CTRL+K
Our Protect PDF API offers enterprise-grade security tools to lock down sensitive information and control how users interact with your documents. Lock PDF files with user and owner passwords using industry standard AES-256 encryption and apply granular restrictions like copying, printing, or making changes. Whether you're protecting confidential reports, securing client contracts, or preventing unauthorized document modifications, our API handles it all through simple REST endpoints.
Built for compliance systems, document management platforms, confidential report generators, and enterprise content security solutions. Password protect sensitive financial documents, prevent copying from legal contracts, restrict printing for internal memos, secure client proposals with editing restrictions, or apply comprehensive protection to intellectual property documents. Control exactly what users can and cannot do with your PDFs while maintaining complete security over your content. With asynchronous request processing and webhook support, you can seamlessly integrate PDF Protection APIs into your automation pipelines.
If you don't want to poll for task status, you can simply provide the webhook data in your request. Instead of manually checking status, we will automatically notify your endpoint the moment the task processing is completed.
destroy parameter, your files are permanently wiped from our servers immediately after processing finishes, ensuring complete data security. If destroy is not set, files are retained up to 30 days based on user's plan.We don't compromise on security. All PDFs uses industry standard 256-bit AES encryption, providing enterprise-grade security for your PDF files making them virtually impossible to crack without the correct credentials. Your documents are protected with the same encryption standards used by financial institutions and government agencies worldwide.
Implement flexible security policies with distinct "User" and "Owner" passwords. User passwords restrict document opening, while owner passwords control who can modify security settings and restrictions. You get full flexibility to implement your security requirements.
Apply specific restrictions to prevent copying, printing, editing, form filling and annotation modifications. Control exactly what users can do with your PDFs through distinct restriction types, from blocking high-quality printing to preventing content extraction. This allows you to share documents for viewing while protecting your intellectual property.
Stop unauthorized text and image extraction with content copying restrictions. Perfect for protecting intellectual property, confidential information, and proprietary content from being copied or redistributed without permission.
Handle heavy documents and high-resolution assets with ease. Our API supports a massive 1GB payload size per request, allowing you to process even the largest PDF files without worrying about size restrictions.
$ pip install requests
File uploads must use multipart/form-data format. PDF API accepts a single file upload.
| Parameter | Required | Type | Default | Description |
|---|---|---|---|---|
| file | No | multipart/form-data | - | The PDF file to process. Only used if you're uploading a file instead of using file_id. |
Input Priority Rule:
If both file and file_id are provided, the multipart file upload takes priority and file_id is ignored.
All parameters must be included as query parameters. Any parameters sent in the form data will be ignored.
| Parameter | Required | Type | Default | Description |
|---|---|---|---|---|
| user_password | Yes | String | - | Set user password for the PDF file. Password must be between 6 and 128 characters. |
| owner_password | No | String | - | Set owner password for the PDF file. If not provided, user password will also be used as owner password. Password must be between 6 and 128 characters. |
| file_password | No | String | - | Password to unlock the input file if it's protected. Either the owner or user password can be provided. The owner password takes precedence. |
| file_id | No | String | - | The unique ID of a file already present on our server. Use this instead of uploading the file again. |
| output | No | String | encrypted_output | Name of the output PDF (without extension). |
| destroy | No | Boolean | false | If true, we delete the input file immediately after generating the output. |
$ pip install requests
File uploads must use multipart/form-data format. PDF API accepts a single file upload.
| Parameter | Required | Type | Default | Description |
|---|---|---|---|---|
| file | No | multipart/form-data | - | The PDF file to process. Only used if you're uploading a file instead of using file_id. |
Input Priority Rule:
If both file and file_id are provided, the multipart file upload takes priority and file_id is ignored.
