Audit
Analytics
Content
Content - attachments
Content body
Content - children and descendants
Content - macro body
Content comments
Content labels
Content permissions
Content properties
Content restrictions
Content states
Content versions
Content watches
Dynamic modules
Experimental
Group
Inline tasks
Label info
Long-running task
Relation
Search
Settings
Space
Space permissions
Space properties
Space settings
Template
Themes
Users

Rate this page:

Content restrictions

Get restrictions

GET /wiki/rest/api/content/{id}/restriction

Returns the restrictions on a piece of content.

Permissions required: Permission to view the content.

Connect app scope requiredREAD

OAuth 2.0 scopes required:
ClassicRECOMMENDED:read:confluence-content.all
Granular:read:content-details:confluence

Request

Path parameters
id Required

string

The ID of the content to be queried for its restrictions.

Query parameters
expand

Array<string>

A multi-value parameter indicating which properties of the content restrictions to expand. By default, the following objects are expanded: restrictions.user, restrictions.group.

  • restrictions.user returns the piece of content that the restrictions are applied to.
  • restrictions.group returns the piece of content that the restrictions are applied to.
  • content returns the piece of content that the restrictions are applied to.
Style: form

Valid values: restrictions.user, read.restrictions.user, update.restrictions.user, restrictions.group, read.restrictions.group, update.restrictions.group, content

start

integer

The starting index of the users and groups in the returned restrictions.

Default: 0, Minimum: 0, Format: int32
limit

integer

The maximum number of users and the maximum number of groups, in the returned restrictions, to return per page. Note, this may be restricted by fixed system limits.

Default: 100, Minimum: 0, Format: int32

Example

1
2
3
4
5
6
7
8
9
10
11
12
// This sample uses Atlassian Forge
// https://developer.atlassian.com/platform/forge/
import api, { route } from "@forge/api";

const response = await api.asApp().requestConfluence(route`/wiki/rest/api/content/{id}/restriction`, {
  headers: {
    'Accept': 'application/json'
  }
});

console.log(`Response: ${response.status} ${response.statusText}`);
console.log(await response.json());

Responses

Returned if the requested restrictions are returned.

Content typeValue
application/json

ContentRestrictionArray

Update restrictions

PUT /wiki/rest/api/content/{id}/restriction

Updates restrictions for a piece of content. This removes the existing restrictions and replaces them with the restrictions in the request.

Permissions required: Permission to edit the content.

Connect app scope requiredWRITE

OAuth 2.0 scopes required:
ClassicRECOMMENDED:write:confluence-content
Granular:read:content-details:confluence, write:content.restriction:confluence

Request

Path parameters
id Required

string

The ID of the content to update restrictions for.

Query parameters
expand

Array<string>

A multi-value parameter indicating which properties of the content restrictions (returned in response) to expand.

  • restrictions.user returns the piece of content that the restrictions are applied to. Expanded by default.
  • restrictions.group returns the piece of content that the restrictions are applied to. Expanded by default.
  • content returns the piece of content that the restrictions are applied to.
Style: form

Valid values: restrictions.user, read.restrictions.user, update.restrictions.user, restrictions.group, read.restrictions.group, update.restrictions.group, content

Body parameters
Content typeValue
application/json

oneOf [object, Array<ContentRestrictionUpdate>]

Example

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
// This sample uses Atlassian Forge
// https://developer.atlassian.com/platform/forge/
import api, { route } from "@forge/api";

