Considering Confluence Cloud?
Get the high-level details of Confluence Cloud and available features by plan.
What can guests see and do in Confluence?
Not all teamwork happens inside the (sometimes virtual) walls of a single organization. Sometimes you need to partner with other companies to build integrations, work with agencies to bring marketing campaigns to life, bring in contractors and consultants to help get big projects over the line, and so on.
With single space guests, you can do all of that work without leaving Confluence.
For instructions on how to get guests set up, see Invite guests to Confluence.
If you’re looking for help getting guests assigned to a space so that they can start collaborating in Confluence, see Assign space access to guests.
What can guests do in Confluence?
Guests are a different type of user than a regular Confluence user — they can only have access to one space at a time (assigned by an admin) and that access has certain limitations.
Guests can also access any space allowing anonymous access
In addition to a guest’s single space, they will have access to any space that allows anonymous users to access it.
This applies even if anonymous users are restricted from accessing Confluence in global permissions.
Manage guests with added security
When bringing guests into Confluence, there’s always tension between the value of that collaboration and having clear and confident control over what areas of Confluence and what data guests should access to.
With Atlassian’s external user security features, you can sleep well at night. These include:
Two-step verification
Periodic re-verification
Reviewing external users before changing security settings
API token access
Learn more about external user security
Guests have different default space permissions
By default, guests will have the following space permission settings.
Space admins can grant guests all space permissions except the following:
Space admin
Export space
Restrictions
For more information on what those permissions control, see Assign space permissions.
Guests have limited access to internal user info
Confluence blocks guests' access to the people directory, which contains Confluence-wide user information.
Functions that query the people directory of the entire instance include:
@ mentions
the Teams tab in the top nav bar
user search
user pickers
These are systemically blocked for all guests.
Apps
Guests are restricted from using Confluence’s system apps, including:
Confluence analytics
Space analytics
Team calendars
Confluence Questions
Guests can, however, interact with page analytics.
Guests can’t add or manage any apps.
Marketplace apps
Just as guests have free access to Confluence, so will they have free access to all Marketplace apps you’re using on Confluence.
If Marketplace app developers want to, they can block guests from accessing their apps. Learn how
Many Marketplace apps are not provided by Atlassian. Learn more about how guests interact with third-party apps below.
Third-party apps
If a third-party app used by your organization is enabled in any spaces or on any pages that guests have access to, then those guests will be able to interact with it.
Your organization is responsible for the information shared with Marketplace apps and what access guests would have to this information within the apps.
Guest limitations override JSM unlicensed access
It is Confluence’s policy that guests in Confluence can only access one space. This supersedes any unlicensed access that JSM users have to associated knowledge base spaces in Confluence.
This means that JSM users could lose access to knowledge base spaces in Confluence if they’re also added as a guest in that instance.
To avoid this, you can:
Upgrade the guest to a licensed user
Make sure the guest has access to the knowledge base space
Make the knowledge base space public (allow anonymous access)
Host knowledge base content in a separate Confluence instance from where the guest needs to collaborate
How guests are identified in Confluence
Guests have limited access in Confluence, but it’s important that you and your internal teams clearly understand who may be external to your organization (guests) and where they have access.
This is critical awareness to have so that the wrong information isn’t shared with the wrong people.
To help you know who is a guest and where they have access, Confluence employs a number of markers in the UI.
Individuals
Individual users who are guests will be identified with a GUEST label next to their name wherever they appear in the UI, whether they’ve left a comment or you’re searching for people in any of Confluence’s user pickers.
Spaces
Any spaces where guests have access will be called out with a combination of persistent content in the UI and helpful in-product messages. You’ll be reminded there are guests present during key high security interactions, such as moving or copying content, updating content restrictions, and publishing new or updated content.
Space admins will be notified via email whenever a guest has been given access to their space. They can turn this setting off to stop receiving these email notifications in email settings of their profile.
Confluence admins can see all guests who have access by looking in the Global permissions > Guest access tab.
Space admins can see all guests that have access to their space by selecting Space settings from the sidebar > Guests.
Was this helpful?