App security

Owned by Lasse Langhorn (Unlicensed)
Last updated: Oct 03, 2019

Confluence User Export is made for Confluence users with administrator or system administrator global permissions.

User interface security

The Confluence User Export menu item is placed before the Users menu item in the Confluence administration. This menu item is NOT protected by Confluence secure administrator session also known as WebSudo. You can read more about secure administrator sessions in Confluence here.

A Confluence user with wrong global permissions will be redirected to Confluence base URL when trying to access the Confluence User Export action URL.

REST API security

REST API endpoints are secured for Confluence users with administrator or system administrator global permissions as well. You will get a HTTP 401 unauthorized if you access these endpoints with bad credentials or wrong global permissions.

Servlet security

Servlets have the same security setup as REST API endpoints.