Roles and permissions

Anonymous

Anyone who is not logged in to Confluence.

User

Must be logged in to Confluence.

Comala add-on user

Comala app user used for workflow

Space administrator

Responsible for

• Setting space permissions for content access, editing, and deletion

• Selecting which space workflows are in the space and whether they are active

• Space-level app configuration, including workflow notifications.

Global administrator

Responsible for:

• global workflows in the instance, and which workflows are active so they can be added to a space as a space workflow, and are available to add as a page workflow

• app global configuration, including workflow notifications

The global administrator can set

• which spaces can use page workflows and space workflows

• type of e-signature credentials required for reviewer authentication. The can also manage the expiry for existing user authentication app token or remove user authentication

System administrator

Responsible for

• Installation, updating, or changing the Comala Document Management app in your instance

View content

Users who can view the content

This requires all of the following Confluence permissions:

• "Can use" – Global permission

• "View" – Space permission

• "View" – Page (or blog post) permission, or no page-level restrictions

Users who only have this permission are sometimes referred to as "Viewers", "View-only users", or "Read-only users".

Edit content

Users who can edit the content (including Admins)

This requires all of the following Confluence permissions:

• The permissions listed for "View" above

• "Add" – Space permission

• "Edit" – Page (or blog post) permission, or no page-level restrictions

Workflow admin

Users who can administer the workflow at the content level.

This requires any of the following Confluence permissions:

• System administrator

• Global administrator

• Space administrator

You can define additional Workflow Admin users, even if they don't have any of the three permissions listed above, by adding users to the adminusers property of the workflow macro. This grants the listed users the Workflow Admin permission for that particular workflow, and all the content it is applied to.

Viewer

Consumer of content

• Must have View content permission

Author

Responsible for producing (creating, editing) content

• Must have Edit content permission

Assignee

A user who is

• assigned as a reviewer to an approval, or

• assigned to a workflow task

Assignment is optional by default, but can be required or prevented in the workflow or app configuration.

See:

• Who can be assigned, or assign users to an approvalPreview

• approval macroPreview

• task macroPreview

Reviewer

Responsible for reviewing content.

See:

• ApprovalsPreview

• Content reviewsPreview

Must have Edit content permission

Reviewers can optionally be required to authenticate their identity prior to making a review.

See:

• Reviewer authenticationPreview

Approver or rejector

A Reviewer who has either approved or rejected content during a content review.

These can be used in some of the compatible third-party apps. The values can be accessed using the Workflow supplier or as a value reference.

In some elements of the user interface and macros, the term Approver is used to refer to a Reviewer or Assignee.

Producer

Collective term for Authors, Assignees, and Reviewers.

Namely, all users who have Edit content permission.

Workflow Admin

Can force workflows into a specific state on a page-by-page basis.

See:

• Administrator state overridePreview

Can remove stickylabels

See:

• workflow macroPreview

Must have Workflow Admin permission

When applying workflows at the space-level, Confluence administrators and space administrators can use the Initialize feature to bulk transition all documents for a given workflow into a given state.

Workflow Activity and Drafts Visibility

Can users who only have View content permission (but not Confluence edit or admin permission) view documents in a draft workflow state when the workflow includes a final state?

• Configuration - GlobalPreview

• Configuration - space toolsPreview

• Default setting: View-only users can only view the last approved version created on transition to the workflow final state (if present)

• Option: Visibility set to let view-only users view content in a workflow draft state

See:

• Same-space publishingPreview

• Activity Report - ContentPreview

Tasks mode

Can users other than the task creator and assignee complete or assign tasks?

• Configuration - GlobalPreview

• Configuration - space toolsPreview

• Default setting: Lenient. Any user with view and edit permission can complete a task

• Option: Strict. If user is assigned, only the assignee can complete the task

Space workflows

Which spaces in the instance can use and apply space workflows?

• Configuration - GlobalPreview

• Default setting: Any

Space workflows can be restricted to added space keys.

Page workflows

Which spaces in the instance can use and apply page workflows?

• Configuration - GlobalPreview

• Default setting: Any

Page workflows can be restricted to added space keys.

Workflow Importer Group

Which Confluence administrators and space administrators can import workflows from the Workflows Exchange repository?

• Configuration - GlobalPreview

See:

• Import - GlobalPreview

• Import - space toolsPreview

Email any address

Can email addresses that are not associated with a Confluence instance be used in the send-email macro in a workflow trigger custom email notification?

• Configuration - GlobalPreview

Default view

When using same-space publishing, should users with Edit content permission see the draft or the last published (final state) version of content by default?

• Configuration - space toolsPreview