Bypass Confluence Login

Just want to seek assistance. How to bypass Confluence login when redirecting to Confluence page from other website? I need to redirect to confluence page from my website website, but it keeps returning restricted page.

Thanks in advance for assistance.

Hi @AlGuivenLachica

You can turn on anonymous access for your Confluence site and then set appropriate permissions at the space and/or page level to allow users to view content without logging in. https://confluence.atlassian.com/doc/setting-up-public-access-156.html

There are also Marketplace add-ons such as Scroll Viewport (https://marketplace.atlassian.com/apps/1211636/scroll-viewport-for-confluence?hosting=cloud&tab=overview) that are designed to allow the creation of public-facing web content from Confluence pages.

1 Like

Hi,

Thanks for this info. But the “anonymous access” is not an option. This is to prevent unauthorized users to view the page.

What I am trying to do is to inject the authorization credentials to Confluence using JQuery, I was able to get 200 response, but I cannot redirect to the Confluence page. I am getting “CORS policy” error. “No ‘Access-Control-Allow-Origin’ header is present on the requested resource.”.

The problem is being caused by your browser’s CORS (cross-origin request sharing) policy, which is a security feature implemented in most modern browsers. By default, JavaScript in the browser is not permitted to make AJAX/XHR calls to URLs to a different origin than the URL from which the JavaScript itself was loaded (this is called the same-origin policy https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy).

The CORS standard includes a mechanism for servers to permit CORS requests, but modifying this is not a feature of Jira or Confluence Cloud. The alternative way to solve this problem is to build a server-side endpoint that can proxy the request from the browser to Jira.

I feel that it is important to point out that by embedding the credentials to login to Confluence using jQuery, any user of that page will be able to view and copy the credentials, which perhaps negates the advantage of having the pages restricted.

Hi,

Thanks for your response. Will try the server side endpoint and will update if it works. Thanks.