To integrate Confluence with Lovable, create Supabase Edge Functions that authenticate using an Atlassian API token with HTTP Basic auth, then proxy Confluence REST API v2 calls for pages, spaces, and CQL search. Store credentials in Cloud Secrets to build enterprise knowledge base viewers and internal documentation search tools in Lovable.
Build Enterprise Knowledge Base Tools in Lovable with Confluence REST API
Engineering and product teams at enterprise companies store critical knowledge in Confluence — architecture decisions, runbooks, onboarding guides, API documentation, and meeting notes. The challenge is that Confluence's search and navigation can be frustrating, and building internal tools that surface the right Confluence content at the right time requires integration beyond what Confluence's native interface provides. A Lovable application connected to Confluence's REST API can create a focused knowledge portal for your team that is faster and more targeted than Confluence itself.
Confluence's REST API v2 is a well-designed REST API that covers the full hierarchy of Confluence content: spaces (top-level containers), pages (the primary content unit), children (sub-pages and attachments), and comments. The API supports Confluence Query Language (CQL) for powerful search queries — similar to SQL but for Confluence content. With CQL you can search for pages modified in the last 30 days in a specific space, pages with specific labels, or pages matching a text search across all spaces your user can access.
Authentication uses HTTP Basic auth with an Atlassian API token rather than OAuth2, which simplifies the initial setup significantly compared to other enterprise tools. You need the user's email address and an API token generated from account.atlassian.com. The API token belongs to a specific Atlassian user account, so it accesses all Confluence content that the user is authorized to see — for internal tools used by your team, using your own account's token is the standard approach for single-organization deployments.
Integration method
Confluence integration in Lovable uses Supabase Edge Functions that authenticate via HTTP Basic authentication combining an Atlassian account email and API token. Edge Functions proxy Confluence REST API v2 calls for pages, spaces, and CQL search queries, keeping the API token encrypted in Cloud Secrets and accessible only via Deno.env.get(). React components in your Lovable app fetch and display Confluence content through the proxy without any credential exposure.
Prerequisites
- An Atlassian account with access to a Confluence Cloud instance (API v2 is for Confluence Cloud — Confluence Server/Data Center uses a different API)
- An Atlassian API token generated from account.atlassian.com/manage-profile/security/api-tokens
- Your Confluence Cloud base URL in the format https://your-org.atlassian.net
- A Lovable project with Lovable Cloud enabled
- The space key for the Confluence space(s) you want to access — visible in the URL when viewing a space as /wiki/spaces/{SPACEKEY}/
Step-by-step guide
Generate an Atlassian API token
Generate an Atlassian API token
Navigate to account.atlassian.com in your browser and log in with the Atlassian account that has access to the Confluence content you want to integrate. In the account settings, go to Security → API tokens. Click 'Create API token', give it a descriptive label like 'Lovable Confluence Integration', and click 'Create'. Copy the generated token immediately — Atlassian only shows the full token once, and you cannot retrieve it after closing the dialog. If you lose it, you will need to revoke it and generate a new one. The API token authenticates requests using HTTP Basic authentication: the username is your Atlassian account email address and the password is the API token. This combination is Base64-encoded and included in the Authorization header as 'Basic {base64(email:token)}'. Your Edge Function will handle this encoding. The API token grants access to all Atlassian products accessible to your account, including Confluence and Jira — treat it with appropriate care. The token does not expire automatically, but you should rotate it periodically as a security best practice, especially if you think it may have been exposed. When used with Confluence's REST API, it respects all of the permissions and restrictions configured in your Confluence spaces — the integration can only access content the account can see.
Pro tip: Create the API token under a service account or shared team account if multiple team members will use the integration, rather than a personal account. This prevents the integration from breaking if someone leaves the organization.
Expected result: You have an Atlassian API token and the associated email address ready to store in Cloud Secrets.
