This content applies to the legacy editor and the new editor.
Even in a shared space, you may have a page or blog that you're not ready to share with everyone yet. Or perhaps you have some confidential content that's only meant for a few eyes. Whatever the reason, Confluence lets you set view and edit restrictions at the page level, so you can keep your content as open, or closed, as you need.
Add and remove restrictions
You can add, remove, or change restrictions when you view or edit a page.
- Choose the Restrictions icon at the top of the page to open up the Restrictions dialog.
- From here you can choose Editing restricted, or Viewing and editing restricted.
If you already have restrictions on the page and want to remove them, choose No restrictions instead.
- Add users or groups to the list, or Remove them to take them off.
- When you're done, hit Apply.
- Restrict both individual users and groups: apply the same restriction to multiple people and groups at once.
- Keep track of inherited restrictions: view permissions are inherited, so if a parent page has view restrictions on it, each of its child pages will too. We'll let you know if this is the case, and you can click through to see what page the restrictions are on.
Edit restrictions are not inherited.
- Have different restrictions for each user or group: choose exactly what each group or person can do.
Some other things to keep in mind:
- Confluence groups: Instead of applying restrictions to individuals, use Confluence groups to save on typing out individual names.
- Additive permissions: Confluence permissions are additive. That is, if someone is in two Confluence groups, and one has permission to see a page while the other does not, that person will still be able to see the page.
- Anonymous access: You can make certain spaces, or even your whole site, available to the public - which means they don't need to log in to access your content. You can choose what level of permissions you'd like to grant these users.
- Mentioning users: If a user doesn't belong to the page's restrictions, they won't receive a notification in the scenario where they are @ mentioned in the restricted page. It will be necessary to add this user to the page's restrictions or remove them completely from the page.
View page restrictions
The restrictions icon at the top of the page gives you a clue that the page has restrictions:
|Viewing this page is not restricted (but editing may be).|
|This page has view and edit restrictions. Click on the icon to see who can view and edit.|
|This page has inherited restrictions from another page.|
How restricted are restrictions?
If your page has view restrictions, it won't display in either the page tree or in any macros, to people who don't have permission to view it.
For the most part, unless someone else has specifically been given a link to your page, they won't know it exists.
- If someone has shared a link to a restricted page, or linked to it on another page, the link will have the title of the page as part of the URL. However, they won't be able to tell anything else about the page, including who created it, who has permissions, or when it was updated.
- Space admins can see and change the restrictions on any content within their space.
- Site admins can see and change the restrictions on any content within their site.
Request and grant permissions
Ask for permission
If you try to view or edit a page that you don't have permission to, you'll see a modal that lets you request that permission. We'll notify you if you're granted permission.
If someone asks permission to view or edit a restricted page, we'll email whoever is in the best position to grant permission. Our first choice is the page creator. If the page creator is unable to grant permission (if their account is deactivated or if their page access has been revoked), then we’ll send the email to the last person who updated the page. If no page creators or editors are able to grant permission, then we’ll send the email to a space admin instead.
If you receive a permission request, you can choose to grant it, deny it, or ignore the email. That person may ask again, but we don't require a response from you if you don't wish to give one.
How do permissions all fit together?
Every organization has different needs, so Confluence lets you customize permissions at the site, space, and page level so that they're just right for you.
Here's a quick rundown of how it all works:
- Open by default: Confluence is open by default, so it won't have any restrictions unless you add them.
- Global: Your site admin sets this. Global permissions choose what a person can do on your entire site, but only deal with site level actions like whether you can create a space.
- Space: Set by the space admin, this decides what each user can do in that space.
- Page: Anyone with restrict permissions can add restrictions to pages, although you cannot restrict yourself.
Space permissions are granted at the space level, whereas page restrictions are designed to take away said permissions.
If there are no space permissions to take away, then page restrictions do nothing.
If there are no page restrictions but you still can't view or edit, it's because you don't have the necessary space permissions.
For space admins
View all restricted pages in a space
To view restricted pages:
Go to the space and choose Space settings > Permissions from the bottom of the sidebar
- Choose Restricted Pages. From here, you can click on the Restrictions icon to remove the restrictions.