Just a heads up: On March 24, 2025, starting at 4:30pm CDT / 19:30 UTC, the site will be undergoing scheduled maintenance for a few hours. During this time, the site might be unavailable for a short while. Thanks for your patience.

×
Create
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Evaluating (overthinking) restricted pages vs. a different wiki space for secret stuff

Michelle Rau HP
Michelle Rau HP
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 22, 2020

I need to evaluate the pros and cons of different methods of managing access to certain content. I'm sure I'm way overthinking this but if there are additional factors I haven't considered please chime in.

The content is "advanced" but not sensitive or super-secret. It could confuse an average user of our wiki space so we'd like to limit it to a certain group of power users.

The two main options are,

  • using a separate branch of restricted pages
  • a different wiki space.

The first option keeps everything in the same space, which is good. We'd have to maintain a user group with access to the content, which is fine. I'd want to grant several others admin permissions to help with that. However, we're concerned that contributors might feel inhibited by the unlikely possibility that a permissions glitch could inadvertently expose details. And I believe (but am not certain) that if restricted pages are listed out in say a content by label macro, or search results, they wouldn't appear in the listing to someone who couldn't see those pages, is that correct? We don't want people to find inaccessible pages and try to click through to them.

The second option has greater confidence that complicated stuff stays less accessible, but there is the overhead of maintaining a second space, which is less desirable. It would be in the same instance, though.

Are there other factors I should consider? If you've made a choice like this, how did you decide?

Answer
Watch
Like Be the first to like this
779 views

4 answers

0 votes
Stephany
Stephany May 26, 2020

@Michelle Rau HP , we use different spaces for content with different permissions. 

Procedures that are shared between teams are put into 'public' spaces and procedures that are only applicable to one team are put into their teams' space. This makes permissions much easier to handle. 

Reply
0 votes
Victor Prasad
Victor Prasad
Contributor
May 20, 2020

Page restrictions are only useful when you have a solid space admin and you understand your audience.

ie.  page restrictions allow you to add anyone to the restricted page, but if they are not a member of the space, it won't work.

For the most part - I tell people to avoid them unless really needed.

My $0.02

Reply
0 votes
Davin Studer
Davin Studer
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 23, 2020

Pages that you do not have access to via lacking permissions or restrictions will not show up in search/macro results.

My two cents would be to use a different space. I have found that managing page restrictions within a space can get hairy ... especially when restrictions get put on pages that are multiple levels deep in the hierarchy. I find it simpler to have another space.

Reply
0 votes
Andreas Purde
Andreas Purde
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 22, 2020

Dear Michelle,

in my company we are using both options without any problems.

Confluence itself would most likely not leak any information even when using macros. However you have to be careful with apps as Confluence allows apps to access all information and it’s up to app to respect access permissions. This risk applies for both of your options in the same way - evaluate apps carefully.

I hope that helps.

kind regards 

Andreas

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
atlassian, atlassian government cloud, fedramp, webinar, register for webinar, atlassian cloud webinar, fedramp moderate offering, work faster with cloud

Unlocking the future with Atlassian Government Cloud ☁️

Atlassian Government Cloud has achieved FedRAMP Authorization at the Moderate level! Join our webinar to learn how you can accelerate mission success and move work forward faster in cloud, all while ensuring your critical data is secure.

Register Now
AUG Leaders

Upcoming Confluence Events