Versions Compared

Old Version 4

changes.mady.by.user Mari Fuglem

Saved on

compared with

New Version Current

changes.mady.by.user Mari Fuglem

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Users can by default authenticate using an HTTP Basic Auth header with the rest API using their password.

Prevent HTTP Basic Authentication

To avoid use of password in REST integrations, prevent Basic AuthenticatiionAuthentication. When prevented, it is no longer possible to authenticate to the Confluence REST API with password in Basic Auth.

...

Allow Basic Auth for users in specific user directories or groups

You can allow Basic Auth passwords for users in specific directories or groups. Any user either matching a configured group or directory will be allowed to use Basic Authentication.

...

Allow or deny Basic Auth for specific IP addresses

Allow In addition you can allow or deny Basic Auth API requests for users with specific IP addresses or subnets. Open and Strict mode enables you to control in detail which IP addresses can use password in Basic Auth REST API requests.

...