Confluence Cloud Developer

Confluence Cloud Developer

Rate this page:

Content restrictions

Get restrictions

GET /wiki/rest/api/content/{id}/restriction

Returns the restrictions on a piece of content.

Permissions required: Permission to view the content.

App scope requiredREAD

OAuth scopes required
read:confluence-content.all

Request

Path parameters
id Required

string

The ID of the content to be queried for its restrictions.

Query parameters
expand

Array<string>

A multi-value parameter indicating which properties of the content restrictions to expand. By default, the following objects are expanded: restrictions.user, restrictions.group.

  • restrictions.user returns the piece of content that the restrictions are applied to.
  • restrictions.group returns the piece of content that the restrictions are applied to.
  • content returns the piece of content that the restrictions are applied to.
Style: form

Valid values: restrictions.user, restrictions.group, content

start

integer

The starting index of the users and groups in the returned restrictions.

Default: 0, Minimum: 0, Format: int32
limit

integer

The maximum number of users and the maximum number of groups, in the returned restrictions, to return per page. Note, this may be restricted by fixed system limits.

Default: 100, Minimum: 0, Format: int32

Example

1
2
3
curl --request GET \
  --url 'https://your-domain.atlassian.net/wiki/rest/api/content/{id}/restriction' \
  --header 'Accept: application/json'

Responses

Returned if the requested restrictions are returned.

Content typeValue
application/json

ContentRestrictionArray

Update restrictions

PUT /wiki/rest/api/content/{id}/restriction

Updates restrictions for a piece of content. This removes the existing restrictions and replaces them with the restrictions in the request.

Permissions required: Permission to edit the content.

App scope requiredWRITE

OAuth scopes required
write:confluence-content

Request

Path parameters
id Required

string

The ID of the content to update restrictions for.

Query parameters
expand

Array<string>

A multi-value parameter indicating which properties of the content restrictions (returned in response) to expand.

  • restrictions.user returns the piece of content that the restrictions are applied to. Expanded by default.
  • restrictions.group returns the piece of content that the restrictions are applied to. Expanded by default.
  • content returns the piece of content that the restrictions are applied to.
Style: form

Valid values: restrictions.user, restrictions.group, content

Body parameters
Content typeValue
application/json

Array<ContentRestrictionUpdate>

Example

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
curl --request PUT \
  --url 'https://your-domain.atlassian.net/wiki/rest/api/content/{id}/restriction' \
  --header 'Accept: application/json' \
  --header 'Content-Type: application/json' \
  --data '[
  {
    "operation": "administer",
    "restrictions": {
      "user": [
        {
          "type": "known",
          "username": "<string>",
          "userKey": "<string>",
          "accountId": "<string>"
        }
      ],
      "group": [
        {
          "type": "group",
          "name": "<string>"
        }
      ]
    }
  }
]'

Responses

Returned if the requested restrictions are updated.

Content typeValue
application/json

ContentRestrictionArray

Add restrictions

POST /wiki/rest/api/content/{id}/restriction

Adds restrictions to a piece of content. Note, this does not change any existing restrictions on the content.

Permissions required: Permission to edit the content.

App scope requiredWRITE

OAuth scopes required
write:confluence-content

Request

Path parameters
id Required

string

The ID of the content to add restrictions to.

Query parameters
expand

Array<string>

A multi-value parameter indicating which properties of the content restrictions (returned in response) to expand.

  • restrictions.user returns the piece of content that the restrictions are applied to. Expanded by default.
  • restrictions.group returns the piece of content that the restrictions are applied to. Expanded by default.
  • content returns the piece of content that the restrictions are applied to.
Style: form

Valid values: restrictions.user, restrictions.group, content

Body parameters
Content typeValue
application/json

Array<AddContentRestriction>

Example

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
curl --request POST \
  --url 'https://your-domain.atlassian.net/wiki/rest/api/content/{id}/restriction' \
  --header 'Accept: application/json' \
  --header 'Content-Type: application/json' \
  --data '[
  {
    "operation": "read",
    "restrictions": {
      "user": [
        {
          "type": "known",
          "username": "<string>",
          "userKey": "<string>",
          "accountId": "<string>"
        }
      ],
      "group": [
        {
          "type": "group",
          "name": "<string>"
        }
      ]
    }
  }
]'

Responses

Returned if the requested restrictions are added.

Content typeValue
application/json

ContentRestrictionArray

Delete restrictions

DELETE /wiki/rest/api/content/{id}/restriction

Removes all restrictions (read and update) on a piece of content.

Permissions required: Permission to edit the content.

App scope requiredDELETE

OAuth scopes required
write:confluence-content

Request

Path parameters
id Required

string

The ID of the content to remove restrictions from.

Query parameters
expand

Array<string>

A multi-value parameter indicating which properties of the content restrictions (returned in response) to expand.

  • restrictions.user returns the piece of content that the restrictions are applied to. Expanded by default.
  • restrictions.group returns the piece of content that the restrictions are applied to. Expanded by default.
  • content returns the piece of content that the restrictions are applied to.
Style: form

Valid values: restrictions.user, restrictions.group, content

Example

1
2
3
curl --request DELETE \
  --url 'https://your-domain.atlassian.net/wiki/rest/api/content/{id}/restriction' \
  --header 'Accept: application/json'

Responses

Returned if the restrictions are removed.

Content typeValue
application/json

ContentRestrictionArray

Get restrictions by operation

GET /wiki/rest/api/content/{id}/restriction/byOperation

Returns restrictions on a piece of content by operation. This method is similar to Get restrictions except that the operations are properties of the return object, rather than items in a results array.

Permissions required: Permission to view the content.

App scope requiredREAD

OAuth scopes required
read:confluence-content.all

Request

Path parameters
id Required

string

The ID of the content to be queried for its restrictions.

Query parameters
expand

Array<string>

A multi-value parameter indicating which properties of the content restrictions to expand.

  • restrictions.user returns the piece of content that the restrictions are applied to. Expanded by default.
  • restrictions.group returns the piece of content that the restrictions are applied to. Expanded by default.
  • content returns the piece of content that the restrictions are applied to.
Style: form

Valid values: restrictions.user, restrictions.group, content

Example

1
2
3
curl --request GET \
  --url 'https://your-domain.atlassian.net/wiki/rest/api/content/{id}/restriction/byOperation' \
  --header 'Accept: application/json'

Responses

Returned if the requested restrictions are returned.

Content typeValue
application/json

object

Get restrictions for operation

GET /wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}

Returns the restictions on a piece of content for a given operation (read or update).

Permissions required: Permission to view the content.

App scope requiredREAD

OAuth scopes required
read:confluence-content.all

Request

Path parameters
id Required

string

The ID of the content to be queried for its restrictions.

operationKey Required

string

The operation type of the restrictions to be returned.

Valid values: read, update

Query parameters
expand

Array<string>

A multi-value parameter indicating which properties of the content restrictions to expand.

  • restrictions.user returns the piece of content that the restrictions are applied to. Expanded by default.
  • restrictions.group returns the piece of content that the restrictions are applied to. Expanded by default.
  • content returns the piece of content that the restrictions are applied to.
Style: form

Valid values: restrictions.user, restrictions.group, content

start

integer

The starting index of the users and groups in the returned restrictions.

Default: 0, Minimum: 0, Format: int32
limit

integer

The maximum number of users and the maximum number of groups, in the returned restrictions, to return per page. Note, this may be restricted by fixed system limits.

Default: 100, Minimum: 0, Format: int32

Example

1
2
3
curl --request GET \
  --url 'https://your-domain.atlassian.net/wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}' \
  --header 'Accept: application/json'

Responses

Returned if the requested restrictions are returned.

Content typeValue
application/json

ContentRestriction

Get content restriction status for group

GET /wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/group/{groupName}

Returns whether the specified content restriction applies to a group. For example, if a page with id=123 has a read restriction for the admins group, the following request will return true:

https://your-domain.atlassian.net/wiki/rest/api/content/123/restriction/byOperation/read/group/admins

Note that a response of true does not guarantee that the group can view the page, as it does not account for account-inherited restrictions, space permissions, or even product access. For more information, see Confluence permissions.

Permissions required: Permission to view the content.

App scope requiredREAD

OAuth scopes required
read:confluence-content.all

Request

Path parameters
id Required

string

The ID of the content that the restriction applies to.

operationKey Required

string

The operation that the restriction applies to.

Valid values: read, update

groupName Required

string

The name of the group to be queried for whether the content restriction applies to it.

Example

1
2
curl --request GET \
  --url 'https://your-domain.atlassian.net/wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/group/{groupName}'

Responses

Returns true if the content restriction applies to the group. The response will not return a response body.

A schema has not been defined for this response code.

Add group to content restriction

PUT /wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/group/{groupName}

Adds a group to a content restriction. That is, grant read or update permission to the group for a piece of content.

Permissions required: Permission to edit the content.

App scope requiredWRITE

OAuth scopes required
write:confluence-content

Request

Path parameters
id Required

string

The ID of the content that the restriction applies to.

operationKey Required

string

The operation that the restriction applies to.

Valid values: read, update

groupName Required

string

The name of the group to add to the content restriction.

