Index your Atlassian Confluence Cloud contents utilizing the Amazon Q Confluence Cloud connector for Amazon Q Enterprise

August 24, 2024 thefutureofworkinfo


Amazon Q Business is a generative synthetic intelligence (AI)-powered assistant designed to boost enterprise operations. It’s a completely managed service that helps present correct solutions to customers’ questions whereas honoring the safety and entry restrictions of the content material. It may be tailor-made to your particular enterprise wants by connecting to your organization’s data and enterprise techniques utilizing built-in connectors to quite a lot of enterprise information sources. Amazon Q Enterprise allows customers in varied roles, corresponding to advertising and marketing managers, mission managers, and gross sales representatives, to have tailor-made conversations, resolve enterprise issues, generate content material, take motion, and extra, by an online interface. This service goals to assist make workers work smarter, transfer quicker, and drive important impression by offering fast and related data to assist them with their duties.

One such enterprise information repository you should utilize to retailer content material is Atlassian Confluence. Confluence is a crew workspace that gives a spot to create, and collaborate on varied tasks, merchandise, or concepts. Crew areas assist your groups construction, manage, and share work, so every person has visibility into the institutional information of the enterprise and entry to the knowledge they want or solutions to the questions they’ve.

There are two Confluence offerings:

  • Cloud – That is supplied as a software program as a service (SaaS) product. It’s all the time on and repeatedly up to date.
  • Data Center (self-managed) – Right here, you host Confluence in your infrastructure, which can be on premises or the cloud, permitting you to maintain information inside your chosen surroundings and handle it your self.

Your customers might must get solutions in Amazon Q Enterprise from the content material in Atlassian’s Confluence Cloud occasion as part of their work. For this you will have to configure an Amazon Q Confluence Cloud connector. As part of this configuration, one of many steps is to configure the authentication of the connector in order that it might probably authenticate with Confluence (Cloud) after which index the related content material.

This put up covers the steps to configure the Confluence Cloud connector for Amazon Q Enterprise.

Forms of paperwork

While you join Amazon Q to a knowledge supply, what Amazon Q considers—and crawls—as a document varies by connector. The Confluence Cloud connector crawls the next as paperwork:

  • Areas – Every area is taken into account a single doc.
  • Pages – Every web page is taken into account a single doc.
  • Blogs – Every weblog is taken into account a single doc.
  • Feedback – Every remark is taken into account a single doc.
  • Attachments – Every attachment is taken into account a single doc.

Metadata

Each doc has structural attributes—or metadata—hooked up to it. Doc attributes can embrace data corresponding to doc title, doc creator, time created, time up to date, and doc sort.

While you join Amazon Q Enterprise to a knowledge supply, it robotically maps particular information supply document attributes to fields inside an Amazon Q Enterprise index. If a doc attribute in your information supply doesn’t have an attribute mapping already accessible, or if you wish to map extra doc attributes to index fields, use the {custom} area mappings to specify how an information supply attribute maps to an Amazon Q Enterprise index area. You create area mappings by modifying your information supply after your software and retriever are created.

To be taught extra in regards to the supported entities and the related reserved and {custom} attributes for the Amazon Q Confluence connector, confer with Amazon Q Business Confluence (Cloud) data source connector field mappings.

Authentication sorts

An Amazon Q Enterprise software requires you to make use of AWS IAM Identity Center to handle person entry. Though it’s beneficial to have an IAM Identification Heart occasion configured (with customers federated and teams added) earlier than you begin, it’s also possible to select to create and configure an IAM Identification Heart occasion to your Amazon Q Enterprise software utilizing the Amazon Q console.

You may also add customers to your IAM Identification Heart occasion from the Amazon Q Enterprise console, in case you aren’t federating identification. While you add a brand new person, be sure that the person is enabled in your IAM Identification Heart occasion and so they have verified their e mail ID. They should full these steps earlier than they’ll log in to your Amazon Q Enterprise internet expertise.

Your identification supply in IAM Identification Heart defines the place your customers and teams are managed. After you configure your identification supply, you’ll be able to lookup customers or teams to grant them single sign-on entry to AWS accounts, functions, or each.

You may have just one identification supply per group in AWS Organizations. You may select one of many following as your identification supply:

  • IAM Identification Heart listing – While you allow IAM Identity Center for the primary time, it’s robotically configured with an IAM Identification Heart listing as your default identification supply. That is the place you create your customers and teams, and assign their degree of entry to your AWS accounts and functions.
  • Lively Listing – Select this feature if you wish to proceed managing customers in both your AWS Managed Microsoft AD listing utilizing AWS Directory Service or your self-managed listing in Lively Listing (AD).
  • Exterior Identification Supplier – Select this feature if you wish to handle customers in different external identity providers (IdPs) by the Safety Assertion Markup Language (SAML) 2.0 customary, corresponding to Okta.

