Add restrictions to automation components

Configure site-level controls on your automation components, to restrict how they can be used. For example, you could restrict the Send email action so that automation rules can only send emails to specific domains. This helps you ensure that your teams' automation rules aren’t sending data to unauthorized external parties.

Before you begin

Add restrictions to a component

  1. Navigate to Global automation

    • For Confluence automation, go to Confluence settings > Automation

    • For Jira automation, go to Jira settings > System > Global automation

  2. Select > Configure components

  3. Select Configure for the action you want to add restrictions to.

Components that can be restricted

Automation Component

How the allowlist works

Send Email

Restrict to specific email domains (e.g., You can also add specific email addresses (e.g.

Send Web request

Restrict to specific URLs (e.g

Send Slack message

Restrict to Slack instances (e.g.…)

Send Teams message

Restrict to Teams instances (e.g.….)

Send Twilio notification

Restrict to specific phone numbers (e.g. 415-2739164)

Things to remember

  • Allowlists can’t be empty: This means that if you enable an allowlist for an action, it must contain at least one entry.

  • Configurations aren’t shared across products: For example, if you have an allowlist for the Send email action in Jira automation, it won’t apply to the Send email action in Confluence automation rules.

Still need help?

The Atlassian Community is here for you.