Difference between Atlassian permissions and confluence permissions
Hello,
I am reaching out because we are setting up our confluence and had a few questions.
Attached are two screenshots below:
The first screenshot is a screenshot of someones account and I have selected roles to view their access. You can see there are 3 roles, Basic, Trusted, and Site Admin. How do these relate to permissions on Confluence as this is from Atlassian.
As you can see in the second screenshot, this is a screenshot of the global permissions. How do these these permissions relate to the role/permissions in Atlassian? I can see different groups in this, including trusted users, site admins, admins, and the specific team groups we created. How do I delete one of these groups? And why do not all of these groups show up in Atlassian (in individual profiles like the first screenshot).
How are global permissions on confluence related to specific profile permissions on Atlassian?
I hope this made sense, let me know.
2 answers
Oh okay. Thank you @Esther Strom
Currently I have the confluence-users group as the default one and still new users don't have access to Confluence. In the other hand, jira-software-users is another default group and it works fine for new users (they have access to Jira automatically)
Right now, the process to give them access is:
New user logs in, automatically has access to Jira, then I have to go to the admin page, turn on the Confluence switch (pic) and only then the user is added to confluence-users group.
I'm still not sure what I have to do to avoid the last step.
@matt.hoch Welcome to the Community!
The first shot you provided is a user's instance-level permissions. The roles you're referring to (Trusted/Basic/Site Admin) determines if a user is "just" a user, or if they have a limited set of admin permissions to your entire site (including all of your products - Confluence, but also Jira if you have it.) Someone with Trusted permissions can do things that affect your bill - i.e. invite new users, add new Atlassian products, install plugins, etc, but don't have full organization admin rights (they can't change your billing contacts, change other users' access, etc.) See point 5 on this documentation page. This user profile is also where you determine which products your user has access to - Jira, Confluence, OpsGenie, Jira Service Management (limited, of course, to the products your company actually owns.)
The second image is your product-level group management. Assuming the user in the first shot has access to Confluence at all (which it doesn't look like they do, as the toggles for the individual products are both off), you'd be able to add the user to any of the groups you see in the Confluence global permissions page by clicking Add to Group button on the user profile:
You can then use those groups to provide even more granular access in Confluence, by limiting space permissions based on groups, for example. You have the options available on the Global Permissions page, so for example, members of the Finance group have access to create personal spaces, but not shared spaces.
You can also, at an individual space's level, set additional permissions using those groups (as well as individual users).
To delete a group (assuming you have access to do so), go to Groups in the Confluence admin sidebar:
From the list of groups, click through to the group you want to delete, then click Delete Group:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.