var bodyData = `{
  "results": [
    {
      "operation": "administer",
      "restrictions": {
        "group": [
          {
            "type": "group",
            "name": "<string>"
          }
        ],
        "user": [
          {
            "type": "known",
            "username": "<string>",
            "userKey": "<string>",
            "accountId": "<string>",
            "accountType": "atlassian",
            "email": "<string>",
            "publicName": "<string>",
            "profilePicture": {
              "path": "<string>",
              "width": 2154,
              "height": 2154,
              "isDefault": true
            },
            "displayName": "<string>",
            "timeZone": "<string>",
            "isExternalCollaborator": true,
            "externalCollaborator": true,
            "operations": [
              {
                "operation": "administer",
                "targetType": "<string>"
              }
            ],
            "details": {},
            "personalSpace": {
              "key": "<string>",
              "name": "<string>",
              "type": "<string>",
              "status": "<string>",
              "_expandable": {},
              "_links": {}
            },
            "_expandable": {
              "operations": "<string>",
              "details": "<string>",
              "personalSpace": "<string>"
            },
            "_links": {}
          }
        ]
      },
      "content": {
        "id": "<string>",
        "type": "<string>",
        "status": "<string>",
        "title": "<string>",
        "space": {
          "key": "<string>",
          "name": "<string>",
          "type": "<string>",
          "status": "<string>",
          "_expandable": {},
          "_links": {}
        },
        "history": {
          "latest": true
        },
        "version": {
          "when": "<string>",
          "number": 57,
          "minorEdit": true
        },
        "ancestors": [],
        "operations": [
          {
            "operation": "administer",
            "targetType": "<string>"
          }
        ],
        "children": {},
        "childTypes": {},
        "descendants": {},
        "container": {},
        "body": {
          "view": {
            "value": "<string>",
            "representation": "view"
          },
          "export_view": {
            "value": "<string>",
            "representation": "view"
          },
          "styled_view": {
            "value": "<string>",
            "representation": "view"
          },
          "storage": {
            "value": "<string>",
            "representation": "view"
          },
          "wiki": {
            "value": "<string>",
            "representation": "view"
          },
          "editor": {
            "value": "<string>",
            "representation": "view"
          },
          "editor2": {
            "value": "<string>",
            "representation": "view"
          },
          "anonymous_export_view": {
            "value": "<string>",
            "representation": "view"
          },
          "atlas_doc_format": {
            "value": "<string>",
            "representation": "view"
          },
          "dynamic": {
            "value": "<string>",
            "representation": "view"
          },
          "_expandable": {
            "editor": "<string>",
            "view": "<string>",
            "export_view": "<string>",
            "styled_view": "<string>",
            "storage": "<string>",
            "editor2": "<string>",
            "anonymous_export_view": "<string>",
            "atlas_doc_format": "<string>",
            "wiki": "<string>",
            "dynamic": "<string>",
            "raw": "<string>"
          }
        },
        "restrictions": {
          "read": {
            "operation": "administer",
            "_expandable": {},
            "_links": {}
          },
          "update": {
            "operation": "administer",
            "_expandable": {},
            "_links": {}
          },
          "_expandable": {
            "read": "<string>",
            "update": "<string>"
          },
          "_links": {}
        },
        "metadata": {},
        "macroRenderedOutput": {},
        "extensions": {},
        "_expandable": {
          "childTypes": "<string>",
          "container": "<string>",
          "metadata": "<string>",
          "operations": "<string>",
          "children": "<string>",
          "restrictions": "<string>",
          "history": "<string>",
          "ancestors": "<string>",
          "body": "<string>",
          "version": "<string>",
          "descendants": "<string>",
          "space": "<string>",
          "extensions": "<string>",
          "schedulePublishDate": "<string>",
          "schedulePublishInfo": "<string>",
          "macroRenderedOutput": "<string>"
        },
        "_links": {}
      }
    }
  ],
  "start": 2154,
  "limit": 2154,
  "size": 2154,
  "restrictionsHash": "<string>",
  "_links": {}
}`;

const response = await api.asApp().requestConfluence(route`/wiki/rest/api/content/{id}/restriction`, {
  method: 'PUT',
  headers: {
    'Accept': 'application/json',
    'Content-Type': 'application/json'
  },
  body: bodyData
});

console.log(`Response: ${response.status} ${response.statusText}`);
console.log(await response.json());

Responses

Returned if the requested restrictions are updated.

Content typeValue
application/json

ContentRestrictionArray

Add restrictions

POST /wiki/rest/api/content/{id}/restriction

Adds restrictions to a piece of content. Note, this does not change any existing restrictions on the content.

Permissions required: Permission to edit the content.

Connect app scope requiredWRITE

OAuth 2.0 scopes required:
ClassicRECOMMENDED:write:confluence-content
Granular:read:content-details:confluence, write:content.restriction:confluence

Request

Path parameters
id Required

string

The ID of the content to add restrictions to.

Query parameters
expand

Array<string>

A multi-value parameter indicating which properties of the content restrictions (returned in response) to expand.

