Index your Atlassian Confluence Cloud contents utilizing the Amazon Q Confluence Cloud connector for Amazon Q Enterprise

Amazon Q Business is a generative synthetic intelligence (AI)-powered assistant designed to boost enterprise operations. It’s a totally managed service that helps present correct solutions to customers’ questions whereas honoring the safety and entry restrictions of the content material. It may be tailor-made to your particular enterprise wants by connecting to your organization’s info and enterprise techniques utilizing built-in connectors to quite a lot of enterprise knowledge sources. Amazon Q Enterprise permits customers in numerous roles, corresponding to advertising managers, undertaking managers, and gross sales representatives, to have tailor-made conversations, remedy enterprise issues, generate content material, take motion, and extra, by way of an online interface. This service goals to assist make staff work smarter, transfer quicker, and drive important influence by offering speedy and related info to assist them with their duties.

One such enterprise knowledge repository you should utilize to retailer content material is Atlassian Confluence. Confluence is a group workspace that gives a spot to create, and collaborate on numerous initiatives, merchandise, or concepts. Group areas assist your groups construction, set up, and share work, so every person has visibility into the institutional information of the enterprise and entry to the knowledge they want or solutions to the questions they’ve.

There are two Confluence offerings:

• Cloud – That is supplied as a software program as a service (SaaS) product. It’s all the time on and repeatedly up to date.
• Data Center (self-managed) – Right here, you host Confluence in your infrastructure, which can be on premises or the cloud, permitting you to maintain knowledge inside your chosen atmosphere and handle it your self.

Your customers could must get solutions in Amazon Q Enterprise from the content material in Atlassian’s Confluence Cloud occasion as part of their work. For this you will want to configure an Amazon Q Confluence Cloud connector. As part of this configuration, one of many steps is to configure the authentication of the connector in order that it might probably authenticate with Confluence (Cloud) after which index the related content material.

This submit covers the steps to configure the Confluence Cloud connector for Amazon Q Enterprise.

Forms of paperwork

If you join Amazon Q to an information supply, what Amazon Q considers—and crawls—as a document varies by connector. The Confluence Cloud connector crawls the next as paperwork:

• Areas – Every house is taken into account a single doc.
• Pages – Every web page is taken into account a single doc.
• Blogs – Every weblog is taken into account a single doc.
• Feedback – Every remark is taken into account a single doc.
• Attachments – Every attachment is taken into account a single doc.

Metadata

Each doc has structural attributes—or metadata—connected to it. Doc attributes can embody info corresponding to doc title, doc creator, time created, time up to date, and doc sort.

If you join Amazon Q Enterprise to an information supply, it routinely maps particular knowledge supply document attributes to fields inside an Amazon Q Enterprise index. If a doc attribute in your knowledge supply doesn’t have an attribute mapping already out there, or if you wish to map further doc attributes to index fields, use the {custom} area mappings to specify how a knowledge supply attribute maps to an Amazon Q Enterprise index area. You create area mappings by enhancing your knowledge supply after your software and retriever are created.

To study extra in regards to the supported entities and the related reserved and {custom} attributes for the Amazon Q Confluence connector, discuss with Amazon Q Business Confluence (Cloud) data source connector field mappings.

Authentication sorts

An Amazon Q Enterprise software requires you to make use of AWS IAM Identity Center to handle person entry. Though it’s really helpful to have an IAM Id Middle occasion configured (with customers federated and teams added) earlier than you begin, it’s also possible to select to create and configure an IAM Id Middle occasion in your Amazon Q Enterprise software utilizing the Amazon Q console.

You may also add customers to your IAM Id Middle occasion from the Amazon Q Enterprise console, when you aren’t federating id. If you add a brand new person, ensure that the person is enabled in your IAM Id Middle occasion they usually have verified their electronic mail ID. They should full these steps earlier than they’ll log in to your Amazon Q Enterprise internet expertise.

Your id supply in IAM Id Middle defines the place your customers and teams are managed. After you configure your id supply, you may lookup customers or teams to grant them single sign-on entry to AWS accounts, functions, or each.

You may have just one id supply per group in AWS Organizations. You may select one of many following as your id supply:

• IAM Id Middle listing – If you allow IAM Identity Center for the primary time, it’s routinely configured with an IAM Id Middle listing as your default id supply. That is the place you create your customers and teams, and assign their stage of entry to your AWS accounts and functions.
• Lively Listing – Select this selection if you wish to proceed managing customers in both your AWS Managed Microsoft AD listing utilizing AWS Directory Service or your self-managed listing in Lively Listing (AD).
• Exterior Id Supplier – Select this selection if you wish to handle customers in different external identity providers (IdPs) by way of the Safety Assertion Markup Language (SAML) 2.0 normal, corresponding to Okta.

