What are user classes?
This article describes Confluence’s new role-based access control beta feature.
When roles are enabled in your Confluence instance, you can find them by going to Confluence settings > Security > Space permissions > Manage roles or to the Users page in Space settings.
If you don’t see those in your experience, your instance hasn’t been enabled for roles yet.
There are two main user classes to know — All Confluence users and All Confluence admins — and they represent all of the respective types of users who have access to Confluence.
The All Confluence users class represents all users who have access to Confluence.
The All Confluence admins class represents all users who have access to Confluence with Confluence admin privileges.
You can assign a space role to these classes, and it will apply to all users in that class, regardless of how your organization has organized user groups.
User classes vs default access groups
An example of a default access group is the confluence-users group that Confluence has in place when a site is first created. This is the group that all new Confluence users get added to when they’re given access to the site in Atlassian Administration.
This group can vary from site to site (you or your organization may have changed the name of it since creating the site), or your organization might not even make use of a default access group.
Because of this variability, it can be difficult to know (especially for a space admin) which group represents everyone in Confluence.
User classes take the guesswork out of it. Consistently across all Confluence sites, there will be a class representing All Confluence users and one representing All Confluence admins.
Set general access with a user class
Because user classes represent the general population in Confluence, you can use them to easily control general access to your content.
Assign a role to a user class, and broadly, anyone who falls in that category of user will minimally have that role’s level of permissions.
Permissions are additive in Confluence
They’re additive in the sense that if users have multiple sources of access, the permissions add together. This means that if you give All Confluence users the Collaborator role and list specific users or user groups with the Viewer role, no one will be limited to Viewer permissions because they also have all the permissions included with Collaborator.
To add a user class to space access:
In the space’s Space settings, select Users.
Select Add people.
Search for All Confluence users and/or All Confluence admins.
Select a role.
Select Add.
Select Save.
Set the default general access for all new spaces
As a Confluence admin, you can set the default access level for user groups in all new spaces created on your site. So too can you set the default access for user classes in all newly created spaces.
If you don’t see the user class you want in the table, you can add it in the Add people flow.
Learn more about setting default access
Anonymous users class
There is a third user class, Anonymous users, that represents non logged in users (which usually means anyone on the internet).
When anonymous access is first enabled in a space, the Anonymous users user class will be added to the Users table with “View only” access. This is a special role that restricts anonymous users from doing everything but viewing the content. You can increase their access to the Viewer or Collaborator roles from there.
Removing Anonymous users from the table or toggling off anonymous access in the anonymous access tab will block anonymous users from accessing the space.
Learn more about anonymous access
Was this helpful?