Password and Security#

Add password and security limitations to PDF or remove existing limits and password from existing PDF files.

/pdf/security/add#

Add security to a PDF.

  • Method: POST

  • Endpoint: /v1/pdf/security/add

Attributes#

Note

Attributes are case-sensitive and should be inside JSON for POST request, for example:

{
    "url": "https://example.com/file1.pdf"
}

Attribute

Description

Required

url

URL to the source file. 1

yes

ownerPassword

The main owner password that is used for document encryption and for setting/removing restrictions.

yes

userPassword

The optional user password will be asked for viewing and printing document.

no

encryptionAlgorithm

Encryption algorithm. Valid values: RC4_40bit, RC4_128bit, AES_128bit, AES_256bit. AES_128bit or higher is recommended.

no

allowAccessibilitySupport

Allow or prohibit content extraction for accessibility needs. Note: this restriction applies when userPassword (if any) is entered. See note.

no

allowAssemblyDocument

Allow or prohibit assembling the document. Note: this restriction applies when userPassword (if any) is entered. See note.

no

allowPrintDocument

Allow or prohibit printing PDF document. Note: this restriction applies when userPassword (if any) is entered. See note.

no

allowFillForms

Allow or prohibit the filling of interactive form fields (including signature fields) in the PDF documents. See note.

no

allowModifyDocument

Allow or prohibit modification of PDF document. See note.

no

allowContentExtraction

Allow or prohibit copying content from PDF document. See note.

no

allowModifyAnnotations

Allow or prohibit interacting with text annotations and forms in PDF document. See note.

no

printQuality

Allowed printing quality. Valid values: HighResolution, LowResolution. See note.

no

async

Set async to true for long processes to run in the background, API will then return a jobId which you can use with the Background Job Check endpoint to check the status of the process and retrieve the output while you can proceed with other tasks.

no

name

File name for the generated output, the input must be in string format.

no

expiration

Set the expiration time for the output link in minutes (default is 60 i.e 60 minutes or 1 hour), After this specified duration, any generated output file(s) will be automatically deleted from PDF.co Temporary Files Storage. The maximum duration for link expiration varies based on your current subscription plan. To store permanent input files (e.g. re-usable images, pdf templates, documents) consider using PDF.co Built-In Files Storage.

no

profiles

Use this parameter to set additional configurations for fine-tuning and extra options. Explore the Profiles section for more.

no

Note

This restriction applies when userPassword (if any) is entered. This restriction does not apply if the user enters Owner Password. Default: false.

Query parameters#

No query parameters accepted.

Payload#

{
    "url": "https://pdfco-test-files.s3.us-west-2.amazonaws.com/pdf-merge/sample1.pdf",
    "ownerPassword": "12345",
    "userPassword": "54321",
    "EncryptionAlgorithm": "AES_128bit",
    "AllowPrintDocument": false,
    "AllowFillForms": false,
    "AllowModifyDocument": false,
    "AllowContentExtraction": false,
    "AllowModifyAnnotations": false,
    "PrintQuality": "LowResolution",
    "name": "output-protected.pdf",
    "async": false
}

Response 2#

{
    "url": "https://pdf-temp-files.s3.amazonaws.com/eaa441ade38548b8a3a96d8014c4f463/sample1.pdf",
    "pageCount": 1,
    "error": false,
    "status": 200,
    "name": "sample1.pdf",
    "remainingCredits": 616208,
    "credits": 14
}

CURL#

curl --location --request POST 'https://api.pdf.co/v1/pdf/security/add' \
--header 'x-api-key: ' \
--data-raw '{
    "url": "https://pdfco-test-files.s3.us-west-2.amazonaws.com/pdf-merge/sample1.pdf",
    "ownerPassword": "12345",
    "userPassword": "54321",
    "EncryptionAlgorithm": "AES_128bit",
    "AllowPrintDocument": false,
    "AllowFillForms": false,
    "AllowModifyDocument": false,
    "AllowContentExtraction": false,
    "AllowModifyAnnotations": false,
    "PrintQuality": "LowResolution",
    "name": "output-protected.pdf",
    "async": false
}'


/pdf/security/remove#

Add security to a PDF.

  • Method: POST

  • Endpoint: /v1/pdf/security/remove

Attributes#

Note

Attributes are case-sensitive and should be inside JSON for POST request, for example:

{
    "url": "https://example.com/file1.pdf"
}

Attribute

Description

Required

url

URL to the source file. 1

yes

password

The owner/user password to open files and remove security features.

no

async

Set async to true for long processes to run in the background, API will then return a jobId which you can use with the Background Job Check endpoint to check the status of the process and retrieve the output while you can proceed with other tasks.

no

name

File name for the generated output, the input must be in string format.

no

expiration

Set the expiration time for the output link in minutes (default is 60 i.e 60 minutes or 1 hour), After this specified duration, any generated output file(s) will be automatically deleted from PDF.co Temporary Files Storage. The maximum duration for link expiration varies based on your current subscription plan. To store permanent input files (e.g. re-usable images, pdf templates, documents) consider using PDF.co Built-In Files Storage.

no

profiles

Use this parameter to set additional configurations for fine-tuning and extra options. Explore the Profiles section for more.

no

Query parameters#

No query parameters accepted.

Payload#

{
    "url": "https://pdfco-test-files.s3.us-west-2.amazonaws.com/pdf-security/ProtectedPDFFile.pdf",
    "password": "admin@123",
    "name": "unprotected",
    "async": false
}

Response 2#

{
    "url": "https://pdf-temp-files.s3.amazonaws.com/9f2a754f76db46ac93781b3d2c6694c3/ProtectedPDFFile.pdf",
    "pageCount": 1,
    "error": false,
    "status": 200,
    "name": "ProtectedPDFFile.pdf",
    "remainingCredits": 616187,
    "credits": 21
}

CURL#

curl --location --request POST 'https://api.pdf.co/v1/pdf/security/remove' \
--header 'x-api-key: ' \
--data-raw '{
    "url": "https://pdfco-test-files.s3.us-west-2.amazonaws.com/pdf-security/ProtectedPDFFile.pdf",
    "password": "admin@123",
    "name": "unprotected",
    "async": false
}'


Code samples#

Footnotes

1(1,2)

Supports links from Google Drive, Dropbox, and PDF.co Built-In Files Storage. To upload files via the API check out the File Upload section. Note: If you experience intermittent Too Many Requests or Access Denied errors, please try to add cache: to enable built-in URL caching. (e.g cache:https://example.com/file1.pdf) For data security, you have the option to encrypt output files and decrypt input files. Learn more about user-controlled data encryption.

2(1,2)

Main response codes as follows:

Code

Description

200

Success

400

Bad request. Typically happens because of bad input parameters, or because the input URLs can’t be reached, possibly due to access restrictions like needing a login or password.

401

Unauthorized

402

Not enough credits

445

Timeout error. To process large documents or files please use asynchronous mode (set the async parameter to true) and then check status using the /job/check endpoint. If a file contains many pages then specify a page range using the pages parameter. The number of pages of the document can be obtained using the /pdf/info endpoint.