We are developing a web tool which uses Jira Service Desk Cloud and Confluence Cloud to provide support. This web tool uses single sign-on and we only intend to publish the links to the support sites within the web tool, so that only client users can access the link to the support sites. 

We currently have Jira Service Desk and Confluence permissions set so that users do not have to create a log-in to raise a ticket, and anyone can view Confluence articles - for ease of use for the client users It seems that with these settings it is possible our knowledge base articles may appear in search engine results like Google. We believe this may pose a security risk as anyone could access the links, as well as an IP risk. 

If we lock down permissions to protect IP, it means individual users would have to make an account or we would have to grant them specific access. This is not something we want to do as there will be thousands of users.

It would be great if we could keep the permissions open for ease of use but have the link to the support sites only open if you were redirected from our web tool. Is this possible?

Any advice on how to set up the support sites for ease of access while also maintaining security would be much appreciated.