Entry management lists

Amazon Q Enterprise connectors index entry management checklist (ACL) info that’s connected to a Confluence doc together with the doc itself. For doc ACLs, Amazon Q Enterprise indexes the next:

• Person electronic mail tackle
• Group title for the native group
• Group title for the federated group

If you join a Confluence (Cloud) knowledge supply to Amazon Q Enterprise, the connector crawls ACL (person and group) info connected to a doc out of your Confluence (Cloud) occasion. The data is used to find out which content material can be utilized to assemble chat responses for a given person, in accordance the end-user’s doc entry permissions.

You configure person and group entry to Confluence areas utilizing the house permissions web page, in Confluence. Equally for pages and blogs, you employ the restrictions web page. For extra details about house permissions, see Space Permissions Overview on the Confluence Assist web site. For extra details about web page and weblog restrictions, see Page Restrictions on the Confluence Assist web site.

An Amazon Q Enterprise connector updates any adjustments in ACLs every time that your knowledge supply content material is crawled. To seize ACL adjustments to ensure that the correct end-users have entry to the correct content material, re-sync your knowledge supply often.

Id crawling for Amazon Q Enterprise Person Retailer

As said earlier, Amazon Q Enterprise crawls ACL info on the doc stage from supported knowledge sources. As well as, Amazon Q Enterprise crawls and shops principal info inside every knowledge supply (native person alias, native group, and federated group id configurations) into the Amazon Q Enterprise Person Retailer. That is helpful when your software is related to a number of knowledge sources with totally different authorization and authentication techniques, however you wish to create a unified, access-controlled chat expertise in your end-users.

Amazon Q Enterprise internally maps the native person and group IDs connected to the doc, to the federated identities of customers and teams. Mapping identities streamlines person administration and accelerates chat responses by lowering ACL info retrieval time throughout chat requests. Identity crawling, together with the authorization characteristic, helps filter and generate internet expertise content material restricted by end-user context. For extra details about this course of, see Understanding Amazon Q Business User Store.

The group and person IDs are mapped as follows:

• _group_ids – Group names are current on areas, pages, and blogs the place there are restrictions. They’re mapped from the title of the group in Confluence. Group names are all the time lowercase.
• _user_id – Usernames are current on the house, web page, or weblog the place there are restrictions. They’re mapped relying on the kind of Confluence occasion that you simply’re utilizing. For Confluence Cloud, the _user_id is the account ID of the person.

Overview of answer

With Amazon Q Enterprise, you may configure a number of knowledge sources to supply a central place to go looking throughout your doc repository. For our answer, we display how you can index a Confluence repository utilizing the Amazon Q Enterprise connector for Confluence. On this weblog we’ll:

1. Configure an Amazon Q Enterprise Software.
2. Join Confluence (Cloud) to Amazon Q Enterprise.
3. Index the information within the Confluence repository.
4. Run a pattern question to check the answer.

Conditions

Earlier than you start utilizing Amazon Q Enterprise for the primary time, full the next duties:

1. Set up your AWS account.
2. Optionally, install the AWS Command Line Interface (AWS CLI).
3. Optionally, set up the AWS SDKs.
4. Consider AWS Regions and endpoints.
5. Set up required permissions.
6. Enable and configure an IAM Identity Center instance.

For extra info, see Setting up for Amazon Q Business.

To arrange the Amazon Q Enterprise connector for Confluence, that you must full further stipulations. For extra info, see Prerequisites for connecting Amazon Q Business to Confluence (Cloud).

Create an Amazon Q Enterprise software with the Confluence Cloud connector

As step one in direction of making a generative AI assistant, you configure an software. Then you choose and create a retriever, and in addition join any knowledge sources. After this, you grant end-user entry to customers to work together with an software utilizing the popular id supplier, IAM Id Middle. Full the next steps:

1. On the Amazon Q Enterprise console, select Get began.

Determine 1: Preliminary Amazon Q for Enterprise house web page

2. On the Purposes web page, select Create software.

Determine 2: Amazon Q for Enterprise software creation web page

3. Enter a reputation in your software, choose the extent of service entry, and connect with IAM Identity Center. (Notice: The IAM Id Middle occasion doesn’t must be in the identical Area as Amazon Q Enterprise.)
4. Select Create.

