# Confluence Cloud

#### Before you begin:

* Only users with **site admin** or **organization admin** privileges can access audit logs via the Confluence Cloud API.
* This email address is required ad a deliverable.

***

#### Step 1: Generate API Token

1. **Log in to Atlassian Account**
   * Go to <https://id.atlassian.com/manage-profile/security>
   * Sign in with your Atlassian account credentials.
   * Note down the \***Atlassian domain** (e.g., "id.atlassian.com") ![Image 1: Log in](/files/KOlSwBoEVwkbIb9vfb5Y)

2. **Create an API Token**

   * Locate the ***API Token*** section.
   * Click ***Create API*** token.

     <figure><img src="/files/Jmj2ja86Qbu1tBcpezUa" alt=""><figcaption></figcaption></figure>
   * Enter a label (e.g., "Confluence Audit Logs").
   * Select the app ***Confluence***
   * Select confluence scope: ***read:audit-log:confluence***.
   * Click ***Create*** and then Copy the ***API token***.

     <figure><img src="/files/hEgk96L9LdjmcqrJDvI1" alt=""><figcaption></figcaption></figure>

3. **Get Cloud ID for Atlassian Clound instance**
   1. **Via admin.atlassian.com**:

      * Go to admin.atlassian.com.
      * Select your organization and site.
      * The Cloud ID appears after `/s/` in the browser URL (e.g., `https://admin.atlassian.com/s/<your_cloud_id>/access-requests`)

   2. **Via API endpoint**:
      * Use the `tenant_info` endpoint:\
        `https://<your-site-name>.atlassian.net/_edge/tenant_info`\
        Replace `<your-site-name>` with your actual site name (e.g., `mycompany`).
      * This returns a JSON response:\
        `{"cloudId":"<your_cloud_id>"}`

***

#### Deliverables

Please email them to <support@threatdefence.com>

1. **Application Credentials**:
   * Please make sure the following credentials are noted in the email.
     * Atlassian domain
     * Email address
     * API Token
     * Cloud ID


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.threatdefence.com/siem-integrations/software-as-a-service/confluence-cloud.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.