PDF.co provides a set of security features to protect your sensitive data and documents. Please review the list below and use these features to protect your data.
While input files and uploaded files are transmitted over HTTPS with SSL and stored in the enrypted at rest cloud storage, PDF.co API also provides a set of additional encryption and decryption options to protect your data even further.
PDF.co API supports AES128, AES192, and AES256 encryption algorithms. You can use these algorithms to encrypt your files before sending them to PDF.co API for processing. Or you can use these algorithms to decrypt files after PDF.co API processing.
See User-Controlled Encryption and Decryption Options for more details.
Passwords and other sensitive params are automatically redacted from your input parameters and replaced with
[FILTERED] before saving into logs. In addition, you can enable so called
API Logs Strict Mode to additionally redact all input urls, output urls, output body (like objects), input template data and inline extracted data.
To enable this mode, please enable it from Account Security page.
This is how request and response will look like with Strict Mode enabled:
Request POST body
PDF.co API provides a set of pdf files security features to add passwords, disable content copying or extraction. See
pdf/security/remove API methods for more details.
IMPORTANT: while pdf documents can be protected with password, for sensitive data we recommend to also leverage user-controlled encryption and decryption features described above.
Output files generated by PDF.co API and files uploaded into PDF.co are stored in the encrypted at rest cloud storage. Links to these files are returned in the API response and generated using highly randominzed UUIDs with additional digital signature to prevent tampering.
Output files are stored for
60 minutes (1 hour) by default. You can decrease or extend this period from 1 minute to 24 hours by setting
expiration parameter on the API call.
You can also remove output files from the cloud storage by calling
file/delete API method.
PDF.co API accepts urls to publicly accessible links but it can also access files protected with HTTP Basic Auth or HTTP Digest Auth. Use
httpPassword parameters to set username and password required to access files. You can also upload files directly into PDF.co API using
file/upload API method.
Privatly accessible Google Drive/Dropbox/Box links are not currently supported. You need to generate a public
Anyone with a link can view link to use these files as input urls for PDF.co API.
PDF.co includes built-in file storage to store your templates and files that you plan to re-use as input files for API. You can upload your files at https://app.pdf.co/files and then use them as input urls for API calls via a special file tokens:
These file tokens are accessible and available for use within PDF.co API only.
PDF.co API supports
cache: prefix for input urls to cache files in the cloud storage. This is useful for files that you plan to re-use as input files for API calls especially when these files are stored on Google Drive or similar cloud services that are limiting number of requests. However, this feature is not intended to be used for sensitive data. Please do not use
cache: prefix for input urls that contain sensitive data.
To restrict access to your account from specific IP addresses, please add them to the
Allowed IP Addresses list on the Account Security page.
Copyright © 2016 - 2024 PDF.co