How to set up permissions and restrictions for Confluence
In Confluence, the level of permissions granted to a user determines whether the user is limited to read-only access or is able to add content, edit content, delete content, or comment on content.
Confluence has 3 levels of permissions:
Confluence also offers "anonymous access" which means the site visitor does not log in and thus does not need to be licensed which most frequently is associated with 'read-only' access. The great news is, in Confluence it is up to you the level of permissions you set up for these users we call "anonymous" (docs will also refer to as "public" access). For example, you can grant your anonymous users to read-only permissions or you can choose to assign additional permission to them including commenting on, editing, or deleting content. With anonymous users, however, you lose the ability to see who commented or edited something since the user is anonymous (without login) and thus not recognizable in the system from another anonymous user on the site.
Note: Public access is available at both, full site or just at space level.
Cloud Only - Plans With IP Allowlisting
Allowing anonymous access on cloud exposes your content to all internet users. It is, however, possible to further restrict this through IP Allowlisting rules configured for your cloud site. This makes it possible to expose content only to users on a private network or VPN.
Server/Data Center Only:
One way to take advantage of public access (no licensing cost) but at the same time not expose your content completely to everyone on the internet is to use Confluence Server version of our software (self-hosted) and install it behind a firewall. This way external users would have to authenticate first to gain access to your network and only then they can access your Confluence content (publicly and without a license).