Determine 3: Amazon Q for Enterprise software configuration web page

For extra particulars on configuring the Amazon Q software and connecting to IAM Id Middle, discuss with Creating an Amazon Q Business application environment.

5. Choose your retriever and index provisioning choices.
6. Select Subsequent.

Determine 4: Amazon Q for Enterprise retriever choice web page

For extra particulars on creating and deciding on a retriever, discuss with Creating and selecting a retriever for an Amazon Q Business application.

7. Connect with Confluence as your knowledge supply.
8. Enter a reputation and outline.
9. Choose Confluence Cloud because the supply and enter your Confluence URL.

Determine 5: Confluence connector web page

10. There are two choices for Authentication: Primary authentication and OAuth 2.0 authentication. Choose the most suitable choice relying in your use case.

Determine 6: Confluence connector authentication choices

Earlier than you join Confluence (Cloud) to Amazon Q Enterprise, that you must create and retrieve the Confluence (Cloud) credentials you’ll use to attach Confluence (Cloud) to Amazon Q Enterprise. You additionally want so as to add any permissions wanted by Confluence (Cloud) to connect with Amazon Q Enterprise.

The next procedures offer you an summary of how you can configure Confluence (Cloud) to connect with Amazon Q Enterprise utilizing both fundamental authentication or OAuth 2.0 authentication.

Configure Confluence (Cloud) fundamental authentication for Amazon Q Enterprise

Full the next steps to configure fundamental authentication:

1. Log in to your account from Confluence (Cloud). Notice the username you logged in with. You will want this later to connect with Amazon Q Enterprise.
2. Out of your Confluence (Cloud) house web page, observe your Confluence (Cloud) URL out of your Confluence browser URL. For instance, https://instance.atlassian.internet. You will want this later to connect with Amazon Q Enterprise.
3. Navigate to the Security web page in Confluence (Cloud).
4. On the API tokens web page, select Create API token.

Determine 7: Confluence API token creation

5. Within the Create an API token dialog field, for Label, add a reputation in your API token.
6. Select Create.

Determine 8: Confluence API token labelling

7. From the Your new API token dialog field, copy the API token and put it aside in your most popular textual content editor. You may’t retrieve the API token after you shut the dialog field.

Determine 9: Copying your Confluence API token

8. Select Shut.

You now have the username, Confluence (Cloud) URL, and Confluence (Cloud) API token that you must connect with Amazon Q Enterprise with fundamental authentication.

For extra info, see Manage API tokens for your Atlassian account in Atlassian Assist.

Configure Confluence (Cloud) OAuth 2.0 authentication for Amazon Q Enterprise

Full the next steps to configure Confluence (Cloud) OAuth 2.0 authentication:

1. Retrieve the username and Confluence (Cloud) URL.
2. Configure an OAuth 2.0 app integration.
3. Retrieve the Confluence (Cloud) client ID and client secret.
4. Generate a Confluence (Cloud) access token.
5. Generate a Confluence (Cloud) refresh token.
6. Generate a new Confluence (Cloud) access token using a refresh token.

Retrieve the username and Confluence (Cloud) URL

Full the next steps:

1. Log in to your account from Confluence (Cloud). Notice the username you logged in with. You will want this later to connect with Amazon Q Enterprise.
2. Out of your Confluence (Cloud) house web page, observe your Confluence (Cloud) URL out of your Confluence browser URL. For instance, https://instance.atlassian.internet. You will want this later to each configure your OAuth 2.0 token and connect with Amazon Q Enterprise.

Configuring an OAuth 2.0 app integration

Full the next steps:

1. Log in to your account from the Atlassian Developer page.
2. Select the profile icon within the top-right nook and on the dropdown menu, select Developer console.
   

   Determine 10: Logging into the Confluence Developer Console

3. On the welcome web page, select Create and select OAuth 2.0 integration.
   

   Determine 11: Creating your Confluence OAuth 2.0 token

4. Underneath Create a brand new OAuth 2.0 (3LO) integration, for Title, enter a reputation for the OAuth 2.0 software you’re creating. Then, learn the Developer Phrases, and choose I conform to be sure by Atlassian’s developer phrases checkbox, when you do.
5. Choose Create.
   

   Determine 12: Creating your Confluence OAuth 2.0 integration

   The console will show a abstract web page outlining the main points of the OAuth 2.0 app you created.

