> ## Documentation Index
> Fetch the complete documentation index at: https://docs.neoagent.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Confluence API

> Read pages, spaces, attachments, and search Atlassian Confluence (Cloud) during ticket resolution

The Confluence API tool gives Neo agents direct, read-only access to the Atlassian Confluence Cloud REST API — list spaces, fetch page content, browse attachments, and search across documentation with CQL.

<Info>
  Automatically enabled when you configure Confluence permissions in your agent workflow. No manual toggle needed. See the [Confluence integration page](/integrations/documentation/confluence) for connection setup.
</Info>

## What It Does

* List spaces (global, knowledge bases, personal)
* Fetch full page content in storage XHTML or Atlassian Document Format (ADF)
* Browse attachments on pages and blogposts
* Look up users (resolve `@mentions` and author IDs to display names)
* Run CQL (Confluence Query Language) searches across all content the agent can see

<Tip>
  **Read-only today.** The agent cannot create, update, or delete Confluence content. Writes would require expanding the OAuth scopes on the customer's Atlassian app — a separate change.
</Tip>

## Permission Groups

| Permission Group | What It Covers                                                                     | Atlassian Scope                   |
| ---------------- | ---------------------------------------------------------------------------------- | --------------------------------- |
| **Pages**        | Confluence pages and blogposts — body content, version history, parent/child links | `read:page:confluence`            |
| **Spaces**       | Space metadata and listing                                                         | `read:space:confluence`           |
| **Search**       | CQL search across pages, blogposts, attachments, and spaces                        | `read:content-details:confluence` |
| **Attachments**  | Files attached to pages and blogposts (metadata + download URLs)                   | `read:attachment:confluence`      |
| **Users**        | User profiles referenced by content authors and mentions                           | `read:user:confluence`            |

Each group has an access level: **Disabled** or **Read Only**.

## Access Profiles

<AccordionGroup>
  <Accordion title="Read Only">
    All five groups Read Only. The agent can browse anything the connecting OAuth user has Confluence permission to see.
  </Accordion>

  <Accordion title="Search Only">
    Only the Search group enabled (Read Only). Use this when you want the agent to surface relevant Confluence content via CQL but not load full page bodies directly.
  </Accordion>
</AccordionGroup>

## Safety Controls

| Control                    | Behavior                                                                                                                                                                |
| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **Read-only enforcement**  | POST, PUT, and DELETE requests are rejected at the tool layer — the OAuth app doesn't grant write scopes                                                                |
| **Per-tenant rate limits** | Each MSP's Atlassian OAuth app gets its own 65k points/hour bucket — heavy reads on one tenant don't affect others                                                      |
| **Response size guard**    | Responses larger than 500 KB are rejected with a hint to narrow the query (smaller `limit`, tighter CQL filter, or `body-format=storage` instead of `atlas_doc_format`) |

## How to Configure

<Steps>
  <Step title="Register an Atlassian OAuth app">
    Each MSP creates their own OAuth 2.0 integration at [developer.atlassian.com](https://developer.atlassian.com/console/myapps/). On the **Granular scopes** tab (not Classic), grant the five `read:*:confluence` scopes, `write:page:confluence`, `write:attachment:confluence`, `write:space:confluence`, `write:comment:confluence`, `write:label:confluence`, plus `offline_access`. Add `https://dashboard.neoagent.io/oauth/confluence/callback` as the Callback URL.
  </Step>

  <Step title="Connect Confluence in the Neo dashboard">
    [Connect Confluence](/integrations/documentation/confluence) with the OAuth app's Client ID and Client Secret, then click Authorize. Tokens land in your kvneoagent blob.
  </Step>

  <Step title="Configure permissions">
    In your agent workflow's **Integrations** tab, choose an access profile or customize each permission group.
  </Step>
</Steps>

<Tip>
  Start with **Read Only** across all five groups. If you only need search-driven retrieval, drop down to **Search Only** to reduce the agent's API surface.
</Tip>