Entry management lists

Amazon Q Enterprise connectors index entry management listing (ACL) data that’s hooked up to a Confluence doc together with the doc itself. For doc ACLs, Amazon Q Enterprise indexes the next:

  • Person e mail tackle
  • Group identify for the native group
  • Group identify for the federated group

While you join a Confluence (Cloud) information supply to Amazon Q Enterprise, the connector crawls ACL (person and group) data hooked up to a doc out of your Confluence (Cloud) occasion. The data is used to find out which content material can be utilized to assemble chat responses for a given person, in accordance the end-user’s doc entry permissions.

You configure person and group entry to Confluence areas utilizing the area permissions web page, in Confluence. Equally for pages and blogs, you utilize the restrictions web page. For extra details about area permissions, see Space Permissions Overview on the Confluence Assist web site. For extra details about web page and weblog restrictions, see Page Restrictions on the Confluence Assist web site.

An Amazon Q Enterprise connector updates any adjustments in ACLs every time that your information supply content material is crawled. To seize ACL adjustments to be sure that the appropriate end-users have entry to the appropriate content material, re-sync your information supply recurrently.

Identification crawling for Amazon Q Enterprise Person Retailer

As acknowledged earlier, Amazon Q Enterprise crawls ACL data on the doc degree from supported information sources. As well as, Amazon Q Enterprise crawls and shops principal data inside every information supply (native person alias, native group, and federated group identification configurations) into the Amazon Q Enterprise Person Retailer. That is helpful when your software is linked to a number of information sources with completely different authorization and authentication techniques, however you wish to create a unified, access-controlled chat expertise to your end-users.

Amazon Q Enterprise internally maps the native person and group IDs hooked up to the doc, to the federated identities of customers and teams. Mapping identities streamlines person administration and hurries up chat responses by lowering ACL data retrieval time throughout chat requests. Identity crawling, together with the authorization function, helps filter and generate internet expertise content material restricted by end-user context. For extra details about this course of, see Understanding Amazon Q Business User Store.

The group and person IDs are mapped as follows:

  • _group_ids – Group names are current on areas, pages, and blogs the place there are restrictions. They’re mapped from the identify of the group in Confluence. Group names are all the time lowercase.
  • _user_id – Usernames are current on the area, web page, or weblog the place there are restrictions. They’re mapped relying on the kind of Confluence occasion that you simply’re utilizing. For Confluence Cloud, the _user_id is the account ID of the person.

Overview of resolution

With Amazon Q Enterprise, you’ll be able to configure a number of information sources to offer a central place to go looking throughout your doc repository. For our resolution, we reveal find out how to index a Confluence repository utilizing the Amazon Q Enterprise connector for Confluence. On this weblog we’ll:

  1. Configure an Amazon Q Enterprise Software.
  2. Join Confluence (Cloud) to Amazon Q Enterprise.
  3. Index the info within the Confluence repository.
  4. Run a pattern question to check the answer.

Conditions

Earlier than you start utilizing Amazon Q Enterprise for the primary time, full the next duties:

  1. Set up your AWS account.
  2. Optionally, install the AWS Command Line Interface (AWS CLI).
  3. Optionally, set up the AWS SDKs.
  4. Consider AWS Regions and endpoints.
  5. Set up required permissions.
  6. Enable and configure an IAM Identity Center instance.

For extra data, see Setting up for Amazon Q Business.

To arrange the Amazon Q Enterprise connector for Confluence, it’s essential full extra conditions. For extra data, see Prerequisites for connecting Amazon Q Business to Confluence (Cloud).

Create an Amazon Q Enterprise software with the Confluence Cloud connector

As step one in direction of making a generative AI assistant, you configure an software. Then you choose and create a retriever, and likewise join any information sources. After this, you grant end-user entry to customers to work together with an software utilizing the popular identification supplier, IAM Identification Heart. Full the next steps:

  1. On the Amazon Q Enterprise console, select Get began.
Figure 1: Initial Amazon Q for Business home page

Determine 1: Preliminary Amazon Q for Enterprise dwelling web page

  1. On the Functions web page, select Create software.

Determine 2: Amazon Q for Enterprise software creation web page

  1. Enter a reputation to your software, choose the extent of service entry, and connect with IAM Identity Center. (Observe: The IAM Identification Heart occasion doesn’t need to be in the identical Area as Amazon Q Enterprise.)
  2. Select Create.

