Confluence

confluence edition enterprise only the confluence integration scans pages, attachments, and comments in atlassian confluence for credentials and other sensitive data configuration the confluence integration can be configured in trufflehog under integrations , or via a local configuration file (below) setup requires the ability to create a token in your confluence instance web configuration configure this integration from the integrations page in trufflehog you'll need credentials appropriate to your confluence deployment — see the local configuration section below for the supported authentication methods local configuration local configuration supports two authentication methods, depending on your confluence deployment basic authentication — supported by both confluence cloud and confluence data center / server bearer token — supported by confluence data center / server only confluence cloud (basic auth) use this for confluence cloud the username must be the email address attached to your atlassian account, and the password must be a confluence cloud api token the endpoint for cloud must contain atlassian net spaces are enumerated automatically unless spaces is set to a specific list use ignorespaces to skip specific spaces the spacesscope field controls which space types are scanned (all, global, or personal); it defaults to all you can find all available space names in your atlassian account under confluence home > spaces > view all spaces sources \ connection "@type" type googleapis com/sources confluence endpoint https //ourbusiness atlassian net/wiki basicauth \# username for confluence cloud must be an email address username scanner account\@ourbusiness com \# password for confluence cloud must be an api token password xxxxxxxxxxxxxxxxxxxxxxxxxx spaces \ test space \ future projects space ignorespaces \ space1 includeattachments true skiphistory true spacesscope all name confluence scanperiod 12h type source type confluence verify true confluence data center / server (basic auth) use this for on premises confluence with username and password authentication the endpoint for data center / server cannot contain atlassian net the spaces and ignorespaces keys expect space names — note that space name differs from space key sources \ connection "@type" type googleapis com/sources confluence endpoint https //ourbusiness com/wiki basicauth username scanner account password xxxxxxxxxxxxxxxxxxxxxxxxxx spaces \ test space \ future projects space ignorespaces \ space1 includeattachments true skiphistory true spacesscope all name confluence scanperiod 12h type source type confluence verify true confluence data center / server (bearer token) use this for on premises confluence with a personal access token (pat) sources \ connection "@type" type googleapis com/sources confluence endpoint https //ourbusiness com/wiki token xxxxxxxxxxxxxxxxxxxxxxxxxx spaces \ test space \ future projects space ignorespaces \ space2 includeattachments true skiphistory true spacesscope all name confluence scanperiod 12h type source type confluence verify true configuration options field type required description endpoint string yes the target confluence endpoint uri must contain atlassian net for cloud; cannot contain it for data center / server spaces list no explicit list of space names to scan omit to enumerate instead ignorespaces list no space names to skip during scanning spacesscope string no which space types to scan all, global, or personal defaults to all when combined with the spaces list, both must use the same scope unless spacesscope is all includeattachments boolean no include attachments during scanning skiphistory boolean no skip retrieval of historical page versions insecureskipverifytls boolean no skip tls/ssl verification setting this to true may pose security issues capabilities feature supported scan pages ✅ scan attachments ✅ scan comments ✅ scan archive files ✅ scan base64 encoded data ✅ scan binaries ✅ scan version history ✅ include / exclude filters ✅ auto resume ✅ notes attachment scanning is opt in set includeattachments true to scan attachments version history scanning is opt out set skiphistory true to skip historical page versions