• Products
  • Documentation
  • Resources

What can guests see and do in Confluence?

Not all teamwork happens inside the (sometimes virtual) walls of a single organization. Sometimes you need to partner with other companies to build integrations, work with agencies to bring marketing campaigns to life, bring in contractors and consultants to help get big projects over the line, and so on.

With single space guests, you can do all of that work without leaving Confluence.

For instructions on how to get guests set up, see Invite guests to Confluence.

If you’re looking for help getting guests assigned to a space so that they can start collaborating in Confluence, see Assign space access to guests.

What can guests do in Confluence?

Guests are a different type of user than a regular Confluence user — they can only have access to one space at a time (assigned by an admin) and that access has certain limitations.

Guests can also access any space allowing anonymous access

In addition to a guest’s single space, they will have access to any space that allows anonymous users to access it.

This applies even if anonymous users are restricted from accessing Confluence in global permissions.

Manage guests with added security

When bringing guests into Confluence, there’s always tension between the value of that collaboration and having clear and confident control over what areas of Confluence and what data guests should access to.

With Atlassian’s external user security features, you can sleep well at night. These include:

  • Two-step verification

  • Periodic re-verification

  • Reviewing external users before changing security settings

  • API token access

Learn more about external user security

Guests have different default space permissions

By default, guests will have the following space permission settings.

Screenshot shows that guests are only granted view page, add page, comment, and add attachment space permissions by default.

Space admins can grant guests all space permissions except the following:

  • Space admin

  • Export space

  • Restrictions

For more information on what those permissions control, see Assign space permissions.

Guests have limited access to internal user info

Confluence blocks guests' access to the people directory, which contains Confluence-wide user information.

Functions that query the people directory of the entire instance include:

  • @ mentions

  • the Teams tab in the top nav bar

  • user search

  • user pickers

These are systemically blocked for all guests.


Guests are restricted from using Confluence’s system apps, including:

  • Confluence analytics

  • Space analytics

  • Team calendars

  • Confluence Questions

Guests can, however, interact with page analytics.

Guests can’t add or manage any apps.

Marketplace apps

Just as guests have free access to Confluence, so will they have free access to all Marketplace apps you’re using on Confluence.

If Marketplace app developers want to, they can block guests from accessing their apps. Learn how

Many Marketplace apps are not provided by Atlassian. Learn more about how guests interact with third-party apps below.

Third-party apps

If a third-party app used by your organization is enabled in any spaces or on any pages that guests have access to, then those guests will be able to interact with it.

Your organization is responsible for the information shared with Marketplace apps and what access guests would have to this information within the apps.

Guest limitations override JSM unlicensed access

It is Confluence’s policy that guests in Confluence can only access one space. This supersedes any unlicensed access that JSM users have to associated knowledge base spaces in Confluence.

This means that JSM users could lose access to knowledge base spaces in Confluence if they’re also added as a guest in that instance.

To avoid this, you can:

  • Upgrade the guest to a licensed user

  • Make sure the guest has access to the knowledge base space

  • Make the knowledge base space public (allow anonymous access)

  • Host knowledge base content in a separate Confluence instance from where the guest needs to collaborate

How guests are identified in Confluence

Guests have limited access in Confluence, but it’s important that you and your internal teams clearly understand who may be external to your organization (guests) and where they have access.

This is critical awareness to have so that the wrong information isn’t shared with the wrong people.

To help you know who is a guest and where they have access, Confluence employs a number of markers in the UI.


Individual users who are guests will be identified with a GUEST label next to their name wherever they appear in the UI, whether they’ve left a comment or you’re searching for people in any of Confluence’s user pickers.

Any spaces where guests have access will be called out with a combination of persistent content in the UI and helpful in-product messages. You’ll be reminded there are guests present during key high security interactions, such as moving or copying content, updating content restrictions, and publishing new or updated content.

Space admins will be notified via email whenever a guest has been given access to their space. They can turn this setting off to stop receiving these email notifications in email settings of their profile.

Confluence admins can see all guests who have access by looking in the Global permissions > Guest access tab.

Space admins can see all guests that have access to their space by selecting Space settings from the sidebar > Guests.

Still need help?

The Atlassian Community is here for you.