Determine 3: Amazon Q for Enterprise software configuration web page

For extra particulars on configuring the Amazon Q software and connecting to IAM Identification Heart, confer with Creating an Amazon Q Business application environment.

  1. Choose your retriever and index provisioning choices.
  2. Select Subsequent.

Determine 4: Amazon Q for Enterprise retriever choice web page

For extra particulars on creating and choosing a retriever, confer with Creating and selecting a retriever for an Amazon Q Business application.

  1. Hook up with Confluence as your information supply.
  2. Enter a reputation and outline.
  3. Choose Confluence Cloud because the supply and enter your Confluence URL.

Determine 5: Confluence connector web page

  1. There are two choices for Authentication: Primary authentication and OAuth 2.0 authentication. Choose the most suitable choice relying in your use case.

Determine 6: Confluence connector authentication choices

Earlier than you join Confluence (Cloud) to Amazon Q Enterprise, it’s essential create and retrieve the Confluence (Cloud) credentials you’ll use to attach Confluence (Cloud) to Amazon Q Enterprise. You additionally want so as to add any permissions wanted by Confluence (Cloud) to hook up with Amazon Q Enterprise.

The next procedures offer you an outline of find out how to configure Confluence (Cloud) to hook up with Amazon Q Enterprise utilizing both primary authentication or OAuth 2.0 authentication.

Configure Confluence (Cloud) primary authentication for Amazon Q Enterprise

Full the next steps to configure primary authentication:

  1. Log in to your account from Confluence (Cloud). Observe the username you logged in with. You’ll need this later to hook up with Amazon Q Enterprise.
  2. Out of your Confluence (Cloud) dwelling web page, be aware your Confluence (Cloud) URL out of your Confluence browser URL. For instance, https://instance.atlassian.internet. You’ll need this later to hook up with Amazon Q Enterprise.
  3. Navigate to the Security web page in Confluence (Cloud).
  4. On the API tokens web page, select Create API token.

Determine 7: Confluence API token creation

  1. Within the Create an API token dialog field, for Label, add a reputation to your API token.
  2. Select Create.

Determine 8: Confluence API token labelling

  1. From the Your new API token dialog field, copy the API token and reserve it in your most popular textual content editor. You may’t retrieve the API token after you shut the dialog field.

Determine 9: Copying your Confluence API token

  1. Select Shut.

You now have the username, Confluence (Cloud) URL, and Confluence (Cloud) API token it’s essential connect with Amazon Q Enterprise with primary authentication.

For extra data, see Manage API tokens for your Atlassian account in Atlassian Assist.

Configure Confluence (Cloud) OAuth 2.0 authentication for Amazon Q Enterprise

Full the next steps to configure Confluence (Cloud) OAuth 2.0 authentication:

  1. Retrieve the username and Confluence (Cloud) URL.
  2. Configure an OAuth 2.0 app integration.
  3. Retrieve the Confluence (Cloud) client ID and client secret.
  4. Generate a Confluence (Cloud) access token.
  5. Generate a Confluence (Cloud) refresh token.
  6. Generate a new Confluence (Cloud) access token using a refresh token.

Retrieve the username and Confluence (Cloud) URL

Full the next steps:

  1. Log in to your account from Confluence (Cloud). Observe the username you logged in with. You’ll need this later to hook up with Amazon Q Enterprise.
  2. Out of your Confluence (Cloud) dwelling web page, be aware your Confluence (Cloud) URL out of your Confluence browser URL. For instance, https://instance.atlassian.internet. You’ll need this later to each configure your OAuth 2.0 token and connect with Amazon Q Enterprise.

Configuring an OAuth 2.0 app integration

Full the next steps:

  1. Log in to your account from the Atlassian Developer page.
  2. Select the profile icon within the top-right nook and on the dropdown menu, select Developer console.

    Determine 10: Logging into the Confluence Developer Console

  3. On the welcome web page, select Create and select OAuth 2.0 integration.

    Determine 11: Creating your Confluence OAuth 2.0 token

  4. Below Create a brand new OAuth 2.0 (3LO) integration, for Identify, enter a reputation for the OAuth 2.0 software you’re creating. Then, learn the Developer Phrases, and choose I comply with be certain by Atlassian’s developer phrases checkbox, in case you do.
  5. Choose Create.

    Determine 12: Creating your Confluence OAuth 2.0 integration

    The console will show a abstract web page outlining the small print of the OAuth 2.0 app you created.

    Determine 13: Your Confluence software

  6. Nonetheless within the Confluence console, within the navigation pane, select Authorization.
  7. Select Add so as to add OAuth 2.0 (3LO) to your app.

