Skip to main content
Skip table of contents

How to view and bulk update add/delete restrictions?

By mid-October 2023, an improved version of Security & Encryption for Confluence Cloud will be released. Users will enjoy enhanced security


To understand how an administrator can check for secret owners without add/delete restrictions and grant them access.


Step 1: Downloading the list of affected secret owners

  1. Click Secret Administration and select Owner Restrictions. A list of secret owners without add/delete page restrictions is shown.

  2. Click Generate user CSV list to download the list of secret owners.

Step 2: Using the script to bulk update add/delete restrictions


Use the script below to add users and groups from the CSV file downloaded in Step 1.

import csv
import requests
import json
import base64
# Replace with your Confluence Cloud domain, email, API token, and CSV file
CONFLUENCE_DOMAIN = '<instance-name>'
BASIC_AUTH_TOKEN = base64.b64encode(AUTH_STRING.encode("ascii")).decode("ascii")
headers = {
    'Accept': 'application/json',
    'Content-Type': 'application/json',
    'Authorization': f'Basic {BASIC_AUTH_TOKEN}'
def update_space_permissions(permission, owner_type, owner_id, space_key, retries = 0):
    if retries >= MAX_RETRY:
        print(f'Reached maximum recursion depth. Exiting recursive calls.')
    url = f'https://{CONFLUENCE_DOMAIN}/wiki/rest/api/space/{space_key}/permission'
    data = {
        'operation': {
            'key': permission,
            'target': 'space'
        'subject': {
            'type': owner_type,
            'identifier': owner_id
    response =, headers=headers, json=data)
    if response.status_code == 200:
        print(f'Updated permissions for {owner_id}: {permission} in space {space_key}')
        print(f'Failed to update permissions for {owner_id}: {permission} in space {space_key}. Error: {response.text}')
        if 'read space' in response.text:
            update_space_permissions('read', owner_type, owner_id, space_key, retries + 1)
            update_space_permissions(permission, owner_type, owner_id, space_key, retries + 1)
def main():
    with open(CSV_FILE, newline='') as csvfile:
        reader = csv.DictReader(csvfile)
        for row in reader:
            owner = row['Owner']
            owner_type = row['Type'].lower()
            owner_id = row['OwnerId']
            space_key = row['SpaceKey']
            update_space_permissions('restrict_content', owner_type, owner_id, space_key)
if __name__ == '__main__':

Step 3: Configuring the script

  1. Replace <instance-name> with your Confluence domain.

  2. Replace <EMAIL_ADDRESS> with the email associated with your Confluence domain.

  3. Obtain an API token by following these steps:

    • In Confluence, click on your account icon > Manage Account.

    • From the top menu, select Security > Create and manage API tokens.

    • Generate a new API token by clicking Create API token. In the script, replace <API_TOKEN> with the generated token.

  4. Replace <CSV_FILE> with the name of the CSV file you want to use. The CSV file is located in the same directory as this script. Example: permissions.csv

Step 4: Running the script

To update permissions for users and groups, follow these steps:

  1. Open a terminal or command prompt.

  2. Navigate to the directory where the script is located.

  3. Run the command python
    The script will start updating the permissions based on the CSV file that was downloaded from the Owner Restrictions tab.


Review the script and CSV file before running the script to verify the permissions being modified.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.