Quick Start¶

This guide is for admins already familiar with data retention concepts who want to get Content Retention Manager for Confluence up and running quickly.

Warning

We recommend trying our app on a development, test, or staging tenant first to familiarize yourself with the features and capabilities. This will help make sure the app conforms to your policies and expectations.

Prerequisites¶

A defined company policy on data retention or information governance, which you'll use to configure policies, classifications, and rules in Content Retention Manager for Confluence.
An active Confluence Cloud instance.
A user account with Confluence Admin (Site-Admin) privileges to configure policies, classifications, and automation.

Installation and first use¶

Install Content Retention Manager for Confluence from the Atlassian Marketplace onto your Confluence instance.
Click the icon in the top-right menu bar to open Confluence administration.
On the left navigation pane, scroll down to Settings, then expand Apps.
Select Content Retention Manager.

Info

Content Retention Manager can also be opened from Apps in the Confluence left side navigation. Access and available tabs vary by role and edition. See Accessing Content Retention Manager for Confluence for details.

Retention statuses¶

Each piece of content has one of the following retention statuses:

Retention Status	Definition	Visibility / Discovery
RETAINED	Content is in an active state and available. This means it hasn't expired per your policy or any extensions.	Accessible / Discoverable
EXTENDED	Content that has a date-based extension applied, setting an explicit future expiration date that overrides the content's retention policy.	Accessible / Discoverable
EVERGREEN	Content that has an indefinite extension applied. It never expires against a retention policy and will not be automatically removed.	Accessible / Discoverable
ENDING	Content is nearing the end of its retention period. Determine whether it needs an extension, can be archived, or can be removed.	Accessible / Discoverable
ENDED	Content has expired against your retention policy. When the retention period ends, content is first deleted (recoverable) and then purged (irrecoverable) after a delay you configure in your Policies.	Deleted: Accessible by space admins/Discoverable by space admins; Purged: Not accessible/Not discoverable

Dashboard¶

The Dashboard provides a visual summary of your content retention status in Confluence. It gives administrators a quick view of retention coverage, policy distribution, classification levels, and upcoming expirations.

Info

When you first visit the dashboard right after installation, it's likely that the app has not scanned the content in the background yet. In this case, you'll be prompted to refresh the stats by clicking the Sync Now button. Initial stats reflect the default policy settings. You can always manually refresh the stats on the Dashboard after you've made changes to the policies (see Setting up Retention Policies).

On the Dashboard, there are a few tiles providing high-level stats for the content:

Overview: The total number of content items on the Confluence site, and the count in each retention status.
Content Age: Time since content creation (Max, Average, Median, Standard Deviation).
Content Freshness: Time since last modification (Max, Average, Median, Standard Deviation).
Automation: The number of archive, delete, and purge operations performed over the last 30 days (UTC).

The Dashboard also includes four charts:

Breakdown by Applied Policy: This chart shows content grouped by applied retention policies (e.g., RET10Y-COMM, RET30D-COMM) and color-coded by retention status (Ended, Ending, Retained, etc.). Use it to see how policies are distributed and which have the most expired or active content.
Breakdown by Classification Level: This chart organizes content by classification level (e.g., Internal, Confidential, Restricted, Public) and highlights the retention status of each group. It's especially useful for verifying retention compliance for sensitive content.
Retention Expiration Trends: This chart shows the daily breakdown of content with expired retention (Ended, in red) and content nearing expiration (Ending, in orange). Use it to monitor upcoming retention events and plan follow-up actions. This chart is only shown when there is content in Ending or Ended status.
Daily Automation Activity: This chart shows the number of automation operations (archive, delete, and purge) performed each day over the last 30 days. Use it to verify that automated retention is running as expected and to spot any unusual spikes in activity. This chart is only shown when there has been automation activity in the last 30 days.

