---
title: Install the Coveo plugin for Confluence
slug: '1716'
canonical_url: https://docs.coveo.com/en/1716/
collection: index-content
source_format: adoc
---
# Install the Coveo plugin for Confluence

To complete the capabilities of its Confluence Data Center source, Coveo offers a plugin on the Atlassian Marketplace.

You must [install it](#install-the-plugin) to benefit from the following features:

* Refreshes: the plugin allows the source to run [refresh](https://docs.coveo.com/en/2710/) operations that index deleted, restored, and moved [items](https://docs.coveo.com/en/210/).
Without the plugin, you'd need to run a [rescan](https://docs.coveo.com/en/2711/) or [rebuild](https://docs.coveo.com/en/2712/) operation instead, which would take more time and resources to complete.
Therefore, the plugin allows your search interface to reflect content changes faster, with minimal impact on your Confluence Data Center instance.

* Permission indexing: the plugin allows the source to index item [permissions](https://docs.coveo.com/en/223/), which will then be replicated in your Coveo search interface.
As a result, users of your search interface only see the content they're allowed to see in Confluence.
If they've been forbidden to access an article in Confluence, they won't see it in their search results.
To read more on how Coveo manages permissions, see [Management of security identities and item permissions](https://docs.coveo.com/en/1719/).

**About the new plugin version**
<details><summary>Details</summary>

In July 2024, Coveo released version 2 of the plugin.
Starting with this new version, the plugin doesn't require your [crawling account](https://docs.coveo.com/en/2122/) to be a Confluence administrator anymore.
Instead, you can create a Confluence group named `coveo-connector-plugin-users`, and then add your crawling account to this group.
This will allow your crawling account to use the plugin.

If you've installed the Coveo plugin before July 2024, you're using version 1 and you can continue doing so.
However, if you want to avoid the Confluence administrator permission requirement, [switch plugin versions](https://docs.coveo.com/en/1716#switch-plugin-versions).

</details>

## Install the plugin

. Log in to your Confluence Data Center instance using a Confluence administrator account.

. In the navigation bar at the top, click **Apps**, and then **Manage apps**.

. In the search bar, search for `Coveo REST API for Confluence`:

. Locate the **Coveo REST API for Confluence** plugin, and then click **Install**.


[start=5]
. In the **Confirm app installation** box that appears, review Coveo's privacy policy and terms of use.

. Click **Accept & install** to launch the installation process.
Once it's done, a message appears to confirm that the plugin is ready to use.

Once the plugin is installed in your Confluence instance, you can [add a source](https://docs.coveo.com/en/1822/) to [index](https://docs.coveo.com/en/204/) its content.

## Switch plugin versions

If you've installed the Coveo plugin before July 2024, you're using its original version and you can continue doing so.
Switching to a newer version (2 or higher) is optional, but will allow you to avoid making your [crawling account](https://docs.coveo.com/en/1822#crawling-account) a Confluence administrator.

To switch to the latest version:

. Log in to Confluence using an administrator account.

. [Uninstall the old plugin](https://confluence.atlassian.com/upm/uninstalling-apps-273875709.html).

. [Install the new plugin](#install-the-plugin).

Then, if you want to downgrade the privileges of your crawling account:

. Create a Confluence group of users called `coveo-connector-plugin-users`.

. Add your crawling account to this group.

. Remove the Confluence Administrator permission from your crawling account.

Keep in mind, however, that your crawling account must still meet the [requirements](https://docs.coveo.com/en/1822#crawling-account).
This allows your source to access your Confluence content for indexing purposes.

## What does the plugin do?

Coveo's Confluence plugin is designed to respect your security policies and ensure that your data is safe.
It's a read-only plugin built using the Atlassian Plugin SDK to allow Coveo to index your Confluence content and its [permissions](https://docs.coveo.com/en/223/).
It doesn't modify your Confluence instance in any way.

This section details the additional API endpoints that the plugin exposes on your instance and the information returned with each call.
Alternatively, to review the plugin code yourself, download it from the Atlassian Marketplace listing.

**Refresh endpoints**
<details><summary>Details</summary>

The following endpoints allow the Confluence Data Center source to retrieve deleted, restored, and moved item events when performing a refresh operation.
The Confluence API doesn't have this functionality, so, without the plugin, a rescan or rebuild is required to detect the same events.

|===
|**Content item change events**

GET `/rest/coveo/latest/incremental/changes?itemType={type}&spaceKey={key}&ignoreOlderThan={lastModifiedDate}&start={offset}&limit={batchSize}`

Gets a page of change events for a specific Confluence item type from a Confluence space that happened after a certain date.

|**Deleted space change events**

GET `/restcoveo/latest/incremental/deletedSpaces?ignoreOlderThan={lastModifiedDate}`

Gets a space delete event that happened after the specified date.
|===

</details>

**Security endpoints**
<details><summary>Details</summary>

Once you have installed the plugin, the Confluence Data Center source can use it to call the following security plugin endpoints.
These permissions are then replicated in your Coveo search interfaces.

The source must make these calls to the plugin because the Confluence API doesn't have an endpoint to read global permissions:

|===
|**Global Administrators**

GET `/rest/coveo/latest/security/globalAdmins`

Gets the users and groups who have Confluence Administrator or System Administrator global permissions.

|**Can Use permission**

GET `/rest/coveo/latest/security/globalPermissions`

Gets the users and groups who have the Can Use global permission.
|===

The source must make the following call because the Confluence API doesn't have a read-only call to fetch space permissions and requires the Space Admin permission to get this information.
Moreover, the Confluence API doesn't return user emails, which Coveo needs to index permissions.

|===
|**Space permissions**

GET `/rest/coveo/latest/security/spacePermissions?spaceKey={key}`

Gets the groups and users that has permissions to view the specified space.
|===

The source must make the following calls to get user emails, which Coveo needs to replicate Confluence permissions.

|===
|**Content restrictions**

GET `/rest/coveo/latest/security/restrictions/{pageOrBlogId}`

Gets the groups and users from the restrictions of the specified page or blog.

|**Users**

GET `/rest/coveo/latest/security/users?offset={offset}&limit={batchSize}`

Gets a page of Confluence users for the specified offset and batch size.

|**User**

GET `/rest/coveo/latest/security/users/{userName}`

Gets the user with the username passed as a path parameter.

|**Group members**

GET `/rest/coveo/latest/security/groups?groupName={groupName}&offset={offset}&limit={batchSize}`

Gets a page of Confluence users for the specified offset and batch size that are members of the specified group name.
|===

</details>

**Version endpoint**
<details><summary>Details</summary>

|===
|**Plugin version**

GET `/rest/coveo/latest/version`

Gets the plugin version.
|===

</details>