  • restrictions.user returns the piece of content that the restrictions are applied to. Expanded by default.
  • restrictions.group returns the piece of content that the restrictions are applied to. Expanded by default.
  • content returns the piece of content that the restrictions are applied to.
Style: form

Valid values: restrictions.user, read.restrictions.user, update.restrictions.user, restrictions.group, read.restrictions.group, update.restrictions.group, content

Body parameters
Content typeValue
application/json

oneOf [object, Array<ContentRestrictionUpdate>]

Example

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
// This sample uses Atlassian Forge
// https://developer.atlassian.com/platform/forge/
import api, { route } from "@forge/api";

var bodyData = `{
  "results": [
    {
      "operation": "administer",
      "restrictions": {
        "group": [
          {
            "type": "group",
            "name": "<string>"
          }
        ],
        "user": [
          {
            "type": "known",
            "username": "<string>",
            "userKey": "<string>",
            "accountId": "<string>",
            "accountType": "atlassian",
            "email": "<string>",
            "publicName": "<string>",
            "profilePicture": {
              "path": "<string>",
              "width": 2154,
              "height": 2154,
              "isDefault": true
            },
            "displayName": "<string>",
            "timeZone": "<string>",
            "isExternalCollaborator": true,
            "externalCollaborator": true,
            "operations": [
              {
                "operation": "administer",
                "targetType": "<string>"
              }
            ],
            "details": {},
            "personalSpace": {
              "key": "<string>",
              "name": "<string>",
              "type": "<string>",
              "status": "<string>",
              "_expandable": {},
              "_links": {}
            },
            "_expandable": {
              "operations": "<string>",
              "details": "<string>",
              "personalSpace": "<string>"
            },
            "_links": {}
          }
        ]
      },
      "content": {
        "id": "<string>",
        "type": "<string>",
        "status": "<string>",
        "title": "<string>",
        "space": {
          "key": "<string>",
          "name": "<string>",
          "type": "<string>",
          "status": "<string>",
          "_expandable": {},
          "_links": {}
        },
        "history": {
          "latest": true
        },
        "version": {
          "when": "<string>",
          "number": 57,
          "minorEdit": true
        },
        "ancestors": [],
        "operations": [
          {
            "operation": "administer",
            "targetType": "<string>"
          }
        ],
        "children": {},
        "childTypes": {},
        "descendants": {},
        "container": {},
        "body": {
          "view": {
            "value": "<string>",
            "representation": "view"
          },
          "export_view": {
            "value": "<string>",
            "representation": "view"
          },
          "styled_view": {
            "value": "<string>",
            "representation": "view"
          },
          "storage": {
            "value": "<string>",
            "representation": "view"
          },
          "wiki": {
            "value": "<string>",
            "representation": "view"
          },
          "editor": {
            "value": "<string>",
            "representation": "view"
          },
          "editor2": {
            "value": "<string>",
            "representation": "view"
          },
          "anonymous_export_view": {
            "value": "<string>",
            "representation": "view"
          },
          "atlas_doc_format": {
            "value": "<string>",
            "representation": "view"
          },
          "dynamic": {
            "value": "<string>",
            "representation": "view"
          },
          "_expandable": {
            "editor": "<string>",
            "view": "<string>",
            "export_view": "<string>",
            "styled_view": "<string>",
            "storage": "<string>",
            "editor2": "<string>",
            "anonymous_export_view": "<string>",
            "atlas_doc_format": "<string>",
            "wiki": "<string>",
            "dynamic": "<string>",
            "raw": "<string>"
          }
        },
        "restrictions": {
          "read": {
            "operation": "administer",
            "_expandable": {},
            "_links": {}
          },
          "update": {
            "operation": "administer",
            "_expandable": {},
            "_links": {}
          },
          "_expandable": {
            "read": "<string>",
            "update": "<string>"
          },
          "_links": {}
        },
        "metadata": {},
        "macroRenderedOutput": {},
        "extensions": {},
        "_expandable": {
          "childTypes": "<string>",
          "container": "<string>",
          "metadata": "<string>",
          "operations": "<string>",
          "children": "<string>",
          "restrictions": "<string>",
          "history": "<string>",
          "ancestors": "<string>",
          "body": "<string>",
          "version": "<string>",
          "descendants": "<string>",
          "space": "<string>",
          "extensions": "<string>",
          "schedulePublishDate": "<string>",
          "schedulePublishInfo": "<string>",
          "macroRenderedOutput": "<string>"
        },
        "_links": {}
      }
    }
  ],
  "start": 2154,
  "limit": 2154,
  "size": 2154,
  "restrictionsHash": "<string>",
  "_links": {}
}`;

