Just a heads up: On March 24, 2025, starting at 4:30pm CDT / 19:30 UTC, the site will be undergoing scheduled maintenance for a few hours. During this time, the site might be unavailable for a short while. Thanks for your patience.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to enable access to a page without enabling access to everything in the space?

Maggie Stearns
Maggie Stearns
Contributor
August 10, 2020

All of my users access Confluence by being in a group: confluence-users

Almost all spaces have the confluence-users group added to their permissions by default.

I have a new group called: outside-users

I want outside-users to access a page in one of the spaces but not anything else in that space.

I tested modifying the restrictions on that page to add the outside-users group, but they can't see the space, so therefore they can't see anything in it.

I know that I could probably add confluence-users and outside-users to the space and then restrict each page to list confluence-users and then add outside-users to the restrictions to that one page, but that is a lot of work and I don't want to have to do that for new pages also.

Any ideas? Thanks in advance!

 

Answer
Watch
Like Be the first to like this
668 views

1 answer

1 accepted

1 vote
Answer accepted
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 10, 2020

You have to grant access to the space for people to be able to see the pages within it.

I'm afraid your "I know that I could probably add confluence-users and outside-users to the space and then restrict each page to list confluence-users and then add outside-users to the restrictions to that one page" is not far off what you need to do.

The most simple structural example that I've used to do this uses three groups:

  • confluence-users (can log in, but may not get any further access to any spaces just because they can log in)
  • internal-users (your people)
  • outside-users  (not your people, but you're sharing with them)

 

Space (with permissions for internal-users and outside-users to see it)
+ Page: Internal
+-- A page
+-- Another page+ Page: Outside
+-- Yet more 
+---- lower+---- another lower page
+-- Yet another page

You've granted access for both groups to use everything in that example, but now add a "restriction" to "Page: Internal" that says "only internal-users can see this page".  That will cascade, so you only have to do it once.  Outside users will not see any of the tree starting at Page: Internal.

Note that edit rights are the same on the space, but not on restrictions, those do not cascade.

View More Comments
Maggie Stearns
Maggie Stearns
Contributor
August 10, 2020

Thank you for your reply.

Do you need to define 3 groups for that model?

Are you saying that you can make it easier to restrict each page (less manual) if you group them all under pages where they can inherit the correct restrictions? I'm not sure I can rely on the community to group under parent's with the correct permissions. 

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 10, 2020

>Do you need to define 3 groups for that model?

Strictly, no.  Only two.  You could skip the "confluence-users" completely, and just allow "internal-users" and "outside-users" groups to be the only login groups.

But, yes, if you get the view access right with your two differentiating groups right, there should be no (technical) issues with named people in groups having what you want them to see.

Like
Thomas Bowskill
Thomas Bowskill
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 10, 2020

@Maggie Stearns building on what @Nic Brough -Adaptavist- has said, you could consider creating a space designed to be visible to outside users if you don't fancy running the risk of people miss-filing pages under the page visible to "outside-users".

If have a space that explicitly states it's for Outside user access then you massively reduce the risk of miss-filing. What you would need to do is address:

"I want outside-users to access a page in one of the spaces but not anything else in that space."

What you could do here is use the Include Page macro to show the page in your "internal-users" space. So you'd create a space that "internal-users" and "outside-users" can see, and move your existing page to this one. Then, on your "internal-users" page you can create a page that contains the Include Page on it, which will load the entire contents of the selected page. If someone ever went to edit the internal-users page, they'd see the include page macro & would be able to navigate to the actual page they want to edit.

^ I've got a few examples of this in my Confluence. That's how I solved for a similar requirement to what you had.

 

Or, you could be a bit more simplistic within your space and create the 'root' pages of "INTERNAL ONLY" and EXTERNAL CONTENT" so you reduce people mistakenly filing (although the bigger your space gets, the less effective this becomes, as the page tree gets large).

Like
Maggie Stearns
Maggie Stearns
Contributor
August 11, 2020

Thank you. This is also helpful!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
DEPLOYMENT TYPE
SERVER
VERSION
7.4.0
TAGS
AUG Leaders

Atlassian Community Events

    See all events