Store Confluence credentials in Cloud Secrets
Store Confluence credentials in Cloud Secrets
In your Lovable project, open the Cloud tab by clicking '+' next to the Preview panel, then navigate to the Secrets section. Add three secrets for the Confluence integration. Add CONFLUENCE_EMAIL with your Atlassian account email address. Add CONFLUENCE_API_TOKEN with your Atlassian API token. Add CONFLUENCE_BASE_URL with your Confluence Cloud instance URL in the format https://your-org.atlassian.net (no trailing slash). These three values together provide everything the Edge Function needs to authenticate and construct API request URLs. Storing them separately rather than pre-computing the Base64 encoding makes each value individually replaceable — if the API token changes, you only update CONFLUENCE_API_TOKEN without touching the other values. Lovable's Cloud Secrets are encrypted at rest using SOC 2 Type II certified infrastructure, ensuring that the API token — which grants broad access to your Atlassian account — is never exposed in browser requests, GitHub repositories, or application logs. The platform's automated security layer catches approximately 1,200 hardcoded API keys per day from leaking into code — by using Cloud Secrets you leverage this protection automatically.
Pro tip: Test that your Confluence URL is correct by visiting https://your-org.atlassian.net/wiki/ in your browser — if you reach Confluence, the URL format is correct for the API base.
Expected result: CONFLUENCE_EMAIL, CONFLUENCE_API_TOKEN, and CONFLUENCE_BASE_URL are stored in Cloud Secrets.
Create the Confluence API proxy Edge Function
Create the Confluence API proxy Edge Function
Ask Lovable to create a Supabase Edge Function called confluence-api that proxies requests to the Confluence REST API v2. The function reads the three secrets from Deno.env.get(), constructs the Base64-encoded Basic auth credentials by combining email:token, accepts a path and optional query parameters, and builds the full API URL using https://{baseUrl}/wiki/api/v2/{path}. The Confluence REST API v2 endpoints include GET /spaces for listing spaces, GET /spaces/{spaceId}/pages for pages in a space, GET /pages/{pageId} for a specific page, GET /pages/{pageId}/children for child pages, POST /wiki/rest/api/content/search for CQL search (note: CQL search uses the v1 endpoint path /wiki/rest/api/content, not v2), and GET /pages/{pageId}/body for page body content in a specific format. The page body endpoint accepts a body-format parameter that can be 'storage' (Atlassian's XML-like storage format), 'atlas_doc_format' (Atlassian Document Format JSON), or 'view' (HTML rendered for display). For displaying content in a web app, 'view' format returns clean HTML that can be rendered directly. For programmatic manipulation, 'atlas_doc_format' or 'storage' gives structured data. Support both GET and POST methods to handle CQL searches and page creation.
Create a Supabase Edge Function called confluence-api. Read CONFLUENCE_EMAIL, CONFLUENCE_API_TOKEN, and CONFLUENCE_BASE_URL from Deno.env.get(). Construct Basic auth by base64-encoding email:token. Accept path, method (default GET), params, and optional body in request JSON. For paths starting with 'search', use the v1 API at {baseUrl}/wiki/rest/api/{path}. For all other paths use {baseUrl}/wiki/api/v2/{path}. Add the Authorization: Basic header and Content-Type: application/json header. Return the API response.