const response = await api.asApp().requestConfluence(route`/wiki/rest/api/content/{id}/restriction`, {
  method: 'POST',
  headers: {
    'Accept': 'application/json',
    'Content-Type': 'application/json'
  },
  body: bodyData
});

console.log(`Response: ${response.status} ${response.statusText}`);
console.log(await response.json());

Responses

Returned if the requested restrictions are added.

Content typeValue
application/json

ContentRestrictionArray

Delete restrictions

DELETE /wiki/rest/api/content/{id}/restriction

Removes all restrictions (read and update) on a piece of content.

Permissions required: Permission to edit the content.

Connect app scope requiredDELETE

OAuth 2.0 scopes required:
ClassicRECOMMENDED:write:confluence-content
Granular:read:content-details:confluence, write:content.restriction:confluence

Request

Path parameters
id Required

string

The ID of the content to remove restrictions from.

Query parameters
expand

Array<string>

A multi-value parameter indicating which properties of the content restrictions (returned in response) to expand.

  • restrictions.user returns the piece of content that the restrictions are applied to. Expanded by default.
  • restrictions.group returns the piece of content that the restrictions are applied to. Expanded by default.
  • content returns the piece of content that the restrictions are applied to.
Style: form

Valid values: restrictions.user, read.restrictions.user, update.restrictions.user, restrictions.group, read.restrictions.group, update.restrictions.group, content

Example

1
2
3
4
5
6
7
8
9
10
11
12
13
// This sample uses Atlassian Forge
// https://developer.atlassian.com/platform/forge/
import api, { route } from "@forge/api";

const response = await api.asApp().requestConfluence(route`/wiki/rest/api/content/{id}/restriction`, {
  method: 'DELETE',
  headers: {
    'Accept': 'application/json'
  }
});

console.log(`Response: ${response.status} ${response.statusText}`);
console.log(await response.json());

Responses

Returned if the restrictions are removed.

Content typeValue
application/json

ContentRestrictionArray

Get restrictions by operation

GET /wiki/rest/api/content/{id}/restriction/byOperation

Returns restrictions on a piece of content by operation. This method is similar to Get restrictions except that the operations are properties of the return object, rather than items in a results array.

Permissions required: Permission to view the content.

Connect app scope requiredREAD

OAuth 2.0 scopes required:
ClassicRECOMMENDED:read:confluence-content.all
Granular:read:content-details:confluence

Request

Path parameters
id Required

string

The ID of the content to be queried for its restrictions.

Query parameters
expand

Array<string>

A multi-value parameter indicating which properties of the content restrictions to expand.

  • restrictions.user returns the piece of content that the restrictions are applied to. Expanded by default.
  • restrictions.group returns the piece of content that the restrictions are applied to. Expanded by default.
  • content returns the piece of content that the restrictions are applied to.
Style: form

Valid values: restrictions.user, restrictions.group, content

Example

1
2
3
4
5
6
7
8
9
10
11
12
// This sample uses Atlassian Forge
// https://developer.atlassian.com/platform/forge/
import api, { route } from "@forge/api";

const response = await api.asApp().requestConfluence(route`/wiki/rest/api/content/{id}/restriction/byOperation`, {
  headers: {
    'Accept': 'application/json'
  }
});

console.log(`Response: ${response.status} ${response.statusText}`);
console.log(await response.json());

Responses

Returned if the requested restrictions are returned.

Content typeValue
application/json

object

Get restrictions for operation

GET /wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}

Returns the restictions on a piece of content for a given operation (read or update).

Permissions required: Permission to view the content.

Connect app scope requiredREAD

OAuth 2.0 scopes required:
ClassicRECOMMENDED:read:confluence-content.all
Granular:read:content-details:confluence

Request

Path parameters
id Required

string

The ID of the content to be queried for its restrictions.

operationKey Required

string

The operation type of the restrictions to be returned.

Valid values: read, update

Query parameters
expand

Array<string>

A multi-value parameter indicating which properties of the content restrictions to expand.

