website logo
⌘
K
Book a DemoSign Up ->
🌐
Help Center
šŸ’¼
Jobs
šŸš€GETTING STARTED
šŸ‘‹Welcome to Archbee šŸ¤“
Learn the basics
How to get started
šŸ“EDITOR
šŸ“ƒDOCUMENTS
šŸ—ƒļøSPACES
šŸŒŽHOSTED SPACES
šŸ”ƒPUBLIC API
GET
Get document
POST
Update / Create document
DELETE
Delete document
GET
Search document
ā˜•ORGANIZATIONS
šŸ“¦IMPORT & EXPORT
šŸ”ŒINTEGRATIONS
šŸ“„GUIDES
āžæMISC
šŸ™‹Q&A
Docs powered by
Archbee
HOSTED SPACES

Public Access Controls

This feature is available on these plans: āœ”ļø Growing only for Password Auth

āœ”ļø Scaling āœ”ļø Enterprise

By default a public Space does not have any authentication method, but you can choose and set a few:

  1. Space-wide password;
  2. Guest accounts, where you manually create email + password combos and distribute them to your users;
  3. Magic Links, where you enter specific emails or entire domains, and users will authenticate using a link that we send to their email address;
  4. Private Links, where you can generate private links and share them with your users and teams. Manage access control per user group via links;
  5. JWT, where your dev team generates a JWT with a secret key you provide in our UI, then pass it back to us as part of a link. This is the easiest to manage, but you will require developer time.

None

The default behaviour is set as None, meaning it is available publicly. You can change to controls to limit the access for readers.

Everyone with the link will be able to read content.

Links are safe to share because they are cryptographically generated and unguessable.

Document image


When you want to gate the contents to specific readers, try any of the options below.

Here is the breakdown of each control by each subscription plan:

Growing

Scaling

Enterprise

Password

Password

Password



Guest Accounts

Guest Accounts



Magic Link

Magic Link



JWT authentication

JWT authentication



Guest Accounts

Create guest accounts. Everyone with the link and a guest account will be able to read the content. Guest accounts are not charged as seats in Archbee.

Document image



Magic Link

Users will be able to authenticate to your space with their email address if you add their email address or their email domain to the list below. Everyone with the link and a matched account will be able to read the content. Accounts are not charged as seats in Archbee.

Document image



Private links

Generate Private links for specific user groups/teams. Each user group/team will have their own link to the same documentation and you can manage access control via this links. You need to cut access for team 1? Delete the private link associated with team 1.

Document image






How JWT works

JWT visitor authentication

Go to the Spaces settings, and set a JWT secret key that you generate on your server



Document image


Use one of the examples below to generate the JWT token.

You also need to replace the URL with the subdomain of your documentation site.

Node.js
|
const sign = require('jsonwebtoken').sign;

exports.buildArchbeeLoginURL = function() {
  // Optional user credentials that you want to send back to Archbee
  const user = {
    name: 'John',
    email: 'Wick',
  };
  //create a signed token out of the user credentials with the
  //secret you set in Archbee
  const jwtToken = sign(user, '<archbeeJwtSecret>');
  //yourdomain is set in the Custom Domain tab
  const archbeeUrl = 'https://yourdomain.com';
 
  //create the complete URL containing the signed token that you'll send back to Archbee
  return `${archbeeUrl}?jwt=${jwtToken}&reload`;
};


Here is an example to generate a JWT token with .NET: https://github.com/dragosbulugean/archbee-jwt-dotnet

JS
|
using JWT;
using JWT.Algorithms;
using JWT.Serializers;

var payload = new Dictionary<string, object>
{
    { "name", "John Wick" },
    { "email", "john.wick@matrix.com" }
};
const string secret = "TW9zaGVFcmV6UHJpdmF0ZUtleQ";

IJwtAlgorithm algorithm = new HMACSHA256Algorithm(); // symmetric
IJsonSerializer serializer = new JsonNetSerializer();
IBase64UrlEncoder urlEncoder = new JwtBase64UrlEncoder();
IJwtEncoder encoder = new JwtEncoder(algorithm, serializer, urlEncoder);

var jwtToken = encoder.Encode(payload, secret);
var archbeeLink = $"https://docs.yourcompany.com/?jwt={jwtToken}&reload";

Console.WriteLine($"JWT Token: {jwtToken}");
Console.WriteLine($"Archbee Link: {archbeeLink}");


JWT tokens are bypassed on Preview/Staging



Updated 22 Sep 2023
Did this page help you?
PREVIOUS
Hosting Spaces on a sub folder
NEXT
Space Links
Docs powered by
Archbee
TABLE OF CONTENTS
None
Guest Accounts
Magic Link
Private links
How JWT works
JWT visitor authentication
Docs powered by
Archbee