/
How are SharePoint user permissions applied in Confluence Server/DC?

How are SharePoint user permissions applied in Confluence Server/DC?

Owned by Dorrit Riemenschneider-Denecke
Last updated: Jan 08, 2025 by Lorenzo Manfredini
3 min read

As a rule of thumb, only users who have direct access to information in SharePoint will have access to it when the information is embedded in Confluence.

Technical Details

For authorization within the app, the user directories of SharePoint and Confluence (for example Active Directory, LDAP) are not directly used. That means user names, user SID, etc. don’t matter. Instead, authorization takes place via so-called access tokens which are stored in the browser session.

For authentication against SharePoint the SharePoint user directory is used. Following the (simplified) process of authentication and authorization is described:

  1. When the user logs in to SharePoint a user token is created for this user.

  2. The user token (together with some additional required information) is then used to request an access token from SharePoint. Thus the access token is issued for this specific user.

  3. The access token is then used for every request of data from the Confluence macro to SharePoint. That means that the response contains only SharePoint data that the logged-in user is allowed to access.

How Users Permissions affect Confluence Macros

The user has to be logged in to both systems (Confluence and SharePoint) in one browser window while using the app.

The user is not logged in to SharePoint

If a user is logged in to Confluence but not to SharePoint he won’t see any SharePoint content. Instead a message like the following will be displayed:

Image 1: User not logged in to SharePoint cannot see any SharePoint content

The user is logged in to Confluence and SharePoint

If a user is logged in to both Confluence and SharePoint, then the SharePoint List macro or SharePoint Document macro in Confluence will only display lists and documents the logged-in SharePoint user is permitted to see in SharePoint itself.

Especially for a document library where the logged-in SharePoint user has only access to some (but not all) file folders: In this case the SharePoint List macro will also only display these files respectively folders.

The user is logged in without permission

If a SharePoint List macro is configured to show a list that the logged-in SharePoint user isn’t allowed to see, the following hint will be displayed:

Image 2: Logged-in SharePoint User can only see authorized SharePoint lists

Likewise for the SharePoint Document macro:

Image 3: Logged in SharePoint User can only see authorized SharePoint documents

Related Articles

How are Confluence user permissions applied in SharePoint?

High Level Architecture

Related pages

How are Confluence user permissions applied in SharePoint?
How are Confluence user permissions applied in SharePoint?
Communardo Knowledge Base
Read with this
SharePoint Connector for Confluence
SharePoint Connector for Confluence
Communardo Knowledge Base
Read with this
How to enable 3rd Party Cookies
How to enable 3rd Party Cookies
Communardo Knowledge Base
Read with this
Recurring login prompts for SharePoint document macro
Recurring login prompts for SharePoint document macro
Communardo Knowledge Base
Read with this
Error rendering SharePoint List macro
Error rendering SharePoint List macro
Communardo Knowledge Base
Read with this
What if a user doesn't have access to the SharePoint List configured for a Confluence Macro?
What if a user doesn't have access to the SharePoint List configured for a Confluence Macro?
Communardo Knowledge Base
Read with this