  • restrictions.user returns the piece of content that the restrictions are applied to. Expanded by default.
  • restrictions.group returns the piece of content that the restrictions are applied to. Expanded by default.
  • content returns the piece of content that the restrictions are applied to.
Style: form

Valid values: restrictions.user, restrictions.group, content

start

integer

The starting index of the users and groups in the returned restrictions.

Default: 0, Minimum: 0, Format: int32
limit

integer

The maximum number of users and the maximum number of groups, in the returned restrictions, to return per page. Note, this may be restricted by fixed system limits.

Default: 100, Minimum: 0, Format: int32

Example

1
2
3
4
5
6
7
8
9
10
11
12
// This sample uses Atlassian Forge
// https://developer.atlassian.com/platform/forge/
import api, { route } from "@forge/api";

const response = await api.asApp().requestConfluence(route`/wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}`, {
  headers: {
    'Accept': 'application/json'
  }
});

console.log(`Response: ${response.status} ${response.statusText}`);
console.log(await response.json());

Responses

Returned if the requested restrictions are returned.

Content typeValue
application/json

ContentRestriction

Get content restriction status for group

GET /wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/group/{groupName}

Returns whether the specified content restriction applies to a group. For example, if a page with id=123 has a read restriction for the admins group, the following request will return true:

/wiki/rest/api/content/123/restriction/byOperation/read/group/admins

Note that a response of true does not guarantee that the group can view the page, as it does not account for account-inherited restrictions, space permissions, or even product access. For more information, see Confluence permissions.

Permissions required: Permission to view the content.

Connect app scope requiredREAD

OAuth 2.0 scopes required:
ClassicRECOMMENDED:read:confluence-content.all
Granular:read:content.restriction:confluence

Request

Path parameters
id Required

string

The ID of the content that the restriction applies to.

operationKey Required

string

The operation that the restriction applies to.

Valid values: read, update

groupName Required

string

The name of the group to be queried for whether the content restriction applies to it.

Example

1
2
3
4
5
6
7
8
// This sample uses Atlassian Forge
// https://developer.atlassian.com/platform/forge/
import api, { route } from "@forge/api";

const response = await api.asApp().requestConfluence(route`/wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/group/{groupName}`);

console.log(`Response: ${response.status} ${response.statusText}`);
console.log(await response.text());

Responses

Returns true if the content restriction applies to the group. The response will not return a response body.

A schema has not been defined for this response code.

Add group to content restriction

PUT /wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/group/{groupName}

Adds a group to a content restriction. That is, grant read or update permission to the group for a piece of content.

Permissions required: Permission to edit the content.

Connect app scope requiredWRITE

OAuth 2.0 scopes required:
ClassicRECOMMENDED:write:confluence-content
Granular:write:content.restriction:confluence

Request

Path parameters
id Required

string

The ID of the content that the restriction applies to.

operationKey Required

string

The operation that the restriction applies to.

Valid values: read, update

groupName Required

string

The name of the group to add to the content restriction.

Example

1
2
3
4
5
6
7
8
9
10
// This sample uses Atlassian Forge
// https://developer.atlassian.com/platform/forge/
import api, { route } from "@forge/api";

const response = await api.asApp().requestConfluence(route`/wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/group/{groupName}`, {
  method: 'PUT'
});

console.log(`Response: ${response.status} ${response.statusText}`);
console.log(await response.text());

Responses

Returned if the group is added to the content restriction. The response body will be empty.

A schema has not been defined for this response code.

Remove group from content restriction

DELETE /wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/group/{groupName}

Removes a group from a content restriction. That is, remove read or update permission for the group for a piece of content.

Permissions required: Permission to edit the content.

Connect app scope requiredWRITE

OAuth 2.0 scopes required:
ClassicRECOMMENDED:write:confluence-content
Granular:write:content.restriction:confluence

Request

Path parameters
id Required

string

The ID of the content that the restriction applies to.

operationKey Required

string

The operation that the restriction applies to.

Valid values: read, update

groupName Required

string

The name of the group to remove from the content restriction.