   

   Determine 13: Your Confluence software

6. Nonetheless within the Confluence console, within the navigation pane, select Authorization.
7. Select Add so as to add OAuth 2.0 (3LO) to your app.
   

   Determine 14: Including OAuth 2.0 to your Confluence app

8. Underneath OAuth 2.0 authorization code grants (3LO) for apps, for Callback URL, enter the Confluence (Cloud) URL you copied, then select Save adjustments.
   

   Determine 15: Including OAuth 2.0 to your Confluence app (half 2)

9. Underneath Authorization URL generator, select Add APIs so as to add APIs to your app. It will redirect you to the Permissions web page.
10. On the Permissions web page, for Scopes, navigate to Person Id API. Choose Add, then choose Configure.
    

    Determine 16: Configuring Permissions in your Confluence app

11. Underneath Person Id API, select Edit Scopes, then add the next learn scopes:
    1. learn:me – View energetic person profile.
    2. learn:account – View person profiles.
       

       Determine 17: Configuring Scopes in your Confluence app

12. Select Save and return to the Permissions web page.
13. On the Permissions web page, for Scopes, navigate to Confluence API. Choose Add, after which choose Configure.
    

    Determine 18: Configuring Permissions in your Confluence app (half 2)

14. Underneath Confluence API, be sure you’re on the Traditional scopes tab.
    

    Determine 19: Configuring Permissions in your Confluence app (half 3)

15. Select Edit Scopes and add the next learn scopes:
    1. learn:confluence-space.abstract – Learn Confluence house abstract.
    2. learn:confluence-props – Learn Confluence content material properties.
    3. learn:confluence-content.all – Learn Confluence detailed content material.
    4. learn:confluence-content.abstract – Learn Confluence content material abstract.
    5. learn:confluence-content.permission – Learn content material permission in Confluence.
    6. learn:confluence-user – Learn person.
    7. learn:confluence-groups – Learn person teams.
16. Select Save.
17. Navigate to the Granular scopes
    

    Determine 20: Configuring Permissions in your Confluence app (half 4)

18. Select Edit Scopes and add the next learn scopes:
    1. learn:content material:confluence – View detailed contents.
    2. learn:content-details:confluence – View content material particulars.
    3. learn:space-details:confluence – View house particulars.
    4. learn:audit-log:confluence – View audit data.
    5. learn:web page:confluence – View pages.
    6. learn:attachment:confluence – View and obtain content material attachments.
    7. learn:blogpost:confluence – View weblog posts.
    8. learn:custom-content:confluence – View {custom} content material.
    9. learn:remark:confluence – View feedback.
    10. learn:template:confluence – View content material templates.
    11. learn:label:confluence – View labels.
    12. learn:watcher:confluence – View content material watchers.
    13. learn:group:confluence – View teams.
    14. learn:relation:confluence – View entity relationships.
    15. learn:person:confluence – View person particulars.
    16. learn:configuration:confluence – View Confluence settings.
    17. learn:house:confluence – View house particulars.
    18. learn:house.permission:confluence – View house permissions.
    19. learn:house.property:confluence – View house properties.
    20. learn:person.property:confluence – View person properties.
    21. learn:house.setting:confluence – View house settings.
    22. learn:analytics.content material:confluence – View analytics for content material.
    23. learn:content material.permission:confluence – Examine content material permissions.
    24. learn:content material.property:confluence – View content material properties.
    25. learn:content material.restriction:confluence – View content material restrictions.
    26. learn:content material.metadata:confluence – View content material summaries.
    27. learn:inlinetask:confluence – View duties.
    28. learn:activity:confluence – View duties.
    29. learn:permission:confluence – View content material restrictions and house permissions.
    30. learn:whiteboard:confluence – View whiteboards.
    31. learn:app-data:confluence – Learn app knowledge.

For extra info, see Implementing OAuth 2.0 (3LO) and Determining the scopes required for an operation in Atlassian Developer.

Retrieve the Confluence (Cloud) shopper ID and shopper secret

Full the next steps:

1. Within the navigation pane, select Settings.
2. Within the Authentication particulars part, copy and save the next in your most popular textual content editor:
   1. Consumer ID – You enter this because the app key on the Amazon Q Enterprise console.
   2. Secret – You enter this because the app secret on the Amazon Q Enterprise console.

Determine 21: Retrieving Confluence app authentication particulars

You want these to generate your Confluence (Cloud) OAuth 2.0 token and in addition to attach Amazon Q Enterprise to Confluence (Cloud).

