Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-1882

Restricting access to user names and profiles

XMLWordPrintable

    • 14
    • 86
    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      NOTE: This suggestion is for Confluence Data Center. Using Confluence Cloud? See the corresponding suggestion.

      Atlassian Update - 8 February 2024

      Hi everyone,

      This is Kathleen from the Confluence team. Thank you for your interest in this suggestion.

      After reviewing this ticket and weighing it up against our other opportunities, we have decided to transition it to 'Gathering interest' as we don't have plans to work on this in the near term.

      Please continue to vote and watch this suggestion if it is important to your team, as we regularly review highly ranked tickets as potential roadmap items.

      To learn more about our recent investments in Confluence Data Center, please check our public roadmap and our dashboards containing recently resolved issues, and current work and future plans.

      Kind regards,
      Confluence Data Center

      In addition to sharing information within my company, we would like to use Confluence for sharing certain information with our customers and clients, and have it host our public website. The one thing that is holding us back from doing this is the inability to restrict who can see a user's profile. Profiles can even be viewed by anonymous users and to my knowledge there is no way to create a named user account without also creating a profile. Someone please correct me if I'm wrong. In our case, many of our clients are also direct competitors, and the last thing we want to do is give them a list of all our employees. The same concern also applies to the names at the top of each page, on the dashboard, in the search results, etc., that tell you who last changed the page and at what date and time.

      I tried to come up with couple of ideas about how restriction of user profiles and user names might work. My preferred solution by far is number one but it may also be the most difficult to implement.

      1. A user is only allowed to see the name and profile of another user if they are in the same group. (at least one group, not all)

      2. Allow a global administrative option for enabling/disabling user names and profiles.

      3. Allow each user to decide whether their name and/or profile should be viewable.

      I think that this feature would be useful for many people, although I don't want to speak for other customers. Having such a feature would certainly allow the product to penetrate many more areas of my company.

      Atlassian Status - December 2018

      Thank you for your continued feedback on this issue. We do agree that restricting access to user names and profiles could be valuable for users, particularly in an externally-facing Confluence environments.

      The use cases stemming from external collaboration do touch quite a number of features in the product including user profiles, people directory, mentions, shares, comments and search. In order to provide both a functional and watertight solution it is important to consider these various use cases, their impact on various features and the related front end and API implementations.

      This feature request does form part of a larger long term initiative from which we hope to provide a solution for this issue in the future. We will update the status of this issue once we have made further progress.

      Note that you can restrict Confluence so that anonymous users cannot view user profiles (See our documentation).

      Some of you have also shared concerns around data privacy and GDPR. We'd like to assure you that we’re continuing to take these requirements seriously. For more information on our latest GDPR updates to Confluence, see our 6.13 release notes.

      Best,
      Jenny - Confluence Product Manager

        1. image-2017-07-13-14-14-12-205.png
          image-2017-07-13-14-14-12-205.png
          576 kB

          Form Name

            [CONFSERVER-1882] Restricting access to user names and profiles

            Pinned comments

            Kathleen Xu added a comment -
            Atlassian Update - 8 February 2024

            Hi everyone,

            This is Kathleen from the Confluence team. Thank you for your interest in this suggestion.

            After reviewing this ticket and weighing it up against our other opportunities, we have decided to transition it to 'Gathering interest' as we don't have plans to work on this in the near term.

            Please continue to vote and watch this suggestion if it is important to your team, as we regularly review highly ranked tickets as potential roadmap items.

            To learn more about our recent investments in Confluence Data Center, please check our public roadmap and our dashboards containing recently resolved issues, and current work and future plans.

            Kind regards,
            Confluence Data Center

            Kathleen Xu added a comment - Atlassian Update - 8 February 2024 Hi everyone, This is Kathleen from the Confluence team. Thank you for your interest in this suggestion. After reviewing this ticket and weighing it up against our other opportunities, we have decided to transition it to 'Gathering interest' as we don't have plans to work on this in the near term. Please continue to vote and watch this suggestion if it is important to your team, as we regularly review highly ranked tickets as potential roadmap items. To learn more about our recent investments in Confluence Data Center, please check our public roadmap and our dashboards containing recently resolved issues , and current work and future plans . Kind regards, Confluence Data Center

            All comments

            Kathleen Xu added a comment -
            Atlassian Update - 8 February 2024

            Hi everyone,

            This is Kathleen from the Confluence team. Thank you for your interest in this suggestion.

            After reviewing this ticket and weighing it up against our other opportunities, we have decided to transition it to 'Gathering interest' as we don't have plans to work on this in the near term.

            Please continue to vote and watch this suggestion if it is important to your team, as we regularly review highly ranked tickets as potential roadmap items.

            To learn more about our recent investments in Confluence Data Center, please check our public roadmap and our dashboards containing recently resolved issues, and current work and future plans.

            Kind regards,
            Confluence Data Center

            Kathleen Xu added a comment - Atlassian Update - 8 February 2024 Hi everyone, This is Kathleen from the Confluence team. Thank you for your interest in this suggestion. After reviewing this ticket and weighing it up against our other opportunities, we have decided to transition it to 'Gathering interest' as we don't have plans to work on this in the near term. Please continue to vote and watch this suggestion if it is important to your team, as we regularly review highly ranked tickets as potential roadmap items. To learn more about our recent investments in Confluence Data Center, please check our public roadmap and our dashboards containing recently resolved issues , and current work and future plans . Kind regards, Confluence Data Center

            Vijay Krishna Mane added a comment -

            can you please have the profile lock feature as access to admin ?

            Vijay Krishna Mane added a comment - can you please have the profile lock feature as access to admin ?

            sym added a comment -

            Now as they announced the retirement of all On-Premises products, this gets really serious.

            Is an app which does the job like Space Privacy available in Cloud?

            sym added a comment - Now as they announced the retirement of all On-Premises products, this gets really serious. Is an app which does the job like Space Privacy available in Cloud?

            Mike Buchanan added a comment -

            Our organization would very much like to see this worked on as well.  I tried turning on in Global Permissions Anonymous/Use Confluence but not Anonymous/View User Profiles.  I set the site to be entirely locked down (no spaces allowing anonymous access) so an anonymous user would not actually see any pages, but in the Quick Search box, they could still type in a few random letters and if those letters formed part of a user's profile picture file name - that file name is shown (usually with the users full name showing.)  The anonymous user can't actually get to the users profile or picture, but just seeing the name of someone in our organization would be a privacy issue!

            Mike Buchanan added a comment - Our organization would very much like to see this worked on as well.  I tried turning on in Global Permissions Anonymous/Use Confluence but not Anonymous/View User Profiles.  I set the site to be entirely locked down (no spaces allowing anonymous access) so an anonymous user would not actually see any pages, but in the Quick Search box, they could still type in a few random letters and if those letters formed part of a user's profile picture file name - that file name is shown (usually with the users full name showing.)  The anonymous user can't actually get to the users profile or picture, but just seeing the name of someone in our organization would be a privacy issue!

            jkyteN added a comment -

            I cannot believe that a huge organization like Atlassian no longer has the technical ability to filter a lit of users who are not authorized to access the current screen / space / form! This is sad - Atlassian is turning into just another large corporation that can only innovate by acquisition and longer has the technical leadership, or customer service focus agility. The fact that this issue has not been addresses for YEARS also puts into doubt the long term viability of the core technical architecture - too bloated to fix, is it?

            jkyteN added a comment - I cannot believe that a huge organization like Atlassian no longer has the technical ability to filter a lit of users who are not authorized to access the current screen / space / form! This is sad - Atlassian is turning into just another large corporation that can only innovate by acquisition and longer has the technical leadership, or customer service focus agility. The fact that this issue has not been addresses for YEARS also puts into doubt the long term viability of the core technical architecture - too bloated to fix, is it?

            Arnold Späing added a comment -

            @Atlassian @Jenny Millman : What a sad progress!

            Arnold Späing added a comment - @Atlassian @Jenny Millman : What a sad progress!

            Brian Catanzaro added a comment -

            Thanks.  There seem to be several solutions for Server.  However, to be outward facing that would require me to set up VPN / external access to the Server.   Not an option for this configuration.

            Brian Catanzaro added a comment - Thanks.  There seem to be several solutions for Server.  However, to be outward facing that would require me to set up VPN / external access to the Server.   Not an option for this configuration.

            Sarah Schmitt-Bär (Seibert Group) added a comment -

            You could also use apps like Terms of use to ensure that some parts of the GDPR are covered, especially in a combination with Space Privacy. Unfortunately both of them are only available for Confluence Server. 

             

            Sarah Schmitt-Bär (Seibert Group) added a comment - You could also use apps like Terms of use to ensure that some parts of the GDPR are covered, especially in a combination with Space Privacy. Unfortunately both of them are only available for Confluence Server.   

            Brian Catanzaro added a comment -

            I'm not quite sure I understand the privacy issue and am hoping you can explain it to me. I'm in the U.S. and I'd like to have externally facing Confluence Cloud access for my customers. At this point, if I open a Confluence site to Customer B, then they can contact Customer B using a variety of features. I think you're implying that:

            1. Space Privacy may address this issue
            2. Even with Space Privacy, there may be a violation of GDPR.

            Can you comment?

            Brian Catanzaro added a comment - I'm not quite sure I understand the privacy issue and am hoping you can explain it to me. I'm in the U.S. and I'd like to have externally facing Confluence Cloud access for my customers. At this point, if I open a Confluence site to Customer B, then they can contact Customer B using a variety of features. I think you're implying that: 1. Space Privacy may address this issue 2. Even with Space Privacy, there may be a violation of GDPR. Can you comment?

            Ryan Carpenter added a comment -

            The Space Privacy plugin looks like a good solution for Confluence Server (not Cloud). I have been using Confluence Cloud and Like @Richard Harris, I have considering cancelling Confluence for want of better privacy control. Now, I intend to switch to Server and give Space Privacy a try.

            Ryan Carpenter added a comment - The Space Privacy plugin looks like a good solution for Confluence Server (not Cloud). I have been using Confluence Cloud and Like @Richard Harris, I have considering cancelling Confluence for want of better privacy control. Now, I intend to switch to Server and give Space Privacy a try.

              Unassigned Unassigned
              8361dc2368cb Jeff Kunkle
              Votes:
              517 Vote for this issue
              Watchers:
              334 Start watching this issue

                Created:
                Updated: