Be able to restrict anonymous REST API connection when Confluence has Anonymous Access

XMLWordPrintable

    • 2
    • 5

      Facts
      1. The "Anonymous Access to Remote API" checkbox button is for SOAP/XML-RPC and not for REST API
      2. There is no equivalent control of REST API in Confluence
      Expectation

      Be able to restrict anonymous Remote API access to confluence even though Confluence has "Anonymous Access" enabled on UI side

      Sample use case:

      If users would like to have spaces with anonymous access via theUI, but we want to keep the API restricted.
      For example, if users has a reverse proxy in front of their Confluence installation which implements certain security checks, and they do not want people to be able to access content without having first passed through this layer. The security checks rely on a browser, so they cannot easily pass requests to the REST API through it.

        1. screenshot-1.png
          40 kB
          Monique Khairuliana

            Assignee:
            Unassigned
            Reporter:
            Monique Khairuliana (Inactive)
            Votes:
            9 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated: