docs: separate authentication methods in Confluence guide

[mstrivens]

Added two distinct authentication methods for Confluence integration:

Changes:

• Separated Classic API Token and Scoped API Key as distinct authentication methods
• Added Cloud ID retrieval instructions with both UI and API methods
• Documented required OAuth 2.0 scopes for all Confluence API operations
• Added OAuth app creation steps for scoped authentication
• Included useful links section with Atlassian documentation references

OAuth Scopes Covered:

• read:space:confluence (spaces API)
• read:content:confluence (content search & export)
• read:page:confluence (pages API)
• read:attachment:confluence (file downloads)
• write:attachment:confluence (file uploads)

Fixes #367

Generated with Claude Code

---

Summary by cubic

Separated Confluence authentication into two paths (Classic API Token and Scoped API Key) and expanded the guide with Cloud ID, OAuth scopes, and app setup. Addresses Linear issue #367 by clarifying setup and improving security guidance.

• New Features
  • Split auth methods: Classic API Token vs Scoped API Key (OAuth 2.0)
  • Added Cloud ID retrieval via UI and API
  • Documented required OAuth scopes for spaces, pages, content, and attachments
  • Added OAuth app creation and linking steps, plus helpful links

^{Written for commit ec640b9. Summary will update on new commits.}

PR Summary by Typo

Overview

This PR updates the Confluence integration guide to clearly separate and detail two distinct authentication methods: Classic API Token and Scoped API Key. This enhancement provides users with comprehensive instructions for both approaches, improving clarity and security guidance.

Key Changes

• Introduced a new section detailing the "Scoped API Key" authentication method, including steps for retrieving Cloud ID, configuring required OAuth 2.0 scopes, and creating an OAuth 2.0 app.
• Restructured the existing "Classic API Token" method with clearer subheadings for finding the domain, creating an API token, and linking the account.
• Added an introductory explanation differentiating the two authentication methods and their security implications.
• Included a "Useful Links" section with relevant Confluence documentation.

Work Breakdown

Category	Lines Changed
New Work	90 (94.7%)
Rework	5 (5.3%)
Total Changes	95

Linked JIRA Issues

No issues found.

To turn off PR summary, please visit Notification settings.

[Copilot]

Pull request overview

Updates the Confluence connection guide to clarify and expand authentication guidance, specifically distinguishing classic API-token auth from OAuth-based scoped authentication, in response to #367.

Changes:

• Split Confluence setup into two authentication methods (Classic API Token vs. Scoped OAuth).
• Added Cloud ID retrieval instructions (UI + API).
• Documented required OAuth 2.0 scopes and added OAuth app creation steps plus reference links.

Comments suppressed due to low confidence (1)

connection-guides/documents/confluence.mdx:100

• Terminology is inconsistent and nonstandard: this guide uses UserName/Email, but other connection guides consistently use Username (e.g., connection-guides/iam/checkmk.mdx:28, connection-guides/hris/fourth.mdx:26). Consider renaming this heading/body/bullet to Username/Email (or just Email) for consistency and readability.

### Find your UserName/Email

Your UserName/Email can be found at your profile in the upper right-hand corner of the screen.

### Linking your Account with Classic API Token

Upon reaching the Link Account page, select Confluence integration from hub and enter the credentials from the previous steps:
  - **UserName/Email**
  - **API Token**

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The document mixes singular and plural for this auth option (heading says “Scoped API Key”, but the next paragraph starts “Scoped API Keys use…”). Please make the naming consistent throughout (either singular everywhere or plural everywhere).

[Copilot]

The “retrieve Cloud ID using the API” example requires an OAuth access token, but the guide doesn’t explain where YOUR_ACCESS_TOKEN comes from (or link to Atlassian’s 3LO token/authorization flow). Add a short note or link so readers can actually obtain the bearer token before calling accessible-resources.

[Copilot]

In the auth-method summary, Classic API Token is described as using a “username and API token”, but later the required field is “UserName/Email”. Consider aligning the wording here with the actual credential users will enter (typically Atlassian account email) to avoid confusion.

Suggested change

	- **Classic API Token**: Uses basic authentication with username and API token
	- **Classic API Token**: Uses basic authentication with your Atlassian account email and an API token

[typo-app]

Static Code Review 📊

✅ All quality checks passed!

[typo-app]

AI Code Review 🤖

Files Reviewed: 1
Comments Added: 0
Lines of Code Analyzed: 100
Critical Issues: 0

PR Health: Excellent 🔥

_{Give 👍 or 👎 on each review comment to help us improve.}