Begin Scanning a Confluence App (Beta)

Add your Confluence app to SaaS Security API to begin scanning and monitoring assets for possible security risks.
To connect a Confluence app to SaaS Security API and begin scanning assets, you need to:
  • Retrieve the SaaS Security API public key required to create the application links.
  • Configure the application links required for authentication and communication between SaaS Security API and your Confluence account.
  • Add the Confluence app to SaaS Security API.
For information on which automated remediation capabilities SaaS Security API supports with Confluence, refer to Supported Content, Remediation and Monitoring.

Prepare To Add Confluence App

Before you begin, verify that you have the correct permissions and follow any recommendations to ensure an efficient and successful onboarding. By default, the
group or
group on Confluence provides the necessary permissions to onboard the Confluence app.
  1. (
    ) Add your Confluence domain as an internal domain.
  2. Verify that your Confluence account has Administrator permissions.

Retrieve SaaS Security API Public Key

Before you can create application links to connect your Confluence account to SaaS Security API, you must retrieve the public key from SaaS Security API for the Confluence app. You will enter this public key in the Confluence web interface when you configure the application links.
  1. Log in to SaaS Security.
  2. Select
    Add a Cloud App
    Click here to prepare your Confluence Account
    , then record the
    Public Key

Configure the Application Links

Before you can add the Confluence app, you must prepare your Confluence account to connect to SaaS Security API. As you do so, take note of the following values, as they are required to add Confluence app on SaaS Security API:
Confluence URL
URL you use to log in to your Confluence cloud account. For example,
Application URL
) to which you will map the Confluence URL.
Consumer Key
Key you assign in Confluence and that’s used by SaaS Security API to authenticate and make secure API calls to Confluence.
Consumer Name
Descriptive name you assign in Confluence for the Consumer Key.
Public Key
SaaS Security API public key for Confluence app. Public key displays in the SaaS Security API web interface as outlined in Retrieve SaaS Security API Public Key.
  1. Log in to your Confluence cloud account with Administrator permissions (for example,
  2. Select
    Manage apps
    Application Links
  3. In
    Configure Application Links
    , enter Application URL
    , and then
    Create new Link
  4. Select
    Use this URL
    , then
  5. Enter
    SaaS Security API
    Application Name
    , select
    Application Type
    , select
    Create incoming Link
    to link Confluence URL to the SaaS Security API Application URL, then
  6. Enter any value for
    Consumer Key
    Consumer Name
    , and
    Public Key
    to enable SaaS Security API to authenticate and make secure API calls to Confluence.
    Take note of the
    Consumer Key
    you assign because you will need this value when you add the Confluence app to SaaS Security API.
    • Both Consumer Key and Consumer Name must be unique. Valid values (characters and length) are defined by Atlassian, not SaaS Security API. The Confluence web interface informs you if your values do not comply with Atlassian’s convention.
    • Public Key is the key you recorded in Retrieve SaaS Security API Public Key.
  7. Edit
    Application Link
    to set the
    option to
    your setting changes.
  8. Next Step
    : Proceed to Add Confluence App.

Add Confluence App

Before you add the Confluence app, you must Configure the Application Links.
  1. Log in to your Confluence cloud account (for example,
    ) with Administrator privileges.
  2. From the
    , select
    Add a Cloud App
  3. Select
  4. Connect to Confluence Account
  5. In
    Confluence Custom Configuration
    enter the
    Confluence URL
    —the URL that you use to log in to your Confluence cloud account—and the
    Consumer Key
    that you recorded in Configure the Application Links.
  6. Click
  7. Allow
    SaaS Security API access to your Confluence account.
    SaaS Security API adds the new Confluence app to the Cloud Apps list as
     n, where n is the number of Confluence app instances that you connected to SaaS Security API. For example, if you added one Confluence app, the name displays as
    Confluence 1
    . You’ll specify a descriptive name soon.
    Congratulations—you’ve completed the onboarding process!
  8. Next Step
    : Proceed to Identify Risks and begin scanning your assets.

Identify Risks

When you add a new cloud app and enable scanning, SaaS Security API automatically scans the cloud app against the default data patterns and displays the match occurrences. You can take action now to improve your scan results and identify risks.
  1. Start scanning the new Confluence app for risks.
  2. During the discovery phase, SaaS Security API scans files and matches them against enabled default policy rules.
    Verify that your default policy rules are effective. If the results don’t capture all risks or you see false positives, proceed to the next step.
  3. (
    ) Add new policy rules.
    Consider the business use of your app, then identify risks unique to your enterprise. As necessary, add new:
  4. (
    ) Configure or edit a data pattern.
    You can Configure Data Patterns to identify specific strings of text, characters, words, or patterns to make it possible to find all instances of text that match a data pattern you specify.
  5. Next Step
    : Proceed to Customize Confluence App and Fix Confluence Onboarding Issues, if necessary.

Customize Confluence App

If you plan to manage more than one instance of Confluence app, consider differentiating your instances.
  1. (
    ) Give a descriptive name to this app instance.
    1. Select the Confluence n link on the Cloud Apps list.
    2. Enter a descriptive
    3. Click
      to save your changes.
  2. Next Step
    : Proceed to Fix Confluence Onboarding Issues.

Fix Confluence Onboarding Issues

The most common issues related to onboarding the Confluence app are as follows:
During the course of creating application links, the Confluence web interface displays errors, requesting required Service provider, Shared secret, Request Token URL, and Access Token URL.
These errors are not required for onboarding. These errors occur when you forget to select the
Create income link
Delete the application links you created and recreate them with the
Create income link

Recommended For You