Add restrictions to automation components
Configure site-level controls on your automation components, to restrict how they can be used. For example, you could restrict the Send email action so that automation rules can only send emails to specific domains. This helps you ensure that your teams' automation rules aren’t sending data to unauthorized external parties.
Before you begin
This feature is only available on the Enterprise plan.
You must be a global admin in either Jira or Confluence to add restrictions to automation components. To learn more:
Add restrictions to a component
Navigate to Global automation
For Confluence automation, go to Confluence settings > Automation
For Jira automation, go to Jira settings > System > Global automation
Select … > Configure components
Select Configure for the action you want to add restrictions to.
Components that can be restricted
Automation Component | How the allowlist works |
---|---|
Send Email | Restrict to specific email domains (e.g. @example.com, @example.com.au). You can also add specific email addresses (e.g. design@example.com). |
Send Web request | Restrict to specific URLs (e.g exampleservice.com) |
Send Slack message | Restrict to Slack instances (e.g. example.slack.com/archive…) |
Send Teams message | Restrict to Teams instances (e.g. teams.microsoft.com….) |
Send Twilio notification | Restrict to specific phone numbers (e.g. 415-2739164) |
Things to remember
Allowlists can’t be empty: This means that if you enable an allowlist for an action, it must contain at least one entry.
Configurations aren’t shared across products: For example, if you have an allowlist for the Send email action in Jira automation, it won’t apply to the Send email action in Confluence automation rules.
Was this helpful?