Dashboard data is typically updated daily through an automatic scan of all content. To trigger a manual scan, click the Sync Now button at the bottom left. A scan can take some time to complete on large instances. The timestamp at the bottom right shows when the most recent data snapshot was taken.

Setting up Retention Policies¶

Warning

Leave Automation turned off for now. We'll enable that later.

We recommend auditing your content after configuring retention policies. Enabling automation at this stage may result in the deletion and irreversible purging of expired content from your instance.

Retention policies are the primary tool for managing content in Content Retention Manager for Confluence. As an admin, you define policies in the Policies tab, set a global default, and create retention rules that apply specific policies to individual users, groups, spaces, or classification levels. Once your policies are in place, you can scan and report on all content. When you're confident the results are correct, optionally enable automation to enforce them.

The Policies tab has four sections:

Section	Purpose
Default Retention	The site-wide retention policy applied to content not covered by any rule.
Retention Rules	Rules that apply a specific policy to individual users, groups, spaces, or classification levels.
Policies	The library of policy definitions used by the default retention setting and retention rules. Each policy specifies a retention period and a warning period.
User Permissions	Controls whether non-admin users can view the policy code applied to their content. This applies when users access the app from the Apps menu. See Accessing Content Retention Manager for Confluence for details on non-admin access.

Configure each section as needed and click Save to apply your changes. Use Export and Import to back up and restore your policy configuration. This is especially useful when migrating from Lite to Standard edition or copying your setup to another site.

Policy Settings — **Policies** tab in Content Retention Manager for Confluence

Adding a Policy¶

Click the Add Policy button in the Policies section.
In the Add Policy dialog, enter a Code (unique identifier), a Name, and a Description for the policy.
In the Trigger dropdown, select when the retention period should begin, such as when the content was last modified or created.
In the Retention (days) field, enter how many days to retain the content.
In the Warning (days) field, enter the number of days before the retention period ends to flag content as Ending status.
Select the Automation setting: Default applies the global automation settings; Disabled excludes content under this policy from automation. See Automating retention enforcement for details on configuring the global settings.
Optionally, set a Purge Delay (days) to override the global purge delay configured in Automating retention enforcement. This is the number of days after the retention period ends before content is permanently purged. Leave blank to use the global purge delay.
Click Apply to add the policy.

Adding a Rule¶

Retention Rules override the default retention policy for specific entities. Instead of one policy for your entire Confluence site, rules let you set different retention periods for individual users, groups, spaces, or classification levels.

Each entity type has a distinct use case:

User: Applies to content created or last modified by a specific user. User rules are well-suited for e-discovery and legal hold scenarios. If a user is under investigation or has left the organization, you can assign a longer or indefinite retention to all content they touched, preserving it for legal review without changing the default policy for anyone else.
Group: Applies to all members of a Jira group. Use this for department-wide retention, such as retaining Legal team content longer than the default or applying a shorter policy to contractor groups.
Space: Applies to all content within a specific space. Use this when a space has its own compliance requirements that differ from the site-wide default, such as a regulated product development space.
Classification Level: Applies based on how content is classified. Use this to match retention periods to data sensitivity, such as retaining Confidential content for 10 years and Public content for 1 year.

Important

If content matches multiple rules, the following override order applies:

User rules take precedence, then
Classification Level rules, then
Group rules, then
Space rules, then
Default Retention if no rules match

When content matches multiple User rules, the rule for the user who last modified the content takes priority over the rule for the user who created it.

To add a rule:

Click the Add Rule button in the Retention Rules section.
In the Add Rule dialog, select an entity type: User, Group, Space, or Classification Level.
Search for and select the specific entities the rule should apply to.
In the Policy Definition dropdown, select the retention policy to apply. This overrides the default retention policy for any content that matches the rule.
To limit the rule to a specific date range, toggle Apply to a time frame and set the start and end dates. Content matches if its creation date or last-modified date falls within the range.
Click Apply to save the rule.

