Confluence REST API to remove anonymous access to a space/page

Ravi90 · January 31, 2022, 7:01am

Hi All,

I am looking for an API that can be used to remove the anonymous access to a space or a page.

I tried using the API Remove space permission mentioned in the documentation, but I was getting “Scope doesn’t match” in the response.

Not sure if this is due to the access restriction mentioned - “Apps cannot access this REST resource - including when utilizing user impersonation”

Can someone please suggest if there is any workaround provided for this?

Thanks
Ravi

jrichards · February 1, 2022, 5:25am

Hi @Ravi90,

The only way to do this is to create a user token, as documented in

Manage API tokens for your Atlassian account | Atlassian Support

Then find the id of the permission. You can do this with

curl --silent --user <email>:<token> --request GET --url 'https://<sitename>.atlassian.net/wiki/rest/api/space/{spaceKey}?expand=permissions'

And look for an entry that has "anonymousAccess": true

    {
      "id": 1463877633,
      "operation": {
        "operation": "read",
        "targetType": "space"
      },
      "anonymousAccess": true,
      "unlicensedAccess": false
    },

And then call with HTTP DELETE, using the id

curl --silent --user <email>:<token> --request DELETE --url 'https://<sitename>/wiki/rest/api/space/{spaceKey}/permission/1463877633'

Hope this helps.

Regards,
James.

Ravi90 · February 1, 2022, 7:53am

@jrichards, thanks for the quick response.

When I tried above, it gives me the following response

{"statusCode":403,"data":{"authorized":false,"valid":false,"errors":[{"message":{"translation":"User isn't authorized to modify permissions.","args":[]}}],"successful":false},"message":"com.atlassian.confluence.api.service.exceptions.PermissionException: User isn't authorized to modify permissions."}

The user I was trying to use is an admin user and all the permissions have been set to use the REST APIs for this user.

Any idea why this is still happening?

Thanks
Ravi

Ravi90 · February 1, 2022, 8:01am

Sorry @jrichards, it was my bad. I didn’t remove the bearer token from the header while trying this. This seem to have worked after removing the authorization header.

Thanks very much for the help.

Thanks
Ravi

jrichards · February 1, 2022, 11:59pm

Hi @Ravi90,

Thanks for the update. Basic authentication curl --user <user>:<token> doesn’t need Bearer token as it’s using Basic authentication in the headers (which you can see with curl --verbose). Bearer tokens are usually for Connect apps.

Anyway, glad to see it’s all working now.

James.

Ravi90 · February 2, 2022, 5:09am

Got it @jrichards