Example

1
2
curl --request PUT \
  --url 'https://your-domain.atlassian.net/wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/group/{groupName}'

Responses

Returned if the group is added to the content restriction. The response body will be empty.

A schema has not been defined for this response code.

Remove group from content restriction

DELETE /wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/group/{groupName}

Removes a group from a content restriction. That is, remove read or update permission for the group for a piece of content.

Permissions required: Permission to edit the content.

App scope requiredDELETE

OAuth scopes required
write:confluence-content

Request

Path parameters
id Required

string

The ID of the content that the restriction applies to.

operationKey Required

string

The operation that the restriction applies to.

Valid values: read, update

groupName Required

string

The name of the group to remove from the content restriction.

Example

1
2
curl --request DELETE \
  --url 'https://your-domain.atlassian.net/wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/group/{groupName}'

Responses

Returned if the group is removed from the content restriction. The response body will be empty.

A schema has not been defined for this response code.

Get content restriction status for user

GET /wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/user

Returns whether the specified content restriction applies to a user. For example, if a page with id=123 has a read restriction for a user with an account ID of 384093:32b4d9w0-f6a5-3535-11a3-9c8c88d10192, the following request will return true:

https://your-domain.atlassian.net/wiki/rest/api/content/123/restriction/byOperation/read/user?accountId=384093:32b4d9w0-f6a5-3535-11a3-9c8c88d10192

Note that a response of true does not guarantee that the user can view the page, as it does not account for account-inherited restrictions, space permissions, or even product access. For more information, see Confluence permissions.

Permissions required: Permission to view the content.

App scope requiredREAD

OAuth scopes required
read:confluence-content.all

Request

Path parameters
id Required

string

The ID of the content that the restriction applies to.

operationKey Required

string

The operation that is restricted.

Query parameters
key

string

This parameter is no longer available and will be removed from the documentation soon. Use accountId instead. See the deprecation notice for details.

userName

string

This parameter is no longer available and will be removed from the documentation soon. Use accountId instead. See the deprecation notice for details.

accountId Required

string

The account ID of the user to be queried for whether the content restriction applies to it. The accountId uniquely identifies the user across all Atlassian products. For example, 384093:32b4d9w0-f6a5-3535-11a3-9c8c88d10192.

Example

1
2
curl --request GET \
  --url 'https://your-domain.atlassian.net/wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/user?accountId={accountId}'

Responses

Return true if the content restriction applies to the user. The response body will be empty.

A schema has not been defined for this response code.

Add user to content restriction

PUT /wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/user

Adds a user to a content restriction. That is, grant read or update permission to the user for a piece of content.

Permissions required: Permission to edit the content.

App scope requiredWRITE

OAuth scopes required
write:confluence-content

Request

Path parameters
id Required

string

The ID of the content that the restriction applies to.

operationKey Required

string

The operation that the restriction applies to.

Query parameters
key

string

This parameter is no longer available and will be removed from the documentation soon. Use accountId instead. See the deprecation notice for details.

userName

string

This parameter is no longer available and will be removed from the documentation soon. Use accountId instead. See the deprecation notice for details.

accountId Required

string

The account ID of the user to add to the content restriction. The accountId uniquely identifies the user across all Atlassian products. For example, 384093:32b4d9w0-f6a5-3535-11a3-9c8c88d10192.

Example

1
2
curl --request PUT \
  --url 'https://your-domain.atlassian.net/wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/user?accountId={accountId}'

Responses

Returned if the user is added to the content restriction. The response body will be empty.

A schema has not been defined for this response code.

Remove user from content restriction

DELETE /wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/user

Removes a group from a content restriction. That is, remove read or update permission for the group for a piece of content.

Permissions required: Permission to edit the content.

App scope requiredDELETE

OAuth scopes required
write:confluence-content

Request

Path parameters
id Required

string

The ID of the content that the restriction applies to.

operationKey Required

string

The operation that the restriction applies to.

Valid values: read, update

Query parameters
key

string

This parameter is no longer available and will be removed from the documentation soon. Use accountId instead. See the deprecation notice for details.

userName

string

This parameter is no longer available and will be removed from the documentation soon. Use accountId instead. See the deprecation notice for details.

accountId Required

string

The account ID of the user to remove from the content restriction. The accountId uniquely identifies the user across all Atlassian products. For example, 384093:32b4d9w0-f6a5-3535-11a3-9c8c88d10192.

Example

1
2
curl --request DELETE \
  --url 'https://your-domain.atlassian.net/wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/user?accountId={accountId}'

Responses

Returned if the user is removed from the content restriction. The response body will be empty.

A schema has not been defined for this response code.

Rate this page: