Paperplane needs to access your source web pages at a publicly accessible URL in order to fetch and convert the web page to a PDF document.

However, your source web pages may contain private or sensitive data. There are three recommended solutions to this problem - you can choose the option that best fits your circumstances.

Option 1 - HTTP Basic Auth

Paperplane can request pages and other assets that use HTTP Basic Authentication to protect access. To use HTTP Basic Auth, set a username and optionally a password parameter when creating a job.

See the full set of job parameters for more information.

Option 2 - Provide a secret key as a query parameter

Another option is to create a secret key, append this as a query parameter to the URLs you send to Paperplane, and then only allow access if the secret key is correct.

If it's not convenient for you to set up HTTP Basic Auth, this is a good alternative method of securing access.

For example, a URL that provides a secret key parameter might look like this:

https://myexampleapp.com/invoices/12345?key=9bbfbbb1-dc29-42eb-bf06-86a95e2cd9da

Option 3 - Use URLs that include a random string

Alternatively you can make the page available at a URL that includes an unguessable random string such as a UUID v4. UUID generators are available for all popular languages. This is similar to the schemes that services like Google Drive and Dropbox use to create secure shareable links.

For example, a URL that includes a random UUID might look like this:

https://myexampleapp.com/invoices/53304a6a-2bf4-4028-b8af-aeb7250b4e56