Paste this in Lovable chat
1import { serve } from "https://deno.land/std@0.168.0/http/server.ts";2import { encode as base64Encode } from "https://deno.land/std@0.168.0/encoding/base64.ts";34const corsHeaders = {5 "Access-Control-Allow-Origin": "*",6 "Access-Control-Allow-Headers": "authorization, x-client-info, apikey, content-type",7};89serve(async (req) => {10 if (req.method === "OPTIONS") return new Response("ok", { headers: corsHeaders });1112 try {13 const email = Deno.env.get("CONFLUENCE_EMAIL");14 const token = Deno.env.get("CONFLUENCE_API_TOKEN");15 const baseUrl = Deno.env.get("CONFLUENCE_BASE_URL");1617 if (!email || !token || !baseUrl) {18 throw new Error("Confluence credentials not fully configured");19 }2021 const credentials = base64Encode(`${email}:${token}`);22 const { path, method = "GET", params, body: reqBody } = await req.json();23 if (!path) throw new Error("path is required");2425 // CQL search uses v1 endpoint26 const apiBase = path.startsWith("content") || path.startsWith("search")27 ? `${baseUrl}/wiki/rest/api/`28 : `${baseUrl}/wiki/api/v2/`;2930 const url = new URL(`${apiBase}${path}`);31 if (params) {32 Object.entries(params as Record<string, string>).forEach(([k, v]) => {33 url.searchParams.set(k, v);34 });35 }3637 const fetchOptions: RequestInit = {38 method,39 headers: {40 "Authorization": `Basic ${credentials}`,41 "Content-Type": "application/json",42 "Accept": "application/json",43 },44 };4546 if (reqBody && method !== "GET") {47 fetchOptions.body = JSON.stringify(reqBody);48 }4950 const response = await fetch(url.toString(), fetchOptions);51 const data = await response.json();5253 if (!response.ok) {54 throw new Error(data.message || JSON.stringify(data));55 }5657 return new Response(JSON.stringify(data), {58 headers: { ...corsHeaders, "Content-Type": "application/json" },59 });60 } catch (error) {61 return new Response(62 JSON.stringify({ error: error.message }),63 { status: 500, headers: { ...corsHeaders, "Content-Type": "application/json" } }64 );65 }66});Pro tip: Test the function by calling it with path 'spaces' and no params. You should get a list of all spaces your account can access. This confirms authentication is working before building the UI.
Expected result: The confluence-api Edge Function is deployed and returns a list of Confluence spaces when called with path 'spaces'.
Build the knowledge base search and browse interface
Build the knowledge base search and browse interface
With the Edge Function working, ask Lovable to build a knowledge base interface. Start with a space browser that lists all accessible Confluence spaces from the 'spaces' endpoint. Each space object includes an id, key, name, description, and URL. Display spaces as clickable cards. When a user selects a space, fetch pages from 'spaces/{spaceId}/pages' with a limit parameter and optional sort. Page objects include id, title, version, parentId, and URLs. Display pages as a hierarchical tree or flat list. For search, use the v1 content search endpoint with a CQL query. A basic keyword search CQL is: text ~ 'your query' ORDER BY lastModified DESC. You can filter by space: space.key = 'ENG' AND text ~ 'query'. Filter by label: label = 'runbook'. Filter by date: lastModified >= '2026-01-01'. The search returns content objects with a title, body excerpt, and metadata. For rendering page content, fetch the page body from 'pages/{pageId}' with body-format=view parameter, which returns the page content as HTML. Display this HTML in a sandboxed iframe or use dangerouslySetInnerHTML with appropriate sanitization. For a cleaner rendering, ask Lovable to render the HTML in a styled container that applies your app's typography and color scheme to override Confluence's default styles.
Build a Confluence knowledge base browser that calls my confluence-api Edge Function. Create a two-panel layout: left panel shows a space selector and page tree, right panel shows page content. Fetch spaces on load and show them as a sidebar list. When a space is selected, fetch its pages and show them as a tree with expand/collapse. When a page is clicked, fetch its body content with body-format=view and render the HTML in the right panel using dangerouslySetInnerHTML. Add a search bar at the top that runs a CQL text search across all spaces and shows results as a list with titles and excerpts.
Paste this in Lovable chat
Pro tip: Confluence page bodies in 'view' format include inline CSS classes from Confluence's design system. Use a CSS reset on the content container and apply your own typography styles to override Confluence's defaults for a consistent look.
Expected result: A knowledge base browser displays Confluence spaces, page hierarchies, and rendered page content with a working CQL search interface.
