Rate this page:
Basic authentication is not as secure as other methods. We recommend using it for scripts and manual calls to the REST APIs. Otherwise, consider building an app:
Confluence's REST API is protected by the same restrictions which are provided via Confluence's standard web interface. This means that if you do not log in, you are accessing Confluence anonymously. Furthermore, if you log in and do not have permission to view something in Confluence, you will not be able to view it using the Confluence REST API either.
In most cases, the first step in using the Confluence REST API is to authenticate a user account with your Confluence site. Any authentication that works against Confluence will work against the REST API. On this page we will show you a simple example of basic authentication.
Most client software provides a simple mechanism for supplying a user name (the Atlassian account email) and password (the API token) and will build the required authentication headers automatically. For example, you can specify the argument with cURL as follows:
curl -D- \ -u <email@example.com>:<your_user_api_token> \ -X GET \ -H "Content-Type: application/json" \ https://<your-domain.atlassian.net>/wiki/rest/api/space
The above cURL command will not work as shown. You need to replace , , and with your user and instance information before running it in the terminal.
You can use Postman to make calls to the Confluence Cloud REST APIs. Check it out: Confluence Cloud REST API.
You can construct and send basic auth headers yourself, including a base64-encoded string that contains your Atlassian account email and API token.
To use basic auth headers, perform the following steps:
curl -D- \ -X GET \ -H "Authorization: Basic <your_encoded_string>" \ -H "Content-Type: application/json" \ "https://<your-domain.atlassian.net>/wiki/rest/api/space"
The above cURL command will not work as shown. You need to replace and with your authorization credentials encoded string and instance information before running it in the terminal.
Because Confluence permits a default level of access to anonymous users, it does not supply a typical authentication challenge. Some HTTP client software expect to receive an authentication challenge before they will send an authorization header. This means that Confluence may not behave as your HTTP client software expects. In this case, you may need to configure it to supply the authorization header, as described above, rather than relying on its default mechanism.
Rate this page: