Confluence Splice
Overview
The Confluence Splice integrates with the IDHub Connector Application to allow the user to add/modify/revoke different resources in Confluence. IDHub Account resource is mapped to Confluence User Account which has a list of entitlements associated with the account. IDHUB Entitlement resource contains the list of Group and Space in Confluence.
The mapping between IDHUB and Confluence is shown in the table below along with operation for each resources.
IDHUB | Confluence | Operation |
|---|---|---|
Account | User | List Create Modify Delete Assign Entitlement (PATCH) Revoke Entitlement (PATCH) |
Entitlements | Group | List Create Modify (NOT in current scope) Delete |
Space | List Create (NOT in current scope) Modify (NOT in current scope) Delete (NOT in current scope) |
An Admin account needs to be setup in Confluence. A directory needs to be created and that directoryId can be used to call the different provisioning APIs for different Confluence resources.
Note : For different operations on Confluence resources, the Confluence Cloud REST APIs along with the User Provisioning APIs have been used.
Configuration
The configuration of the different resources are explained in their respective sections :
Service Provider Configuration
To fetch Service Provider Configuration schema from SCIM service provider, call https://api.atlassian.com/scim/directory/{directoryId}/ServiceProviderConfig API with Authorization and Accept request header. The response of the API is as follows
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig"
],
"patch": {
"supported": true
},
"bulk": {
"maxPayloadSize": 0,
"maxOperations": 0,
"supported": false
},
"filter": {
"maxResults": 10000,
"supported": true
},
"changePassword": {
"supported": false
},
"sort": {
"supported": false
},
"etag": {
"supported": false
},
"authenticationSchemes": [
{
"name": "OAuth Bearer Token",
"description": "Authentication scheme using the OAuth Bearer Token Standard",
"type": "oauthbearertoken"
}
],
"meta": {
"created": "2018-05-03T19:31:29.723Z",
"location": "https://api.atlassian.com/scim/directory/{directoryId}/ServiceProviderConfig",
"lastModified": "2018-05-03T19:31:29.723Z",
"resourceType": "ServiceProviderConfig"
}
}Reference Documents
Confluence Server is used for on-premise application while Confluence Cloud is used for cloud application of Confluence.
The set of REST APIs for Confluence Cloud is available in https://developer.atlassian.com/cloud/confluence/rest/intro/
The set of REST APIs for Confluence Server is available in https://developer.atlassian.com/server/confluence/confluence-server-rest-api/
The set of REST APIs for provisioning in Confluence is available in https://developer.atlassian.com/cloud/admin/user-provisioning/rest/intro/
The latest Javadoc for Confluence server REST APIs is https://docs.atlassian.com/ConfluenceServer/rest/7.12.1/
Security details for apps built using Connect is available in https://developer.atlassian.com/cloud/confluence/security-for-connect-apps/
Details for authentication using OAuth is available in https://developer.atlassian.com/cloud/jira/platform/oauth-2-3lo-apps/
Details for Space permissions are available in https://confluence.atlassian.com/doc/space-permissions-overview-139521.html