For extra info, see Implementing OAuth 2.0 (3LO) and Determining the scopes required for an operation within the Atlassian Developer documentation.

Generate a Confluence (Cloud) entry token

Full the next steps:

1. Log in to your Confluence account from the Atlassian Developer page.
2. Open the OAuth 2.0 app you wish to generate a refresh token for.
3. Within the navigation pane, select Authorization.
4. For OAuth 2.0 (3LO), select Configure.
5. On the Authorization web page, beneath Authorization URL generator, copy the URL for Granular Confluence API authorization URL and put it aside in your most popular textual content editor.

Determine 22: Retrieving Confluence API URL particulars

The URL is within the following format:

https://auth.atlassian.com/authorize?

viewers=api.atlassian.com

&client_id=YOUR_CLIENT_ID

&scope=REQUESTED_SCOPEpercent20REQUESTED_SCOPE_TWO

&redirect_uri=https://YOUR_APP_CALLBACK_URL

&state=YOUR_USER_BOUND_VALUE

&response_type=code

&immediate=consent

6. Within the saved authorization URL, replace the state=${YOUR_USER_BOUND_VALUE} parameter worth to any textual content of your selection. For instance, state=sample_text.

For extra info, see What is the state parameter used for? within the Atlassian Assist documentation.

7. Open your most popular internet browser and enter the authorization URL you copied into the browser URL.
8. On the web page that opens, be certain that every little thing is right and select Settle for.

Determine 23: Testing a Confluence API URL

You can be returned to your Confluence (Cloud) house web page.

9. Copy the URL of the Confluence (Cloud) house web page and put it aside in your most popular textual content editor.

The URL comprises the authorization code in your software. You will want this code to generate your Confluence (Cloud) entry token. The entire part after code= is the authorization code.

10. Navigate to Postman.

In case you don’t have Postman put in in your native system, it’s also possible to select to make use of cURL to generate a Confluence (Cloud) entry token. Use the next cURL command to take action:

curl --location 'https://auth.atlassian.com/oauth/token' 
--header 'Content material-Kind: software/json' 
--data '{"grant_type": "authorization_code",
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET",
"code": "AUTHORIZATION_CODE",
"redirect_uri": "YOUR_CALLBACK_URL"}'

11. If, nevertheless, you have got Postman put in, on the primary Postman window, select POST as the strategy, then enter the next URL: https://auth.atlassian.com/oauth/token.
12. Select Physique, then select uncooked and JSON.

Determine 24: Testing a Confluence entry token in Postman

13. Within the textual content field, enter the next code extract, changing the fields together with your credential values:

{"grant_type": "authorization_code",
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET",
"code": "YOUR_AUTHORIZATION_CODE",
"redirect_uri": "https://YOUR_APP_CALLBACK_URL"}

14. Select Ship.

If every little thing is configured appropriately, Postman will return an entry token.

15. Copy the entry token and put it aside in your most popular textual content editor. You will want it to attach Confluence (Cloud) to Amazon Q Enterprise.

For extra info, see Implementing OAuth 2.0 (3LO) within the Atlassian Developer documentation.

Generate a Confluence (Cloud) refresh token

The entry token you employ to attach Confluence (Cloud) to Amazon Q Enterprise utilizing OAuth 2.0 authentication expires after 1 hour. When it expires, you may both repeat the entire authorization course of and generate a brand new entry token, or generate a refresh token.

Refresh tokens are carried out utilizing a rotating refresh token mechanism. Every time they’re used, rotating refresh tokens points a brand new limited-life refresh token that’s legitimate for 90 days. Every new rotating refresh token resets the inactivity expiry time and allocates one other 90 days. This mechanism improves on single persistent refresh tokens by lowering the interval by which a refresh token will be compromised and used to acquire a sound entry token. For extra particulars, see OAuth 2.0 (3LO) apps within the Atlassian Developer documentation.

To generate a refresh token, you add a %20offline_access parameter to the top of the scope worth within the authorization URL you used to generate your entry token. Full the next steps to generate a refresh token:

1. Log in to your account from the Atlassian Developer page.
2. Open the OAuth 2.0 app you wish to generate a refresh token for.
3. Within the navigation pane, select Authorization.
4. For OAuth 2.0 (3LO), select Configure.
5. On the Authorization web page, beneath Authorization URL generator, copy the URL for Granular Confluence API authorization URL and put it aside in your most popular textual content editor.

