API Tokens for Confluence
Keep user's password in secret and use API Tokens for integrations
Manage API Tokens for integrations
Create and revoke tokens, use them instead of a personal password to keep it more secure
Improve the security of Confluence integrations
Auto-expiring 35 chars of token generated by robust algorithms much better than user' password
Keep user's password in secret
Any automation or integration that use Confluence REST API would work with a token which can be withdrawn at any time
Must have plugin for those who care for security!
API Tokens for Confluence are a secure way to use scripts and integrate any external applications with Confluence Server.
- More secure than password usage
- Simpler than OAuth
- Compatible with Single sign-on (SSO)
- Indifferent to non-ASCII characters and umlauts in user's passwords
In addition to basic auth over REST API, you can use API Tokens, by setting the token as a header value, instead of providing password.
If an external system is compromised, you simply revoke the token instead of changing the password and consequently changing it in all scripts and integrations.
Start watching the add-on to not miss Data Center or new feature releases!
Also available API Tokens for Jira
Privacy and security
Restrict basic authentication only to API Tokens, so nobody will use personal passwords on their automations