Common use cases
Internal knowledge base search portal
Build a fast, focused search interface over your Confluence content that returns more relevant results than Confluence's native search for specific use cases. Filter results by space, label, or last modified date, and display results with rich previews so users can find what they need without opening Confluence.
Create a knowledge base search portal that calls my confluence-api Edge Function with CQL queries. Add a search input field that, on submit, sends a CQL query like 'text ~ "{query}" AND space.key = "ENG" ORDER BY lastModified DESC'. Display results as a list with page title, space name, last modified date, and an excerpt from the body. Allow clicking a result to open the full page content in a detail panel. Add label filter chips for common labels like 'runbook' and 'architecture'.
Copy this prompt to try it in Lovable
Team onboarding knowledge hub
Create a curated onboarding portal that surfaces specific Confluence pages based on role or team, presenting new hires with the most relevant documentation in a clean interface rather than asking them to navigate Confluence's full structure from day one.
Build an onboarding hub that fetches pages from my confluence-api Edge Function filtered by label. Create sections for Engineering Onboarding (label='onboarding-eng'), Process Docs (label='process'), and Team Wikis (label='team-wiki'). Display each section as a card grid with page titles and last updated dates. Add a role selector dropdown that changes which labeled pages are featured. Show a recently updated sidebar with pages modified in the last 7 days.
Copy this prompt to try it in Lovable
Confluence-powered documentation site
Convert a Confluence space into a clean, fast documentation website by fetching page content via the API and rendering it in a custom-designed Lovable interface. Give technical documentation a modern look without migrating content out of Confluence.
Create a documentation site that reads pages from a specific Confluence space via my confluence-api Edge Function. Fetch the space's page tree using the space pages endpoint and display a navigation sidebar with the page hierarchy. When a page is selected, fetch its body content and render it in a clean reading view with proper typography. Support anchor navigation for headings in long pages. Add a breadcrumb showing the current page's location in the space hierarchy.
Copy this prompt to try it in Lovable
Troubleshooting
All API calls return 401 Unauthorized despite the correct email and token being stored in Cloud Secrets
Cause: The Basic auth encoding may be incorrect, or the API token has been revoked since it was stored. Atlassian API tokens can be revoked manually from account.atlassian.com or automatically by security policies.
Solution: Verify the API token is still active at account.atlassian.com/manage-profile/security/api-tokens. Check that the CONFLUENCE_EMAIL matches exactly the email of the Atlassian account that generated the token — even a trailing space in the secret value will cause 401 errors. Regenerate and re-store the token if needed. Confirm the Base64 encoding in the Edge Function combines email and token with a colon separator: base64('email@example.com:token_value').
Specific pages return 404 'Not Found' even though the page exists and is visible in Confluence
Cause: The API token belongs to a Confluence user who does not have view access to that specific page or space due to Confluence permission restrictions.
Solution: Verify that the Atlassian account whose API token is being used has access to the space and page in Confluence. Open Confluence and navigate to the page as that user — if you cannot see it, the API will return 404. Review the space's permissions and page restrictions in Confluence and add view access for the service account or user if needed.
CQL search returns 400 Bad Request with a 'Could not parse query' error
Cause: The CQL query string contains syntax errors, unclosed quotes, or uses invalid operators for the property type being filtered.
Solution: Test your CQL query in Confluence first — go to Confluence, click the search bar, switch to 'Advanced search', and type your CQL there. Confluence's UI will show CQL validation errors in real time. Once the query works in Confluence, copy it exactly to your Edge Function call. Common mistakes include missing quotes around text values and using single quotes where double quotes are needed.
Page content renders with broken styling or missing images when using the view body format
Cause: Confluence's view format HTML references resources (images, CSS, macros) relative to the Confluence domain, which your Lovable app cannot access directly.
Solution: For inline images embedded in pages, configure your Edge Function to rewrite image src attributes to proxy through a dedicated image endpoint. For macro content that renders as placeholder text, explain to users that some Confluence macros (like dynamic charts or live data macros) cannot be rendered outside Confluence. A CSS reset on the page content container prevents Confluence's bundled styles from affecting your app's design.
Best practices
- Store all three Confluence credentials — email, API token, and base URL — in Cloud Secrets as separate values for easier rotation and maintenance
- Use a service account or shared team account for the API token rather than an individual's personal account to prevent the integration from breaking when people leave the organization
- Implement CQL-based search with specific space and label filters rather than full-workspace text search to return more relevant results and reduce API response times
- Cache Confluence page content in your Supabase database with a reasonable TTL (1-4 hours for frequently changing content, longer for stable documentation) to reduce API calls and improve performance
- Sanitize or sandbox Confluence HTML rendered from the view body format — the HTML may contain scripts or styles from Confluence macros that should not execute in your application context
- Use the v2 API endpoints for page hierarchy and metadata, and only use the v1 content API for CQL search, which is not yet available in v2 as of March 2026
- For teams that use both Confluence and Jira heavily, consider combining both APIs in your Lovable application — the same Atlassian API token authenticates both services, making a unified Atlassian workspace portal feasible with minimal additional setup
Alternatives
Notion is a flexible all-in-one workspace with a friendlier block-based editor and database capabilities that work for cross-functional teams, while Confluence is optimized for enterprise engineering organizations that need deep Jira integration and granular permission structures.
Jira manages software development projects and issue tracking within the Atlassian ecosystem, while Confluence focuses on knowledge documentation and team wikis — they are complementary tools often used together using the same Atlassian API token.
Google Docs is a familiar document editor in the Google Workspace ecosystem with simple sharing, while Confluence provides hierarchical space organization, page templates, and Atlassian product integrations suited for structured company knowledge management.
Frequently asked questions
Does this integration work with Confluence Server or Data Center, or only Confluence Cloud?
This guide covers Confluence Cloud, which uses REST API v2 with Atlassian API token authentication. Confluence Server and Data Center use different API endpoints and authentication methods — typically basic auth with a username/password or personal access tokens configured differently. If your organization uses Confluence Server or Data Center, the API base URL and authentication headers will differ from what is described here.
Can I create new Confluence pages from my Lovable application?
Yes, Confluence's REST API supports creating pages via POST to the pages endpoint with a title, space ID, parent page ID, and body content in Atlassian Document Format (ADF) or storage format. Your Edge Function's POST method support enables this. ADF is a JSON format that describes Confluence content — Atlassian provides documentation and tools for constructing valid ADF documents from your application.
What is CQL and how is it different from regular text search?
CQL (Confluence Query Language) is a structured query language for searching Confluence content, similar to SQL. Unlike plain text search, CQL lets you combine multiple conditions — for example, finding pages with a specific label that were modified in the last week in a particular space. CQL supports operators like AND, OR, NOT, and ~ (contains) for text matching, and specific date, user, and content type filters. Using CQL instead of plain text search significantly improves result relevance for targeted use cases.
How do I handle Confluence permissions in my Lovable application?
The API token used by your Edge Function accesses content based on the permission settings of the Atlassian account it belongs to. If your application serves multiple users, they all effectively see what the service account can see — which may be more or less than each individual user has access to in Confluence. For applications where per-user access control is important, consider implementing user-specific OAuth2 flows so each user's own Confluence permissions are enforced.
Is there a rate limit for the Confluence REST API?
Yes, Atlassian enforces rate limits on the Confluence Cloud API. The limits vary by plan but are generally sufficient for interactive dashboard use. High-frequency data fetching (such as refreshing every few seconds) will hit limits quickly. Implement caching in your Supabase database and only make API calls when data is stale or explicitly refreshed by the user to stay well within rate limits.
Talk to an Expert
Our team has built 600+ apps. Get personalized help with your project.
Book a free consultation