Hi Marc,

Thank you for the quick reply.

For your guide:
Service Portal Knowledge base access

Confluence Knowledge base access

This is what you are referring to?
From my knowledge and the articles available, this should be correct.
I'm also quite sure it worked after our migration a few weeks ago.

Hi @Jesper 

Is you Confluence global permission also enabled for anonymous access, as this is required based on the option you have set?

Global Permission setting in Confluence, that should be enabled: "Use Confluence" (I don't)

I never use this setup. I always use the second option, to not have my whole Confluence to be set anonymous accessible.

Global Permission setting in Confluence

Hi @Marc - Devoteam ,

Just for my understanding, does your Confluence require a user to log in to access any space/page? Or am I misunderstanding?

We have a single space that is open to the public, the reset is log-in required.
So indeed, I do have it set so Anonymous Users can use Confluence.

And the space works, they can access it and browse it - they just can't search if they are logged in to the Service Portal. 
To me, it seems like Atlassian keeps our customers logged in and gets confused over permissions.

Hi @Jesper 

I think you've done some good research there, and managed to find mostly the right stuff, but you have run into problems with it. As hefty chunk of it is out of date.

Another is a peculiar quirk that few people mention in the docs.

There are five things that can determine if a person can see a page in Confluence:

• Page restrictions can hide things, let's keep it simple and assume you are not using these (they'd break the reason for a knowledge base in general anyway, although some use them for simple  "publish this to the KB" process flows)
• When Confluence knows who you are - you have logged into something and it can identify an account for you. 
  
  These are:
  • You are a Confluence user named for space access.  You can see all pages in the space and any type of space you are let into.
  • You are in a group in Confluence named for space access.  Same as Confluence user.
  • You are a Jira Service Desk/Management Customer (not a Jira user, specifically a customer).  You can only see pages in the knowledge base(s) linked to the portal(s) you are a customer for in JSM, via the portal.  And you can not see non-KB spaces.
    
    
• When Confluence does not know who you are - this is "anonymous" access because you have not logged in

Note that I have emphasised that Confluence knows who you are, or it does not.  This simplifies it down to 

• I am a Confluence user (single or group): potentially seeing everything
• I am a Customer: seeing only KB articles
• I am anonymous: seeing only spaces with anonymous access enabled

Now, that all seems quite sensible, but there is a big quirk in it. 

Anonymous really does mean anonymous.  It does not mean "everyone", it means "if I do not know who you are".  If you log in, as a user, or a customer, you are no longer anonymous, so the rule for access changes!

Hi @Marc - Devoteam ,

I want to say I fully understand you, but at the same time, I want to double check :) 

I want to make clear, that none of our customers log in to Confluence.
You can see the problem in the GIF below.

1. Customer isn't logged into Service Portal, and can search in Confluence.

2. Customer logs into the Service Portal and now can't search within Confluence

3. Customer logs out of Service Portal and can search within Confluence again.

And if you look in the top right corner, at no point is the Customer logged into Confluence. 
So one would expect them to be anonymous users, right? 

Just to follow up, being unable to search as shown in the GIF above - is that normal behavior, and how Confluence should work if a customer is logged into the service portal?

Hi @Jesper 

Yes.

As the user is logged in, the user is not anonymous anymore.

Customers are registered in your cloud instance, so when logged in they are not considered as anonymous users.

So checked with Atlassian, and this is apparently a bug: [CONFCLOUD-76377] Confluence Search doesn't work in spaces open to Anonymous Access while authenticated as JSM portal-only customer accounts - Create and track feature requests for Atlassian products.