Determine 25: Retrieving Confluence API URL particulars

6. Within the saved authorization URL, replace the state=${YOUR_USER_BOUND_VALUE} parameter worth to any textual content of your selection. For instance, state=sample_text.

For extra info, see What is the state parameter used for? within the Atlassian Assist documentation.

7. Add the next textual content on the finish of the scope worth in your authorization URL: %20offline_access and duplicate it. For instance:

https://auth.atlassian.com/authorize?

viewers=api.atlassian.com

&client_id=YOUR_CLIENT_ID

&scope=REQUESTED_SCOPEpercent20REQUESTED_SCOPE_TWOpercent20offline_access

&redirect_uri=https://YOUR_APP_CALLBACK_URL

&state=YOUR_USER_BOUND_VALUE

&response_type=code

&immediate=consent

8. Open your most popular internet browser and enter the modified authorization URL you copied into the browser URL.
9. On the web page that opens, be certain that every little thing is right after which select Settle for.

Determine 26: Testing a Confluence API URL

You can be returned to the Confluence (Cloud) console.

10. Copy the URL of the Confluence (Cloud) house web page and put it aside in a textual content editor of your selection.

The URL comprises the authorization code in your software. You will want this code to generate your Confluence (Cloud) refresh token. The entire part after code= is the authorization code.

11. Navigate to Postman.

In case you don’t have Postman put in in your native system, it’s also possible to select to make use of cURL to generate a Confluence (Cloud) entry token. Use the next cURL command to take action:

curl --location 'https://auth.atlassian.com/oauth/token' 
--header 'Content material-Kind: software/json' 
--data '{"grant_type": "authorization_code",
"client_id": "YOUR CLIENT ID",
"client_secret": "YOUR CLIENT SECRET",
"code": "AUTHORIZATION CODE",
"redirect_uri": "YOUR CALLBACK URL"}'

12. If, nevertheless, you have got Postman put in, on the primary Postman window, select POST as the strategy, then enter the next URL: https://auth.atlassian.com/oauth/token.
13. Select Physique on the menu, then select uncooked and JSON.

Determine 27: Retrieving a Confluence refresh token in Postman

14. Within the textual content field, enter the next code extract, changing the fields together with your credential values:

{"grant_type": "authorization_code",
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET",
"code": "YOUR_AUTHORIZATION_CODE",
"redirect_uri": "https://YOUR_APP_CALLBACK_URL"}

15. Select Ship.

If every little thing is configured appropriately, Postman will return a refresh token.

16. Copy the refresh token and put it aside utilizing your most popular textual content editor. You will want it to attach Confluence (Cloud) to Amazon Q Enterprise.

For extra info, see Implementing a Refresh Token Flow within the Atlassian Developer documentation.

Generate a brand new Confluence (Cloud) entry token utilizing a refresh token

You should utilize the refresh token you generated to create a brand new entry token and refresh token pair when an present entry token expires. Full the next steps to generate a refresh token:

1. Copy the refresh token you generated following the steps within the earlier part.
2. Navigate to Postman.

In case you don’t have Postman put in in your native system, it’s also possible to select to make use of cURL to generate a Confluence (Cloud) entry token. Use the next cURL command to take action:

curl --location 'https://auth.atlassian.com/oauth/token' 
--header 'Content material-Kind: software/json' 
--data '{"grant_type": "refresh_token",
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET",
"refresh_token": "YOUR_REFRESH_TOKEN"}'

3. Within the Postman foremost window, select POST as the strategy, then enter the next URL: https://auth.atlassian.com/oauth/token.
4. Select Physique from the menu and select uncooked and JSON.

Determine 28: Utilizing a Confluence refresh token in Postman

5. Within the textual content field, enter the next code extract, changing the fields together with your credential values:

{"grant_type": "refresh_token",
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET",
"refresh_token": "YOUR REFRESH TOKEN"}

6. Select Ship.

If every little thing is configured appropriately, Postman will return a brand new entry token and refresh token pair within the following format:

{"access_token": "string,
"expires_in": "expiry time of access_token in seconds",
"scope": "string",
"refresh_token": "string"}

For extra info, see Implementing a Refresh Token Flow and How do I get a new access token, if my access token expires or is revoked? within the Atlassian Developer documentation.

