls:
1. Access Control: Organizations may require granular control over who can generate and access public links. This control can include options to limit link generation to specific user groups or roles and restrict access based on predefined permissions.

2. Expiration and Revocation: The ability to set an expiration date for public links can be crucial. Additionally, providing the option to revoke public links before the expiration date, either manually or automatically, can enhance security.

3. Password Protection: Adding an optional password requirement for accessing shared pages through public links can provide an extra layer of security. This way, only individuals with the password can view the content.

It's important to conduct user research, collect feedback from organizations using the Public Links feature, and understand their specific security requirements and concerns. This will allow you to prioritize enhancements and tailor the feature to better meet the needs of different organizations.

Ronhit Neema
MSCS at Northeastern University, Boston

Like # people like this
Shari Barchus June 15, 2023

I would actually like something similar but through a JSM portal. So instead of the pop-up boxes displaying content from a Confluence KB article, allow the JSM customer to view the article or even download a pdf version of the article. Thank you Nidhi for asking for comments!

Like Nidhi Raj likes this
Mohit Banthia June 23, 2023

Even though we want a way to allow read only access to some pages without increasing additional license cost, the current 'public link' feature does not meet our need.

We don't want it to be available to everyone on Internet. Therefore, we need some other mechanism where we can share the link with those with whom we want to share without incurring license cost.

In current form this feature violates many of our internal data security policies (derived from EU GDPR) and users are unable to use it.

Like # people like this
Yana Maletska July 5, 2023

Hey @Nidhi Raj , thats a great feature which I would like to try as a Beta user for our company. 

Besides, a handful numbers of companies are migrating to Cloud products, Compliance topic is still hot and no plans for ITAR on your roadmaps. To be effective with costs, would be great to have a possibility to allow public links space by space, as a human mistake with public page for regulated environment will be too pricey.  

Like # people like this
Nidhi Raj
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 2, 2023

Thank you all for weighing in here! Exciting to get validation for a lot of what we have already built. As you can see on our Cloud roadmap, we're getting ready with the final enhancements to this feature. Eager to see you all engage with it once we release the feature later this year! :) 

Nidhi Raj
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 7, 2023
Like Jared Pittman likes this
TAGS
AUG Leaders

Atlassian Community Events