Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How can i set page restrictions (read, update) with Confluence Server REST API v6.3+ ?

Vincent Blain
Vincent Blain
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 22, 2017

Hi.

I previously use the deprecated method with a SOAP client to get, or add, or remove page restrictions for given groups or users. Everything seems normal until i get a risky behaviour when i add a page restrictions with a more complex vector permission, that combines both groups and users. Like this :

var vectorPermission = {
    "permission_1": {
        "type": "View",
        "groupName": "group1",
        "userName": null
    },
    "permission_2": {
        "type": "View",
        "groupName": "group2",
        "userName": null
    },
    "permission_3": {
        "type": "View",
        "groupName": null,
        "userName": "user1"
    }
};

So i choose to give up this method and use REST API approach, but i can't find a method to add, update or remove page restrictions with Confluence Server REST API. The method seems to be only exists with Confluence Cloud REST API (https://developer.atlassian.com/cloud/confluence/rest/#api-content-id-restriction-post)

And the "experimental API" approach doesn't work in Confluence 6.3+

PUT https://confluence/rest/experimental/content/<id>/restriction/byOperation/read/user?userName=billgates

 If you have an idea, tank you in advance,

Answer
Watch
Like # people like this
14259 views

3 answers

2 votes
Hasnae
Hasnae
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 28, 2017

From what I see, this feature is unfortunately not supported yet on Confluence Server.

We only support GET and PUT for /content/<id>/restriction/byOperation/<operationKey>/user

In this case PUT will update (and replace the restrictions, which is not your use case)

The experimental api does have a POST method applied to the following resource

/content/<id>/restriction and the payload is similar to what the GET method would return

* Accepts same input format as the response of GET to the same resource would return.
* <p>
* E.g.
* <div class="exampleRequests">
* <p>Example request (simplified)</p>
* <pre>{@code
* [
*   {
*     "operation": "update",
*     "restrictions":
*     {
*       "user": [
*         {
*           "type": "known",
*           "username": "admin"
*         }
*       ]
*     }
*   }
* ]
* }</pre>

To use with care, as it may change once it is promoted out of experimental.

Hope this helps 

View More Comments
gurgen2727
gurgen2727 April 25, 2018

Hi

 

is there a way now  ? I need this , please help me ? 

I need to remove all user permissions per page and only add permissions for specific users ? how to do that using REST API  ?

Like
Bill
Bill October 10, 2018

+1 for this question

 

The endpoint mentioned in the comment from @viqueen doesn't even exist in the API.

(/content/<id>/restriction/byOperation/<operationKey>/user)

 

/rest/api/content/123456789/restriction/byOperation/read/user

With a PUT, I get a 404 on this endpoint.

{
 'read' :{
   'operation': 'read',
   'restrictions': {
     'user': [
       {
         'type': 'known',
         'username': 'johndoe'
       }
      ]
    }
  }
}

How are we supposed to restrict page read access to a specific user in an automated way?

Like
fwoon
fwoon
Contributor
May 28, 2019

Since atlassian team cant be bothered to reply....let me do their job for them

url = 'https://your-confluence.com/rest/experimental/content/{id}/restriction'
headers = { "Accept": "application/json", "Content-Type": "application/json" }
payload = json.dumps( [
{
"operation": "update",
"restrictions": {
"user": [
{ "type": "known", 
"username": "<string>",
"userKey": "<string>",
"accountId": "<string>"
}],
"group": [
{
"type": "<string>",
"name": "<string>",
}]
}
}
] )

r = requests.put( url, verify=False, data=payload, headers=headers, auth=(username, passwd) )

 Take a look at https://developer.atlassian.com/cloud/confluence/rest/#api-content-id-restriction-put for reference...try to do a get permission on the page first to understand what kinda operation there is...do not use administer as the operation...that's for cloud

Like # people like this
Seiji Fujii
Seiji Fujii
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 21, 2019

This is for confluence cloud yes? I think the og answer asked for a server solution, by any means does this work for server as well as cloud?

 

EDIT: just tested it with "experimental" , works like a charm.

Like Ritika Saini likes this
Stan Ry
Stan Ry
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 15, 2020

@fwoon Thanks a ton for this sample! Could you please elaborate on how did you manage to get a clue on what should be the proper format of payload?

Why does the JSON look like:

[
 {
  "operation": "update",
  "restrictions": {
   "user": [
    { "type": "known", 
      "username": "<string>",
      "userKey": "<string>",
      "accountId": "<string>"
    }],
   "group": [
    {
     "type": "<string>",
     "name": "<string>",
    }]
  }
 }
]

How'd you managed to figure out the proper format?

Edit: Figured. You've got the valid format from the output of /rest/experimental/content/{id}/restriction

Thank you.

Like
Stan Ry
Stan Ry
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 15, 2020

Does anyone have a clue on using /rest/access/1/page/restriction/{pageId}/grant/{type:view|edit} API? This API also requires payload, but I can't figure out what should be put in payload...

Like
Matt Keenan
Matt Keenan April 28, 2021

Where did you find out about this entry point ? Is it on Cloud or Server ?

Like
zorruch
zorruch
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
April 16, 2024

example of using the experimental method:

$ cat test23_2.json | jq .
[
  {
    "operation": "read",
    "restrictions": {
      "group": [
       {
         "type": "group",
         "name": "{group_name}"
       }
      ],
      "user": [
        {
          "type": "known",
          "username": "{user}"
        }
      ]
    }
  }
]


bash:
cat test23_2.json | curl -u {user}:{password} -H "Content-Type: application/json" --data-binary @- -XPOST http://localhost/rest/experimental/content/{id}/restriction


tested on 8.5.6 (datacenter) version

Like
Reply
0 votes
Mohamed Adel
Mohamed Adel
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 2, 2021

I recommend to use Power Scripts for Confluence  , it allows you to create and configure webhooks which you can use to extend the confluence api functionality , 

 

I created a new webhook which which utilize there built-in function : 

removeUserFromContentPermission 

Reply
0 votes
Najjar _Innovura_
Najjar _Innovura_
Atlassian Partner
July 14, 2020

Holla

We launched a new app that allows you to create pages from templates and store the page under a location based on project or customfield value through Jira Workflow post-function and store the Confluence page in a Jira customfield to apply more actions like:

Workflow postfuntions

  • Update page permissions
  • Update page content
  • Update page title

Workflow conditions

  • Check if page was modified after a certain status transition
  • Check if page still has a placeholder

And so much more.

Please give it a try, I believe it would streamline alot of repeated effort on your team

Jira Confluence Workflow Extensions (JCWE) 

Give it a try I am confident you'll love it.

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.