Example

1
2
3
4
5
6
7
8
9
10
// This sample uses Atlassian Forge
// https://developer.atlassian.com/platform/forge/
import api, { route } from "@forge/api";

const response = await api.asApp().requestConfluence(route`/wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/group/{groupName}`, {
  method: 'DELETE'
});

console.log(`Response: ${response.status} ${response.statusText}`);
console.log(await response.text());

Responses

Returned if the group is removed from the content restriction. The response body will be empty.

A schema has not been defined for this response code.

Get content restriction status for group

GET /wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/byGroupId/{groupId}

Returns whether the specified content restriction applies to a group. For example, if a page with id=123 has a read restriction for the 123456 group id, the following request will return true:

/wiki/rest/api/content/123/restriction/byOperation/read/byGroupId/123456

Note that a response of true does not guarantee that the group can view the page, as it does not account for account-inherited restrictions, space permissions, or even product access. For more information, see Confluence permissions.

Permissions required: Permission to view the content.

Connect app scope requiredREAD

OAuth 2.0 scopes required:
ClassicRECOMMENDED:read:confluence-content.all
Granular:read:content.restriction:confluence

Request

Path parameters
id Required

string

The ID of the content that the restriction applies to.

operationKey Required

string

The operation that the restriction applies to.

Valid values: read, update

groupId Required

string

The id of the group to be queried for whether the content restriction applies to it.

Example

1
2
3
4
5
6
7
8
// This sample uses Atlassian Forge
// https://developer.atlassian.com/platform/forge/
import api, { route } from "@forge/api";

const response = await api.asApp().requestConfluence(route`/wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/byGroupId/{groupId}`);

console.log(`Response: ${response.status} ${response.statusText}`);
console.log(await response.text());

Responses

Returns true if the content restriction applies to the group. The response will not return a response body.

A schema has not been defined for this response code.

Add group to content restriction

PUT /wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/byGroupId/{groupId}

Adds a group to a content restriction by Group Id. That is, grant read or update permission to the group for a piece of content.

Permissions required: Permission to edit the content.

Connect app scope requiredWRITE

OAuth 2.0 scopes required:
ClassicRECOMMENDED:write:confluence-content
Granular:write:content.restriction:confluence

Request

Path parameters
id Required

string

The ID of the content that the restriction applies to.

operationKey Required

string

The operation that the restriction applies to.

Valid values: read, update

groupId Required

string

The groupId of the group to add to the content restriction.

Example

1
2
3
4
5
6
7
8
9
10
// This sample uses Atlassian Forge
// https://developer.atlassian.com/platform/forge/
import api, { route } from "@forge/api";

const response = await api.asApp().requestConfluence(route`/wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/byGroupId/{groupId}`, {
  method: 'PUT'
});

console.log(`Response: ${response.status} ${response.statusText}`);
console.log(await response.text());

Responses

Returned if the group is added to the content restriction by Group Id. The response body will be empty.

A schema has not been defined for this response code.

Remove group from content restriction

DELETE /wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/byGroupId/{groupId}

Removes a group from a content restriction. That is, remove read or update permission for the group for a piece of content.

Permissions required: Permission to edit the content.

Connect app scope requiredWRITE

OAuth 2.0 scopes required:
ClassicRECOMMENDED:write:confluence-content
Granular:write:content.restriction:confluence

Request

Path parameters
id Required

string

The ID of the content that the restriction applies to.

operationKey Required

string

The operation that the restriction applies to.

Valid values: read, update

groupId Required

string

The id of the group to remove from the content restriction.

Example

1
2
3
4
5
6
7
8
9
10
// This sample uses Atlassian Forge
// https://developer.atlassian.com/platform/forge/
import api, { route } from "@forge/api";

const response = await api.asApp().requestConfluence(route`/wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/byGroupId/{groupId}`, {
  method: 'DELETE'
});

console.log(`Response: ${response.status} ${response.statusText}`);
console.log(await response.text());

Responses

Returned if the group is removed from the content restriction. The response body will be empty.

A schema has not been defined for this response code.

Get content restriction status for user

GET /wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/user

Returns whether the specified content restriction applies to a user. For example, if a page with id=123 has a read restriction for a user with an account ID of 384093:32b4d9w0-f6a5-3535-11a3-9c8c88d10192, the following request will return true:

/wiki/rest/api/content/123/restriction/byOperation/read/user?accountId=384093:32b4d9w0-f6a5-3535-11a3-9c8c88d10192

Note that a response of true does not guarantee that the user can view the page, as it does not account for account-inherited restrictions, space permissions, or even product access. For more information, see Confluence permissions.

Permissions required: Permission to view the content.

Connect app scope requiredREAD

OAuth 2.0 scopes required:
ClassicRECOMMENDED:read:confluence-content.all
Granular:read:content.restriction:confluence

Request

Path parameters
id Required

string

The ID of the content that the restriction applies to.

operationKey Required

string

The operation that is restricted.

Query parameters
key Deprecated

string

This parameter is no longer available and will be removed from the documentation soon. Use accountId instead. See the deprecation notice for details.

username Deprecated

string

This parameter is no longer available and will be removed from the documentation soon. Use accountId instead. See the deprecation notice for details.

accountId

string

The account ID of the user. The accountId uniquely identifies the user across all Atlassian products. For example, 384093:32b4d9w0-f6a5-3535-11a3-9c8c88d10192.

Example

1
2
3
4
5
6
7
8
// This sample uses Atlassian Forge
// https://developer.atlassian.com/platform/forge/
import api, { route } from "@forge/api";

const response = await api.asApp().requestConfluence(route`/wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/user`);

console.log(`Response: ${response.status} ${response.statusText}`);
console.log(await response.text());

Responses

Return true if the content restriction applies to the user. The response body will be empty.

A schema has not been defined for this response code.

Add user to content restriction

PUT /wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/user

Adds a user to a content restriction. That is, grant read or update permission to the user for a piece of content.

Permissions required: Permission to edit the content.

Connect app scope requiredWRITE

OAuth 2.0 scopes required:
ClassicRECOMMENDED:write:confluence-content
Granular:write:content.restriction:confluence

Request

Path parameters
id Required

string

The ID of the content that the restriction applies to.

operationKey Required

string

The operation that the restriction applies to.

Query parameters
key Deprecated

string

This parameter is no longer available and will be removed from the documentation soon. Use accountId instead. See the deprecation notice for details.

username Deprecated

string

This parameter is no longer available and will be removed from the documentation soon. Use accountId instead. See the deprecation notice for details.

accountId

string

The account ID of the user. The accountId uniquely identifies the user across all Atlassian products. For example, 384093:32b4d9w0-f6a5-3535-11a3-9c8c88d10192.

Example

1
2
3
4
5
6
7
8
9
10
// This sample uses Atlassian Forge
// https://developer.atlassian.com/platform/forge/
import api, { route } from "@forge/api";

const response = await api.asApp().requestConfluence(route`/wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/user`, {
  method: 'PUT'
});

console.log(`Response: ${response.status} ${response.statusText}`);
console.log(await response.text());

Responses

Returned if the user is added to the content restriction. The response body will be empty.

A schema has not been defined for this response code.

Remove user from content restriction

DELETE /wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/user

Removes a group from a content restriction. That is, remove read or update permission for the group for a piece of content.

Permissions required: Permission to edit the content.

Connect app scope requiredWRITE

OAuth 2.0 scopes required:
ClassicRECOMMENDED:write:confluence-content
Granular:write:content.restriction:confluence

Request

Path parameters
id Required

string

The ID of the content that the restriction applies to.

operationKey Required

string

The operation that the restriction applies to.

Valid values: read, update

Query parameters
key Deprecated

string

This parameter is no longer available and will be removed from the documentation soon. Use accountId instead. See the deprecation notice for details.

username Deprecated

string

This parameter is no longer available and will be removed from the documentation soon. Use accountId instead. See the deprecation notice for details.

accountId

string

The account ID of the user. The accountId uniquely identifies the user across all Atlassian products. For example, 384093:32b4d9w0-f6a5-3535-11a3-9c8c88d10192.

Example

1
2
3
4
5
6
7
8
9
10
// This sample uses Atlassian Forge
// https://developer.atlassian.com/platform/forge/
import api, { route } from "@forge/api";

const response = await api.asApp().requestConfluence(route`/wiki/rest/api/content/{id}/restriction/byOperation/{operationKey}/user`, {
  method: 'DELETE'
});

console.log(`Response: ${response.status} ${response.statusText}`);
console.log(await response.text());

Responses

Returned if the user is removed from the content restriction. The response body will be empty.

A schema has not been defined for this response code.

Rate this page: