# Confluence Server **Early Access**: This integration is provided as an Open Authorization API (OAA) connector package. Contact our support team for more information. ## Veza Confluence Server Connector Veza Connector for Confluence Server that discovers Users, groups access to Confluence and Spaces. The Confluence Server connector works by connecting directly the database instance to query information. Direct database access is required to discover Space permissions which are not available via the Confluence Server API. #### Proprties | Entity | Property | Description | | ------ | ----------------------- | ------------------------------------------------------ | | User | `user_name` | Confluence user name | | User | `email` | User's email | | User | `is_active` | True if user is active | | User | `created_at` | Date the user account was created | | User | `last_login_at` | Date for user last login if present | | Group | `is_active` | True if Group is active | | Space | `space_type` | Confluence Space type (global, personal) | | Space | `status` | Space status, e.g. current, archived | | Space | `anonymous_access` | True if any space permission includes anonymous access | | Space | `anonymous_permissions` | List of any anonymous Space permissions | > Note: Connector currently only discovers Global spaces ### Confluence Setup The Connector requires access to the database used by Confluence. Exact setup instructions will depend on database technology and existing configuration. > It is not recommend to use the same database user as Confluence configuration. Create a user for Veza discovery with limited permission below. 1. Create a user authenticated by a password and grant access to perform `SELECT` operation on the following tables in the Confluence database: 1. `cwd_user` 2. `user_mapping` 3. `cwd_group` 4. `cwd_membership` 5. `cwd_user_attribute` 6. `SPACES` 7. `SPACEPERMISSIONS` For example with database name `confluence_db` and user `veza`: ```sql CREATE USER 'veza' IDENTIFIED BY 'replace_with_secure_password'; GRANT SELECT ON confluence_db.`cwd_user` to 'veza'; GRANT SELECT ON confluence_db.`user_mapping` to 'veza'; GRANT SELECT ON confluence_db.`cwd_group` to 'veza'; GRANT SELECT ON confluence_db.`cwd_membership` to 'veza'; GRANT SELECT ON confluence_db.`cwd_user_attribute` to 'veza'; GRANT SELECT ON confluence_db.`SPACES` to 'veza'; GRANT SELECT ON confluence_db.`SPACEPERMISSIONS` to 'veza'; ``` 2. User must be able to connect to the database over the network. ### Veza Setup 1. Generate an API token for your Veza user. For detailed instructions consult the Veza User Guide. ### Running the Connector There are multiple options to run the connector. Instructions are included for running from the command line and building a Docker container. #### Command Line 1. Install the requirements with Python 3.8+: ```shell pip3 install -r requirements.txt ``` Install the specific database platform requirements: * MySQL ```shell pip3 install -r requirements-mysql.txt ``` * PostgreSQL ```shell pip3 install -r requirements-postgresql.txt ``` 2. Export the required environmental variables. Variables not set can be passed via arguments at run time. All parameters can be passed using environment variables if desired. See table below for variable names and descriptions. ```shell export VEZA_API_KEY="Zdkemfds..." export CONFLUENCE_DB_PASSWORD="abc123" ``` 3. Run the connector: ```shell ./veza_confluence_server.py --mysql --db-host db1.example.com\ --db-name confluence_db\ --db-user veza\ --veza-url https://example.vezatrial.ai ``` ### Application Parameters / Environmental Variables | Parameter | Environmental Variable | Required | Notes | | ------------- | ------------------------ | -------- | -------------------------------------------------------------------------------- | | `--mysql` | N/A | false | Use MySQL driver to for database connection | | `--pgsql` | N/A | false | Use PostgreSQL driver to for database connection | | N/A | `CONFLUENCE_DB_TYPE` | false | Pass the driver name if not using CLI parameters. Values: `mysql`, `pgsql` | | `--db-host` | `CONFLUENCE_DB_HOST` | true | Hostname for database server | | `--db-name` | `CONFLUENCE_DB_NAME` | true | Database name for Confluence database | | `--db-user` | `CONFLUENCE_DB_USER` | true | Database user for discovery | | N/A | `CONFLUENCE_DB_PASSWORD` | true | Database user password | | N/A | `VEZA_API_KEY` | true | The API token which which to connect to the Veza instance | | `--veza_url` | `VEZA_URL` | true | The url of the Veza instance to which the metadata will be uploaded | | `--save_json` | N/A | false | Save a copy of the metadata JSON uploaded to the Veza instance to this directory | | `--debug` | N/A | false | Enable verbose debug logging | --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.veza.com/4yItIzMvkpAvMVFAamTf/integrations/integrations/confluence-server.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.