    Determine 14: Including OAuth 2.0 to your Confluence app

  8. Below OAuth 2.0 authorization code grants (3LO) for apps, for Callback URL, enter the Confluence (Cloud) URL you copied, then select Save adjustments.

    Determine 15: Including OAuth 2.0 to your Confluence app (half 2)

  9. Below Authorization URL generator, select Add APIs so as to add APIs to your app. This can redirect you to the Permissions web page.
  10. On the Permissions web page, for Scopes, navigate to Person Identification API. Choose Add, then choose Configure.

    Determine 16: Configuring Permissions to your Confluence app

  11. Below Person Identification API, select Edit Scopes, then add the next learn scopes:
    1. learn:me – View lively person profile.
    2. learn:account – View person profiles.

      Determine 17: Configuring Scopes to your Confluence app

  12. Select Save and return to the Permissions web page.
  13. On the Permissions web page, for Scopes, navigate to Confluence API. Choose Add, after which choose Configure.

    Determine 18: Configuring Permissions to your Confluence app (half 2)

  14. Below Confluence API, be sure you’re on the Basic scopes tab.

    Determine 19: Configuring Permissions to your Confluence app (half 3)

  15. Select Edit Scopes and add the next learn scopes:
    1. learn:confluence-space.abstract – Learn Confluence area abstract.
    2. learn:confluence-props – Learn Confluence content material properties.
    3. learn:confluence-content.all – Learn Confluence detailed content material.
    4. learn:confluence-content.abstract – Learn Confluence content material abstract.
    5. learn:confluence-content.permission – Learn content material permission in Confluence.
    6. learn:confluence-user – Learn person.
    7. learn:confluence-groups – Learn person teams.
  16. Select Save.
  17. Navigate to the Granular scopes

    Determine 20: Configuring Permissions to your Confluence app (half 4)

  18. Select Edit Scopes and add the next learn scopes:
    1. learn:content material:confluence – View detailed contents.
    2. learn:content-details:confluence – View content material particulars.
    3. learn:space-details:confluence – View area particulars.
    4. learn:audit-log:confluence – View audit information.
    5. learn:web page:confluence – View pages.
    6. learn:attachment:confluence – View and obtain content material attachments.
    7. learn:blogpost:confluence – View weblog posts.
    8. learn:custom-content:confluence – View {custom} content material.
    9. learn:remark:confluence – View feedback.
    10. learn:template:confluence – View content material templates.
    11. learn:label:confluence – View labels.
    12. learn:watcher:confluence – View content material watchers.
    13. learn:group:confluence – View teams.
    14. learn:relation:confluence – View entity relationships.
    15. learn:person:confluence – View person particulars.
    16. learn:configuration:confluence – View Confluence settings.
    17. learn:area:confluence – View area particulars.
    18. learn:area.permission:confluence – View area permissions.
    19. learn:area.property:confluence – View area properties.
    20. learn:person.property:confluence – View person properties.
    21. learn:area.setting:confluence – View area settings.
    22. learn:analytics.content material:confluence – View analytics for content material.
    23. learn:content material.permission:confluence – Examine content material permissions.
    24. learn:content material.property:confluence – View content material properties.
    25. learn:content material.restriction:confluence – View content material restrictions.
    26. learn:content material.metadata:confluence – View content material summaries.
    27. learn:inlinetask:confluence – View duties.
    28. learn:process:confluence – View duties.
    29. learn:permission:confluence – View content material restrictions and area permissions.
    30. learn:whiteboard:confluence – View whiteboards.
    31. learn:app-data:confluence – Learn app information.

For extra data, see Implementing OAuth 2.0 (3LO) and Determining the scopes required for an operation in Atlassian Developer.

Retrieve the Confluence (Cloud) shopper ID and shopper secret

Full the next steps:

  1. Within the navigation pane, select Settings.
  2. Within the Authentication particulars part, copy and save the next in your most popular textual content editor:
    1. Shopper ID – You enter this because the app key on the Amazon Q Enterprise console.
    2. Secret – You enter this because the app secret on the Amazon Q Enterprise console.

Determine 21: Retrieving Confluence app authentication particulars

You want these to generate your Confluence (Cloud) OAuth 2.0 token and likewise to attach Amazon Q Enterprise to Confluence (Cloud).

For extra data, see Implementing OAuth 2.0 (3LO) and Determining the scopes required for an operation within the Atlassian Developer documentation.

Generate a Confluence (Cloud) entry token

Full the next steps:

  1. Log in to your Confluence account from the Atlassian Developer page.
  2. Open the OAuth 2.0 app you wish to generate a refresh token for.
  3. Within the navigation pane, select Authorization.
  4. For OAuth 2.0 (3LO), select Configure.
  5. On the Authorization web page, underneath Authorization URL generator, copy the URL for Granular Confluence API authorization URL and reserve it in your most popular textual content editor.

Determine 22: Retrieving Confluence API URL particulars

The URL is within the following format:

https://auth.atlassian.com/authorize?

viewers=api.atlassian.com

&client_id=YOUR_CLIENT_ID

&scope=REQUESTED_SCOPEpercent20REQUESTED_SCOPE_TWO

&redirect_uri=https://YOUR_APP_CALLBACK_URL

&state=YOUR_USER_BOUND_VALUE

&response_type=code

&immediate=consent

  1. Within the saved authorization URL, replace the state=${YOUR_USER_BOUND_VALUE} parameter worth to any textual content of your alternative. For instance, state=sample_text.

For extra data, see What is the state parameter used for? within the Atlassian Assist documentation.

  1. Open your most popular internet browser and enter the authorization URL you copied into the browser URL.
  2. On the web page that opens, be certain all the things is appropriate and select Settle for.

Determine 23: Testing a Confluence API URL

You may be returned to your Confluence (Cloud) dwelling web page.

  1. Copy the URL of the Confluence (Cloud) dwelling web page and reserve it in your most popular textual content editor.

The URL accommodates the authorization code to your software. You’ll need this code to generate your Confluence (Cloud) entry token. The entire part after code= is the authorization code.

  1. Navigate to Postman.

For those who don’t have Postman put in in your native system, it’s also possible to select to make use of cURL to generate a Confluence (Cloud) entry token. Use the next cURL command to take action:

curl --location 'https://auth.atlassian.com/oauth/token' 
--header 'Content material-Sort: software/json' 
--data '{"grant_type": "authorization_code",
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET",
"code": "AUTHORIZATION_CODE",
"redirect_uri": "YOUR_CALLBACK_URL"}'

  1. If, nevertheless, you could have Postman put in, on the primary Postman window, select POST as the tactic, then enter the next URL: https://auth.atlassian.com/oauth/token.
  2. Select Physique, then select uncooked and JSON.

Determine 24: Testing a Confluence entry token in Postman

  1. Within the textual content field, enter the next code extract, changing the fields along with your credential values:
{"grant_type": "authorization_code",
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET",
"code": "YOUR_AUTHORIZATION_CODE",
"redirect_uri": "https://YOUR_APP_CALLBACK_URL"}

  1. Select Ship.

If all the things is configured accurately, Postman will return an entry token.

  1. Copy the entry token and reserve it in your most popular textual content editor. You’ll need it to attach Confluence (Cloud) to Amazon Q Enterprise.

For extra data, see Implementing OAuth 2.0 (3LO) within the Atlassian Developer documentation.

Generate a Confluence (Cloud) refresh token

The entry token you utilize to attach Confluence (Cloud) to Amazon Q Enterprise utilizing OAuth 2.0 authentication expires after 1 hour. When it expires, you’ll be able to both repeat the entire authorization course of and generate a brand new entry token, or generate a refresh token.

Refresh tokens are carried out utilizing a rotating refresh token mechanism. Every time they’re used, rotating refresh tokens points a brand new limited-life refresh token that’s legitimate for 90 days. Every new rotating refresh token resets the inactivity expiry time and allocates one other 90 days. This mechanism improves on single persistent refresh tokens by lowering the interval during which a refresh token could be compromised and used to acquire a sound entry token. For extra particulars, see OAuth 2.0 (3LO) apps within the Atlassian Developer documentation.

To generate a refresh token, you add a %20offline_access parameter to the tip of the scope worth within the authorization URL you used to generate your entry token. Full the next steps to generate a refresh token:

  1. Log in to your account from the Atlassian Developer page.
  2. Open the OAuth 2.0 app you wish to generate a refresh token for.
  3. Within the navigation pane, select Authorization.
  4. For OAuth 2.0 (3LO), select Configure.
  5. On the Authorization web page, underneath Authorization URL generator, copy the URL for Granular Confluence API authorization URL and reserve it in your most popular textual content editor.

Determine 25: Retrieving Confluence API URL particulars

  1. Within the saved authorization URL, replace the state=${YOUR_USER_BOUND_VALUE} parameter worth to any textual content of your alternative. For instance, state=sample_text.

For extra data, see What is the state parameter used for? within the Atlassian Assist documentation.

  1. Add the next textual content on the finish of the scope worth in your authorization URL: %20offline_access and replica it. For instance:
https://auth.atlassian.com/authorize?

viewers=api.atlassian.com

&client_id=YOUR_CLIENT_ID

&scope=REQUESTED_SCOPEpercent20REQUESTED_SCOPE_TWOpercent20offline_access

&redirect_uri=https://YOUR_APP_CALLBACK_URL

&state=YOUR_USER_BOUND_VALUE

&response_type=code

&immediate=consent

  1. Open your most popular internet browser and enter the modified authorization URL you copied into the browser URL.
  2. On the web page that opens, be certain all the things is appropriate after which select Settle for.

Determine 26: Testing a Confluence API URL

You may be returned to the Confluence (Cloud) console.

  1. Copy the URL of the Confluence (Cloud) dwelling web page and reserve it in a textual content editor of your alternative.

The URL accommodates the authorization code to your software. You’ll need this code to generate your Confluence (Cloud) refresh token. The entire part after code= is the authorization code.

  1. Navigate to Postman.

For those who don’t have Postman put in in your native system, it’s also possible to select to make use of cURL to generate a Confluence (Cloud) entry token. Use the next cURL command to take action:

curl --location 'https://auth.atlassian.com/oauth/token' 
--header 'Content material-Sort: software/json' 
--data '{"grant_type": "authorization_code",
"client_id": "YOUR CLIENT ID",
"client_secret": "YOUR CLIENT SECRET",
"code": "AUTHORIZATION CODE",
"redirect_uri": "YOUR CALLBACK URL"}'

  1. If, nevertheless, you could have Postman put in, on the primary Postman window, select POST as the tactic, then enter the next URL: https://auth.atlassian.com/oauth/token.
  2. Select Physique on the menu, then select uncooked and JSON.

Determine 27: Retrieving a Confluence refresh token in Postman

  1. Within the textual content field, enter the next code extract, changing the fields along with your credential values:
{"grant_type": "authorization_code",
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET",
"code": "YOUR_AUTHORIZATION_CODE",
"redirect_uri": "https://YOUR_APP_CALLBACK_URL"}

  1. Select Ship.

If all the things is configured accurately, Postman will return a refresh token.

  1. Copy the refresh token and reserve it utilizing your most popular textual content editor. You’ll need it to attach Confluence (Cloud) to Amazon Q Enterprise.

For extra data, see Implementing a Refresh Token Flow within the Atlassian Developer documentation.

Generate a brand new Confluence (Cloud) entry token utilizing a refresh token

You should utilize the refresh token you generated to create a brand new entry token and refresh token pair when an current entry token expires. Full the next steps to generate a refresh token:

  1. Copy the refresh token you generated following the steps within the earlier part.
  2. Navigate to Postman.

For those who don’t have Postman put in in your native system, it’s also possible to select to make use of cURL to generate a Confluence (Cloud) entry token. Use the next cURL command to take action:

curl --location 'https://auth.atlassian.com/oauth/token' 
--header 'Content material-Sort: software/json' 
--data '{"grant_type": "refresh_token",
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET",
"refresh_token": "YOUR_REFRESH_TOKEN"}'

  1. Within the Postman most important window, select POST as the tactic, then enter the next URL: https://auth.atlassian.com/oauth/token.
  2. Select Physique from the menu and select uncooked and JSON.

Determine 28: Utilizing a Confluence refresh token in Postman

  1. Within the textual content field, enter the next code extract, changing the fields along with your credential values:
{"grant_type": "refresh_token",
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET",
"refresh_token": "YOUR REFRESH TOKEN"}

  1. Select Ship.

If all the things is configured accurately, Postman will return a brand new entry token and refresh token pair within the following format:

{"access_token": "string,
"expires_in": "expiry time of access_token in seconds",
"scope": "string",
"refresh_token": "string"}

For extra data, see Implementing a Refresh Token Flow and How do I get a new access token, if my access token expires or is revoked? within the Atlassian Developer documentation.

Proceed creating your software

Full the next steps to proceed creating your software:

  1. For AWS Secrets and techniques Supervisor secret, select an current secret or create an AWS Secrets Manager secret to retailer your Confluence authentication credentials. For those who select to create a secret, an AWS Secrets and techniques Supervisor window opens. Enter the next data within the window:
    1. For Secret identify, enter a reputation to your secret.
    2. Enter the knowledge you generated earlier:
      1. If utilizing Primary Authentication, enter your Secret identify, Person identify, and Password (Confluence API Token) that you simply generated and downloaded out of your Confluence account.
      2. If utilizing OAuth2.0 Authentication, enter the Secret identify, App key, App secret, Entry token, and Refresh token that you simply created in your Confluence account.
    3. Select Save and add secret.For extra particulars on making a Secrets and techniques Supervisor secret, confer with Create an AWS Secrets Manager secret.
  2. Select the key you created to make use of to your Confluence connector.

    Determine 29: Choosing a secret in Secrets and techniques Supervisor

  3. Below Configure VPC and safety group, you’ll be able to select whether or not you wish to use a VPC (Non-compulsory). For those who do (which we advocate), enter the next data:
    1. For Subnets, enter as much as 6 repository subnets that outline the subnets and IP ranges the repository occasion makes use of within the chosen VPC.
    2. For VPC safety teams, Select as much as 10 safety teams that enable entry to your information supply.For extra data, see Virtual private cloud.

      Determine 30: Configuring VPC and Safety Group in Amazon Q Enterprise

  4. Below Identification crawler, affirm that crawling is enabled.Amazon Q Enterprise crawls identification data out of your information supply by default to verify the responses out of your linked information sources are generated solely from paperwork end-users have entry to. For extra data, see Identity crawler.By default, an Amazon Q Enterprise software is configured to answer finish person chat queries utilizing solely enterprise information. If you want Amazon Q Enterprise to make use of the underlying LLM information to generate responses when it might probably’t discover the knowledge out of your linked information sources, you’ll be able to allow this within the Response settings underneath your software guardrails.
  5. Below IAM position, select an current AWS Identity and Access Management (IAM) position or create an IAM position to entry your repository credentials and index content material.Creating a brand new service position is beneficial. For extra data, see IAM role for Amazon Q Confluence (Cloud) connector.

    Determine 31: Configuring IAM position in Amazon Q Enterprise

  6. Below Sync scope, select from the next choices:
    1. For Sync contents, you’ll be able to select to sync from the next entity sorts: pages, web page feedback, web page attachments, blogs, weblog feedback, weblog attachments, private areas, archived areas, and archived pages.
    2. For Most single file dimension, specify the file dimension restrict in megabytes that Amazon Q Enterprise will crawl. Amazon Q Enterprise will crawl solely the recordsdata throughout the dimension restrict you outline. The file dimension ought to be better than 0 MB and fewer than or equal to 50 MB.
  7. Below Extra configuration, for Area and regex patterns, specify whether or not to incorporate or exclude particular areas in your index with the next settings:
    1. Area key – For instance, my-space-123.
    2. URL – For instance, .*/MySite/MyDocuments/.
    3. File sort – For instance, .*.pdf, .*.txt.
    4. For Entity title regex patterns, specify common expression patterns to incorporate or exclude sure blogs, pages, feedback, and attachments by titles.

      Determine 32: Configuring scopes and regexes in Amazon Q Enterprise

  8. Below Sync mode, select the way you wish to replace your index when your information supply content material adjustments. While you sync your information supply with Amazon Q Enterprise for the primary time, all content material is synced by default. You might have the next choices:
    1. Full sync – Sync all content material whatever the earlier sync standing.
    2. New, modified, or deleted content material sync – Sync solely new, modified, and deleted paperwork.
  9. Below Sync run schedule, for Frequency, select how typically Amazon Q Enterprise will sync along with your information supply. For extra particulars, see Sync run schedule.
  10. Below Tags, you’ll be able to optionally add tags to go looking and filter your sources or observe your AWS prices. See Tagging resources for extra particulars.

    Determine 33: Configuring sync mode, sync frequency, and tagging

  11. Below Area mappings, choose the info supply doc attributes to map to your index fields. Add the fields from the Knowledge supply particulars web page after you end including your information supply. You may select from two forms of fields:
    1. Default – Routinely created by Amazon Q Enterprise in your behalf based mostly on frequent fields in your information supply. You may’t edit these.
    2. Customized – Routinely created by Amazon Q Enterprise in your behalf based mostly on frequent fields in your information supply. You may edit these. You may also create and add new {custom} fields.For extra data, see Field mappings.
  12. To complete connecting your information supply to Amazon Q, select Add information supply.

    Determine 34: Mapping Confluence fields in Amazon Q Enterprise

  13. After the Confluence connector is created, you’re redirected to the Join information sources web page, the place you’ll be able to add extra information sources if wanted.
  14. Select Subsequent to proceed.
  15. Below Add or assign customers and teams, you’ll be able to to assign customers or teams from IAM Identification Heart. If in case you have the suitable permissions, you could have the power so as to add new customers. Choose the suitable possibility for you.
  16. Select Subsequent.

    Determine 35: Assigning customers/ teams and Net expertise service entry in Amazon Q Enterprise

  17. Below Assign customers and teams, you’ll be able to select the customers or teams you wish to add to your Amazon Q Enterprise software. (To ensure that a person to get a solution from Amazon Q Enterprise, the person IDs added in IAM Identification Heart must match the person IDs in Confluence.)
  18. In Net expertise service entry, enter the next data:
    1. For Select a technique to authorize Amazon Q Enterprise – A service entry position assumed by finish customers once they sign up to your internet expertise that grants them permission to begin and handle conversations in Amazon Q Enterprise. You may select to make use of an current position or create a brand new position.
    2. Service position identify – A reputation for the service position you created for simple identification on the console.
  19. Choose Create software.
  20. As soon as the appliance is created, navigate to the Knowledge supply particulars part, select Sync now to permit Amazon Q Enterprise to start syncing (crawling and ingesting) information out of your information supply.

When the sync job is full, your information supply is able to use.

The time the sync will take relies on the scale of your Confluence surroundings. Examine again periodically to see if the sync has completed.

Run a pattern question to check the answer

When the sync in your information supply is full, you’ll be able to deploy the net expertise to check the answer. For extra particulars for organising the Amazon Q Enterprise internet expertise, see Customizing an Amazon Q Business web experience.

Determine 37: Amazon Q Enterprise internet expertise URLs

After you’re signed in to the net expertise, check out a query based mostly on data in your Confluence Cloud. The next screenshots present some examples.

Determine 38: Pattern Amazon Q Enterprise internet expertise immediate and completion

Determine 39: Pattern Amazon Q Enterprise internet expertise immediate and completion (half 2)

Determine 40: Pattern Amazon Q Enterprise internet expertise immediate and completion (half 3)

Amazon Q Enterprise generates a response, in addition to the citations to the place the knowledge got here from. You may click on the hyperlinks within the quotation to go on to the supply web page.

Troubleshooting and FAQs

For data on troubleshooting your connector, see Troubleshooting your Amazon Q Business Confluence (Cloud) connector.

Consult with Amazon Q Business FAQs for incessantly requested questions.

Clear up

For those who not want your Amazon Q Enterprise software, be certain to delete it to keep away from undesirable prices. While you delete your software, it’s going to take away the related index and information connectors.

Determine 41: Deleting Amazon Q Enterprise confluence connector

Conclusion

On this put up, we supplied an outline of Amazon Q Enterprise Confluence Cloud connector and the way you should utilize it for seamless integration of generative AI help to your Confluence Cloud. Through the use of a single interface for the number of information sources within the group, you’ll be able to allow workers to be extra data-driven, environment friendly, ready, and productive.

To be taught extra about Amazon Q Enterprise connector for Confluence Cloud, confer with Connecting Confluence (Cloud) to Amazon Q Business.

Concerning the Authors

Tyler Geary is a Options Architect at Amazon Net Providers (AWS), the place he’s a member of the Enterprise Monetary Providers crew, specializing in Insurance coverage clients. He helps his clients determine enterprise challenges and alternatives, tying them again to modern options powered by AWS, with a selected deal with Generative AI. In his free time, Tyler enjoys mountain climbing, tenting, and spending time within the nice outdoor.

Sumeet Tripathi is an Enterprise Assist Lead (TAM) at AWS in North Carolina. He has over 17 years of expertise in know-how throughout varied roles. He’s captivated with serving to clients to cut back operational challenges and friction. His focus space is AI/ML and Power & Utilities Section. Exterior work, He enjoys touring with household, watching cricket and films.

Vishal Naik is a Sr. Options Architect at Amazon Net Providers (AWS). He’s a builder who enjoys serving to clients accomplish their enterprise wants and resolve complicated challenges with AWS options and greatest practices. His core space of focus contains Generative AI and Machine Studying. In his spare time, Vishal loves making quick movies on time journey and alternate universe themes.

More Stories

Prime Information Science Profession Questions, Answered | by Haden Pelletier | Nov, 2024

November 9, 2024 thefutureofworkinfo

Unleashing Stability AI’s most superior text-to-image fashions for media, advertising and promoting: Revolutionizing artistic workflows

November 9, 2024 thefutureofworkinfo

Introducing mall for R…and Python

November 9, 2024 thefutureofworkinfo

Leave a Reply

Your email address will not be published. Required fields are marked *

You may have missed

Prime Information Science Profession Questions, Answered | by Haden Pelletier | Nov, 2024

November 9, 2024 thefutureofworkinfo

Construct a multi-tenant generative AI atmosphere to your enterprise on AWS

November 9, 2024 thefutureofworkinfo

Unleashing Stability AI’s most superior text-to-image fashions for media, advertising and promoting: Revolutionizing artistic workflows

November 9, 2024 thefutureofworkinfo

Roadmap for Changing into a Information Scientist

November 9, 2024 thefutureofworkinfo

Introducing mall for R…and Python

November 9, 2024 thefutureofworkinfo