Adding a rule — Example User Retention Rule

Setting up Classification¶

Classification lets you categorize content in Confluence by sensitivity level. Configure classification on the Classification tab, where you define the available levels, set a global default, and create rules that assign default levels to specific entities such as spaces. Users with edit permission on a page can also view and set classification levels directly on their content, giving them a way to override the space or global default when needed.

The Classification tab has four sections:

Section	Purpose
Default Classification	The site-wide classification level applied to content with no specific level assigned.
Classification Rules	Rules that assign a default classification level to specific entities such as spaces.
Classification Levels	Where you define and manage the classification levels available in your instance. Levels are displayed to users in rank order, with lower numbers indicating higher sensitivity.
User Permissions	Controls whether users can view and set classification levels on their content.

Configure each section as needed and click Save to apply your changes. Use Export and Import to back up and restore your classification configuration. This is especially useful when migrating from Lite to Standard edition or copying your setup to another site.

Adding a Classification Level¶

Click Add Classification Level in the Classification Levels section.
In the Add Classification Level dialog, enter a unique and descriptive name for the new level. In the Definition field, enter the purpose and scope of the classification.
Choose a Color to display alongside the classification to convey its sensitivity.
Choose a Rank for the classification level. Lower numbers indicate higher sensitivity, with rank 1 being the most sensitive.

Adding a Classification Rule¶

Click the Add Rule button in the Classification Rules section.
In the Add Rule dialog, select an entity type, then search for and select the entities the rule should apply to.
In the Classification Level dropdown, select the classification level to assign. This overrides the default classification for matching content.
Click Apply to add the rule.

Per-content classification¶

This feature is not available in Lite edition of the app.

Users can view and change classification levels on their content by default. To open the Classification panel on an issue, click the apps icon in the issue toolbar and select Classification.

Classification level of a page — Example of a **Classification Level** display on a page

Users with Edit permission on a page can change its classification level using the dropdown, or search for a specific level by name. The selected level overrides the space default and any classification rules for that page.

Classification level setting of a page — Example of a **user selecting a new Classification Level**

Tip

Selecting Use Default removes the per-content override and restores the effective classification from rules and the global default.
An admin can restrict these permissions in the User Permissions section of the Classification tab. See Setting up Classification for details.

Audit your content¶

Use the Content Audit tab to verify that your policies and classification rules are producing the results you expect. Review content by retention status, use Filters and Search to zero in on specific items, and iterate on rules or take action directly from this view. When you're ready to share findings with your team or keep a record, use Export to download the current view as a CSV file.

Managing extensions¶

Select one or more items and use the extension buttons to manage their retention periods:

Add Extensions: extend the retention period for selected content. Two extension types are available: * Indefinite (evergreen): marks content so it never expires against a retention policy. * Extend to a specific date: sets an explicit future expiration date for the content.
Update Extensions: modify the date or type of an existing extension on selected items.
Remove Extensions: remove an extension, returning content to its policy-governed retention period.

Info

Extensions apply to individual items and take precedence over all policy settings, including retention rules.

Lite edition limits the total number of extensions to 100.

Adding extension — Extending a page to a specific date

Classifying content¶

This feature is not available in Lite edition of the app.

Select one or more items and click Classify to assign a classification level directly from the audit table. This is the bulk equivalent of the per-content classification described in Per-content classification. Like the per-content panel, it overrides classification rules per piece of content. Use this when your audit reveals items that are misclassified or not yet classified, and you want to correct them without opening each content individually.

Archiving, deleting and purging content manually¶

This feature is not available in Lite edition of the app.

Danger

Purging is irreversible. Content cannot be recovered after it has been purged.

The Archive, Delete, and Purge buttons let you act on specific items from the audit view, without waiting for automation.

Archive: moves selected content to an archived state. Use this for content in Ending or Ended status that should be preserved but made inactive.
Delete: moves selected content to the trash. Content remains recoverable by space and Confluence administrators.
Purge: permanently removes selected content from your Confluence instance.

These are the manual counterparts to the automated archiving, deletion, and purging configured on the Automation tab.

Automating retention enforcement¶

This feature is not available in Lite edition of the app.

Danger

Once automation is on, expired content will be archived, deleted, or purged according to your policies and cannot be recovered.

Before enabling automation, complete a thorough review using the Content Audit tab. Verify that your retention policies and classification rules are producing the results you expect, update any rules that need adjustment, and apply extensions or per-content classification overrides for anything that needs special handling.

The Automation tab lets you schedule two stages of the retention lifecycle under the Retention Enforcement section:

Automatic archiving: When content enters the Ending status (during the configured warning period before retention ends), it can be automatically archived.
Automatic deletion: When content expires against the retention policy, it can be automatically deleted. Deleted content is not visible to regular users but remains recoverable by space and Confluence administrators.
Automatic purging: When content reaches the end of its retention period, it is purged after a configurable delay. Purged content is irrecoverable and no longer discoverable.

Click the Automation tab.
Under Retention Enforcement, enable Automatic archiving if you want content archived when it enters the Ending status.
Enable Automatic deletion if you want content deleted when it expires.
Enable Automatic purging if you want content permanently removed after the delay period.
Set the Purge delay after the retention period ends (days). A few days provides a buffer in case content that should have been retained was not flagged in time.
Click Save.

Automation settings — Retention Enforcement settings on the Automation tab

Delegation¶

This feature is not available in Lite edition of the app.

Delegation allows you to share Content Retention Manager admin access with users who don't hold the Confluence Admin role. Members of delegated groups can create and manage retention policies and classification levels, including content they cannot delete in Confluence. Delegate only to trusted users who understand your organization's retention policies.

There are a few key differences between a Confluence admin and a delegated admin:

Only a Confluence admin can modify delegation settings. A delegated admin can view but cannot change these settings.
Adding a user as a delegated admin does not alter their Confluence permissions. In the Content Audit tab, a delegated admin can only see content they have read access to in Confluence, and can only use the Purge button on content they could delete in Confluence. However, by modifying policies, classification rules, and definitions, or by enabling automation, a delegated admin can affect the retention and classification of all content on the site, including content they cannot directly access.

To review and modify the delegation, click the Delegation tab.

To add groups:

Click the Add Groups button above the table.
In the dialog, select the groups to delegate to. Only groups with the User access type (non-admin groups) are shown.
Acknowledge the warning and click Add Group to confirm.
Click Save to apply your changes.

Add delegation groups — Add groups as admin delegates in Content Retention Manager

Final steps and considerations¶

Ongoing retention management is critical for compliance with laws and regulations. With Content Retention Manager for Confluence, you can decide how much of the process to automate and how much to handle manually. We recommend starting with manual auditing and review while you get familiar with the product. This reduces the risk of accidentally removing something important.

Content status¶

Content in Confluence has the following status levels. For legal and compliance purposes, content is considered discoverable any time anyone, including an admin, can access or recover it.

Content Status	Visibility	Discoverable
Current	Anyone with access can view	Yes
Archived	Accessible via direct links to anyone with read access	Yes
Deleted / Trashed	Not generally visible; recoverable by Space and Confluence Admins	Yes
Purged	No longer visible or recoverable. Any trace of the content is removed.	No

Discoverability and legal liability¶

Archiving and deleting content are not enough. As long as someone can recover a page or blog post in Confluence, that content remains discoverable for legal and compliance purposes. Actively maintain a policy that accounts for what should and should not be discoverable, in consultation with your Legal, CISO, and HR teams.

Audit log¶

The audit log is a permanent record showing who set or updated a policy, defined an extension, or deleted or purged content, and when. If a page or blog post is deleted or purged by automation, it appears in the log. The log records content by ID only, not the content itself.