Proceed creating your software

Full the next steps to proceed creating your software:

1. For AWS Secrets and techniques Supervisor secret, select an present secret or create an AWS Secrets Manager secret to retailer your Confluence authentication credentials. In case you select to create a secret, an AWS Secrets and techniques Supervisor window opens. Enter the next info within the window:
   1. For Secret title, enter a reputation in your secret.
   2. Enter the knowledge you generated earlier:
      1. If utilizing Primary Authentication, enter your Secret title, Person title, and Password (Confluence API Token) that you simply generated and downloaded out of your Confluence account.
      2. If utilizing OAuth2.0 Authentication, enter the Secret title, App key, App secret, Entry token, and Refresh token that you simply created in your Confluence account.
   3. Select Save and add secret.For extra particulars on making a Secrets and techniques Supervisor secret, discuss with Create an AWS Secrets Manager secret.
2. Select the key you created to make use of in your Confluence connector.
   

   Determine 29: Deciding on a secret in Secrets and techniques Supervisor

3. Underneath Configure VPC and safety group, you may select whether or not you wish to use a VPC (Non-obligatory). In case you do (which we suggest), enter the next info:
   1. For Subnets, enter as much as 6 repository subnets that outline the subnets and IP ranges the repository occasion makes use of within the chosen VPC.
   2. For VPC safety teams, Select as much as 10 safety teams that enable entry to your knowledge supply.For extra info, see Virtual private cloud.
      

      Determine 30: Configuring VPC and Safety Group in Amazon Q Enterprise

4. Underneath Id crawler, affirm that crawling is enabled.Amazon Q Enterprise crawls id info out of your knowledge supply by default to verify the responses out of your related knowledge sources are generated solely from paperwork end-users have entry to. For extra info, see Identity crawler.By default, an Amazon Q Enterprise software is configured to answer finish person chat queries utilizing solely enterprise knowledge. If you want Amazon Q Enterprise to make use of the underlying LLM information to generate responses when it might probably’t discover the knowledge out of your related knowledge sources, you may allow this within the Response settings beneath your software guardrails.
5. Underneath IAM function, select an present AWS Identity and Access Management (IAM) function or create an IAM function to entry your repository credentials and index content material.Creating a brand new service function is really helpful. For extra info, see IAM role for Amazon Q Confluence (Cloud) connector.
   

   Determine 31: Configuring IAM function in Amazon Q Enterprise

6. Underneath Sync scope, select from the next choices:
   1. For Sync contents, you may select to sync from the next entity sorts: pages, web page feedback, web page attachments, blogs, weblog feedback, weblog attachments, private areas, archived areas, and archived pages.
   2. For Most single file dimension, specify the file dimension restrict in megabytes that Amazon Q Enterprise will crawl. Amazon Q Enterprise will crawl solely the recordsdata inside the dimension restrict you outline. The file dimension must be higher than 0 MB and fewer than or equal to 50 MB.
7. Underneath Further configuration, for Area and regex patterns, specify whether or not to incorporate or exclude particular areas in your index with the next settings:
   1. Area key – For instance, my-space-123.
   2. URL – For instance, .*/MySite/MyDocuments/.
   3. File sort – For instance, .*.pdf, .*.txt.
   4. For Entity title regex patterns, specify common expression patterns to incorporate or exclude sure blogs, pages, feedback, and attachments by titles.
      

      Determine 32: Configuring scopes and regexes in Amazon Q Enterprise

8. Underneath Sync mode, select the way you wish to replace your index when your knowledge supply content material adjustments. If you sync your knowledge supply with Amazon Q Enterprise for the primary time, all content material is synced by default. You’ve the next choices:
   1. Full sync – Sync all content material whatever the earlier sync standing.
   2. New, modified, or deleted content material sync – Sync solely new, modified, and deleted paperwork.
9. Underneath Sync run schedule, for Frequency, select how typically Amazon Q Enterprise will sync together with your knowledge supply. For extra particulars, see Sync run schedule.
10. Underneath Tags, you may optionally add tags to go looking and filter your sources or monitor your AWS prices. See Tagging resources for extra particulars.
    

    Determine 33: Configuring sync mode, sync frequency, and tagging

11. Underneath Subject mappings, choose the information supply doc attributes to map to your index fields. Add the fields from the Knowledge supply particulars web page after you end including your knowledge supply. You may select from two forms of fields:
    1. Default – Mechanically created by Amazon Q Enterprise in your behalf based mostly on frequent fields in your knowledge supply. You may’t edit these.
    2. Customized – Mechanically created by Amazon Q Enterprise in your behalf based mostly on frequent fields in your knowledge supply. You may edit these. You may also create and add new {custom} fields.For extra info, see Field mappings.
12. To complete connecting your knowledge supply to Amazon Q, select Add knowledge supply.
    

