API Token Authentication Confluence -Increased user security

for Confluence Server 7.1.1 - 8.1.3, Confluence Data Center 7.1.1 - 8.1.3 and more
176 installs
  • Supported

As we continue to move towards a cloud future together, new server app sales and installs are no longer available for customers. You can update app version via Atlassian Marketplace until the end of support for server on Feb 15, 2024. Learn more

Increase security for Confluence REST API data connections from external services with API Tokens instead of username & password

YouTube's thumbnail image for the video.

Make your SSO environments better with API tokens

In SAML SSO environments, users often have no local passwords anymore. This makes connecting external scripts, services and apps difficult. With API tokens (Personal Access Token) users can now access 3rd party apps.

Permissions Model & Token Scoping

Group Based Permissions for tokens:



-Create on-behalf-of


Scoping applicable to individual tokens:

-Read & Write edits issues & tickets

-Read-only creates reports, dashboards, notifications & more

Practical Token Management

The token manager allows you to:



-Create on behalf of

-Audit Logging

Free PoC & configuration support - schedule a session

More details

API Token Auth brings the Personal Access Token functionality to Confluence. It allows API tokens as a very secure way of integrating your Confluence w/ custom scripts & 3rd-party apps (i.e. Zapier, MS Flow, automate.io etc.). It also gives admins precise control over the API usage & solves the issue in SSO environments where users can’t use the API due to a lack of passwords.


  • Create Tokens per user & services
  • Revoke API Tokens anytime
  • Token Manager to filter/create tokens for all users
  • Permissions for who (users or groups) may create tokens & what scope (read or read & write).
  • Audit Logging
  • Restrict REST API requests by IP address & range
  • Disallow built-in basic authentication w/ username & pw for REST API connections
  • Works in all SSO environments
  • Compatible with our user mgmt apps: SAML Single Sign-On, User Directory Sync, User Deactivator

We provide:

  • Business-class support & proven scalability for small & large enterprises
  • Trusted by healthcare, government & finance firms

Privacy and security

Privacy policy

Atlassian's privacy policy is not applicable to the use of this app. Please refer to the privacy policy provided by this app's partner.

Partner privacy policy


This app is part of the Marketplace Bug Bounty Program. Learn more



As a user, you can simply create an REST API Token & give it a recognizable name that describes the purpose of this Token.