Summary

In Confluence, even though the Global Permissions are not configured for anonymous/public access, users can still configure the space permissions to have anonymous access enabled.

When this permission is configured only at a space level, this will allow any licensed, unlicensed and guests to view the content within it, bypassing its existing permissions.

Suggestion

Although it could be expected to have everyone viewing it since this permission indicates that the space would be open for everyone, there is no warning or message while configuring it as a space admin.

This is a suggestion for some options like the following:

• Have a clear message that although the global permissions are not set to public access, this would allow anyone to view this space, including unlicensed users and guests.
• Do not allow this permission to bypass any other configured permissions if there are no global permissions configured for public access.