Documentation Password Protection

it would be awesome to define a password (or HTTP Basic authentication data) for an published documentation. i think there are many APIs which are published to the own team with the custom domain but should not be available fully public.


Just wondering. Does sharing the collection in a team workspace help you? It is only visible to your team and they can view the documentation.

we got api and frontend devs, if we would limit the access to team members only our api devs would have access. the frontend devs do not need to change the docs just read/use them. same about external devs for which we do not buy seats in our team.

at least a “readonly-seat” would be an option too

If I am correct, you have the following use cases -

  1. Sharing with API devs (who have edit access)
  2. Sharing with front end devs (who cannot edit)
  3. External devs (who cannot edit)

You can do the following for each use case

  1. Sharing with API devs: Create a team workspace and create/share your collections inside it. Open the collection context menu (icon with three horizontal dots) and click on Modify Permissions. Here you can choose the permissions for your team and individual members. You can give edit access to your API devs only.

  2. Sharing with front end devs: The same steps as above. The members who have not been given edit permissions will only be able to view the private documentation. In the collection sidebar in your app, you will find a View in web button. This opens the private documentation.

  3. Sharing with external devs: You can Publish the documentation and a public URL will be generated, which you can share with everyone. Again, only user who you have explicitly given permission to can edit this collection. However, this a public URL and anyone with the link can view the collection. If you are looking to restrict this published view, that is not supported as of now.

Hope this helps.

1 Like

thanks for this detailed solution approach - the last part is basicly the feature request. would be awesome to protected the docu (on custom domain) and send it to external people. this would also fit for use case 2.

Our team would also like to have this feature. We have no problem paying for users who are actually using Postman and utilizing its features. However, for the higher-ups who would like to see this documentation, temporary cross-team collaboration members, and simply anyone we would like to share this documentation with without making it truly public… we cannot justify the expense.

Is this something you have on the roadmap?


I’m going to second @brickbeard on his reply. We would like to use the documentation feature since it saves us tons of time but we have several internal APIs that cannot be made externally available. If we had a way to secure the documentation so that only those allowed could see it, I could add it to the list of reasons we need a Pro/Enterprise relationship with Postman.