    Determine 34: Mapping Confluence fields in Amazon Q Enterprise

13. After the Confluence connector is created, you’re redirected to the Join knowledge sources web page, the place you may add further knowledge sources if wanted.
14. Select Subsequent to proceed.
15. Underneath Add or assign customers and teams, you may to assign customers or teams from IAM Id Middle. When you have the suitable permissions, you have got the power so as to add new customers. Choose the suitable choice for you.
16. Select Subsequent.
    

    Determine 35: Assigning customers/ teams and Net expertise service entry in Amazon Q Enterprise

17. Underneath Assign customers and teams, you may select the customers or teams you wish to add to your Amazon Q Enterprise software. (To ensure that a person to get a solution from Amazon Q Enterprise, the person IDs added in IAM Id Middle must match the person IDs in Confluence.)
18. In Net expertise service entry, enter the next info:
    1. For Select a technique to authorize Amazon Q Enterprise – A service entry function assumed by finish customers once they check in to your internet expertise that grants them permission to start out and handle conversations in Amazon Q Enterprise. You may select to make use of an present function or create a brand new function.
    2. Service function title – A reputation for the service function you created for straightforward identification on the console.
19. Choose Create software.
20. As soon as the appliance is created, navigate to the Knowledge supply particulars part, select Sync now to permit Amazon Q Enterprise to start syncing (crawling and ingesting) knowledge out of your knowledge supply.

When the sync job is full, your knowledge supply is able to use.

The time the sync will take will depend on the dimensions of your Confluence atmosphere. Examine again periodically to see if the sync has completed.

Run a pattern question to check the answer

When the sync in your knowledge supply is full, you may deploy the online expertise to check the answer. For extra particulars for organising the Amazon Q Enterprise internet expertise, see Customizing an Amazon Q Business web experience.

Determine 37: Amazon Q Enterprise internet expertise URLs

After you’re signed in to the online expertise, check out a query based mostly on info in your Confluence Cloud. The next screenshots present some examples.

Determine 38: Pattern Amazon Q Enterprise internet expertise immediate and completion

Determine 39: Pattern Amazon Q Enterprise internet expertise immediate and completion (half 2)

Determine 40: Pattern Amazon Q Enterprise internet expertise immediate and completion (half 3)

Amazon Q Enterprise generates a response, in addition to the citations to the place the knowledge got here from. You may click on the hyperlinks within the quotation to go on to the supply web page.

Troubleshooting and FAQs

For info on troubleshooting your connector, see Troubleshooting your Amazon Q Business Confluence (Cloud) connector.

Consult with Amazon Q Business FAQs for ceaselessly requested questions.

Clear up

In case you not want your Amazon Q Enterprise software, be certain that to delete it to keep away from undesirable prices. If you delete your software, it should take away the related index and knowledge connectors.

Determine 41: Deleting Amazon Q Enterprise confluence connector

Conclusion

On this submit, we offered an summary of Amazon Q Enterprise Confluence Cloud connector and the way you should utilize it for seamless integration of generative AI help to your Confluence Cloud. Through the use of a single interface for the number of knowledge sources within the group, you may allow staff to be extra data-driven, environment friendly, ready, and productive.

To study extra about Amazon Q Enterprise connector for Confluence Cloud, discuss with Connecting Confluence (Cloud) to Amazon Q Business.

---

In regards to the Authors

Tyler Geary is a Options Architect at Amazon Net Providers (AWS), the place he’s a member of the Enterprise Monetary Providers group, specializing in Insurance coverage clients. He helps his clients establish enterprise challenges and alternatives, tying them again to revolutionary options powered by AWS, with a specific give attention to Generative AI. In his free time, Tyler enjoys climbing, tenting, and spending time within the nice outside.

Sumeet Tripathi is an Enterprise Assist Lead (TAM) at AWS in North Carolina. He has over 17 years of expertise in know-how throughout numerous roles. He’s captivated with serving to clients to cut back operational challenges and friction. His focus space is AI/ML and Power & Utilities Phase. Outdoors work, He enjoys touring with household, watching cricket and films.

Vishal Naik is a Sr. Options Architect at Amazon Net Providers (AWS). He’s a builder who enjoys serving to clients accomplish their enterprise wants and remedy complicated challenges with AWS options and finest practices. His core space of focus consists of Generative AI and Machine Studying. In his spare time, Vishal loves making brief movies on time journey and alternate universe themes.