One-click connection. Connecting Confluence takes about 30 seconds. There’s nothing to install on your side and no developer account to set up — just sign in to Atlassian and grant access.
Connect Confluence
Open the Integrations page
In the Neo Dashboard, open Integrations → find the Confluence tile in the Documentation section and click it.
Click Connect Confluence
A popup opens to
auth.atlassian.com with a consent screen showing the permissions Neo is requesting.You’ll see a small “unverified app” notice from Atlassian. That’s expected — it appears for any OAuth integration not listed in the Atlassian Marketplace. Your data is still protected by the standard OAuth flow and the permissions you grant.
Sign in and pick your site
Sign in with the Atlassian account that has access to the Confluence site you want to connect.If your account has access to multiple Atlassian sites, you’ll see a dropdown to choose which site to authorize.Click Accept to grant the permissions.
Multiple Atlassian sites
If your Atlassian account has access to more than one site and you granted access to several during consent, Neo shows a picker right in the dashboard with the site name, URL, and cloud ID for each. Pick the one Neo should sync. You can change your mind later by clicking Disconnect and reconnecting against a different site.What gets synced
| Content | Status |
|---|---|
| Pages in knowledge bases and global spaces | Synced — title, body, author, last modified, labels |
| Personal spaces | Skipped — these are per-user, not organizational documentation |
| Drafts and trashed pages | Skipped |
| Attachments | Metadata only (file name, URL) — file contents not indexed |
| Comments | Not synced |
Re-sync and trigger sync manually
Neo re-syncs Confluence on a schedule automatically. To pull in changes immediately:- Open the Confluence tile in Integrations.
- Click Trigger sync.
Agent access to Confluence
When you enable the Confluence API tool on an agent, it can search, read, and — depending on the permissions you grant — create, update, and delete Confluence content directly while resolving tickets.Permission groups
Each group can be set to Disabled, Read Only, or Read/Write. When a group is set to Read/Write, an additional Allow Delete toggle controls whether the agent can issue DELETE requests on that group.| Permission Group | What it controls |
|---|---|
| Pages | Pages and blogposts — read, create, update, delete (also covers comments and labels on pages) |
| Spaces | Space metadata — read, create, update (whole-space DELETE always blocked, see below) |
| Search | Run CQL search across pages, blogposts, attachments — read-only by API design |
| Attachments | Attachments on pages and blogposts — read, upload, delete |
| Users | Resolve user profiles for content authors — read-only by API design |
Quick-start profiles
Read Only
All 5 groups Read Only. The agent can browse anything your account has Confluence permission to see, but cannot make changes — the typical setting for documentation-aware agents.
Documentation Manager
Pages and Attachments Read/Write, Spaces / Search / Users Read Only. The agent can create and update pages and upload attachments — ideal for agents that maintain runbooks autonomously — but cannot restructure spaces or delete records.
Full Access
All 5 groups Read/Write with delete enabled. The agent can create, update, and delete pages, blogposts, comments, labels, and attachments. Whole-space DELETE is always blocked regardless of this setting — see below.
Safety controls
- Whole-space DELETE is always blocked. Deleting a Confluence space orphans every page, blogpost, attachment, and comment inside it. Even with Full Access enabled, the agent cannot delete a space — delete pages individually instead, or have a human do the space deletion in Confluence’s UI.
- Allow Delete is per-group and opt-in. Even on Read/Write groups, the agent cannot delete records unless you explicitly enable the per-group “Allow Delete” toggle.
- Reads never trigger approval. GET requests pass through without technician-in-the-loop checks. Each Read/Write group has a separate “Require Approval” toggle if you want every write to go through a technician.
Disconnect
Open the Confluence tile and click Disconnect. This clears Neo’s stored tokens and turns off Confluence sync. Your Confluence data and pages aren’t affected. If you also want to revoke Neo’s grant on the Atlassian side, visit id.atlassian.com/manage-profile/apps and remove the Neo Agent entry.Reconnect
Click Reconnect to refresh the OAuth grant — useful if Neo notifies you that the connection has expired or you want to re-grant permissions. The flow is identical to the initial connect.Security
- Tokens are stored in Azure Key Vault, encrypted at rest, never logged in plaintext.
- Refresh tokens rotate every time Neo refreshes its access — the previous token is invalidated immediately.
- Agent write access is opt-in per permission group, with whole-space DELETE structurally blocked.
- All API traffic is over HTTPS.
- You can revoke Neo’s access at any time from
id.atlassian.com/manage-profile/apps.