Last updated 9 months ago

Access control

There are several kinds of access control to be aware of:

  • access to app.redoc.ly
  • access to your API version snapshots
  • access to your docs projects

Access to app.redoc.ly is discussed in the article about people.

Depending on your plan, you may be able to control access to your snapshots and docs projects.

That access is controlled in the settings tab of either the API version or the docs project.

Versions access control

In a docs project, you can control access to both the production and previews environments separately.

Docs access control

Member access

Members are any people in your organization. Only owners may invite new people.

If you use an identity provider and have connected for single-sign on, it will allow everyone in your organization.

Basic auth

Basic auth provided ability to setup basic username and passwords to restrict access to the docs. This is only available on docs projects (not snapshots). This is recommended to prevent spiders or when you need to share a preview with someone outside of your organization.

Basic auth security is not as strong, so choose member access for the most secure access control.

Single sign-on (SSO)

Enterprises may utilize SSO with a SAML2 connected identity provider. This will enable anyone with an account on their identity provider to read the docs. Administrative access to Workflows is controlled separately.