All parameters must be included as query parameters. Any parameters sent in the form data will be ignored.
| Parameter | Required | Type | Default | Description |
|---|---|---|---|---|
| restrictions | Yes | Array | - | A list of restrictions to apply. These define what the end user is not allowed to do with the PDF. See available restrictions below table. |
| user_password | Yes | String | - | Sets the password users will use to open the PDF. Password must be between 6 and 128 characters. If not set, only owner password will be set and anyone can open the PDF with the provided restrictions enabled. |
| owner_password | No | String | - | Sets the password that allows full access (e.g., removing restrictions). If not provided, user_password (if set) is used as the owner password. Password must be between 6 and 128 characters. |
| file_password | No | String | - | Password to unlock the input file if it is already secured. Provide the owner password if available, otherwise the user password. Owner password takes precedence. |
| file_id | No | String | - | The unique ID of a file already present on our server. Use this instead of uploading the file again. |
| output | No | String | restricted_output | Name of the output PDF (without extension). |
| destroy | No | Boolean | false | If true, we delete the input file immediately after generating the output. |
| Restriction | Description |
|---|---|
| print_high | Disables high-quality printing. |
| print_low | Disables low-resolution printing. |
| edit_document_assembly | Prevents reordering or inserting pages. |
| fill_form_fields | Disallows filling in PDF form fields. |
| edit_annotations | Disables adding or modifying annotations or comments. |
| modify_content | Prevents modifying existing content in the PDF. |
| copy_and_extract_content | Disables copying text or images from the PDF. |
| use_accessibility | Prevents screen readers or accessibility tools from accessing content. |
| Parameter | Required | Type | Default | Description |
|---|---|---|---|---|
| webhook_url | No | String | - | The URL where we'll send the webhook notification after the task completes. Authentication parameters in the URL (e.g., ?auth=token123) are passed as-is. |
| webhook_failure_notification | No | Boolean | false | If true, we'll send an email notification if the webhook request fails after 3 retries. The email goes to the requesting user or their org admin if user is part of an organization. |
| Header | Required | Type | Default | Description |
|---|---|---|---|---|
| X-Webhook-Authorization | No | String | - | Custom authorization header sent with the webhook request. Format: Key:Value (e.g., Authorization:Bearer token123). |
Explore detailed response fields including field names, data types, requirements, and descriptions in the interactive Response Tables below. For PDF Encrypt API click here, and for PDF Restrict API click here.
Use these endpoints to manage files and check task status.
task_id. The response includes creation and expiry timestamps to help you track result availability, along with specific error details if a task fails. Results are retained for up to 7 days, depending on the operation.file_id. Returns details including file name, size, type, and creation/deletion timestamps. Generated or uploaded files are retained up to 30 days based on user's plan, unless destroy is enabled to delete them immediately. You can use this endpoint to check if the file has expired using its file_id.multipart/form-data request. Each file receives a unique file_id that can be used with the PDF APIs.file_id for uses with the PDF APIs.| HTTP Status | Reasons |
|---|---|
| 400 | Invalid PDF File: Please provide a valid PDF file. We don't support other types. |
| 400 | Missing File or ID: You must provide either a file or a file ID. |
| 400 | Invalid Parameter: The value for 'param_name' is invalid. |
| 404 | File ID Not Found: Please provide a valid file ID. |
| 500 | File Saving Exception: An unknown error occurred while saving. Try again later. |
| 500 | Internal Server Error: Internal Server Error Occurred. |
| 400 | Missing PDF Password Exception: Please provide a user password for security operations. |
| 400 | Weak Password Provided: Please provide a strong password. Refer to the documentation for password requirements. |
| HTTP Status | Reasons |
|---|---|
| 400 | Invalid PDF File: Please provide a valid PDF file. We don't support other types. |
| 400 | Missing File or ID: You must provide either a file or a file ID. |
| 400 | Invalid Parameter: The value for 'param_name' is invalid. |
| 404 | File ID Not Found: Please provide a valid file ID. |
| 500 | File Saving Exception: An unknown error occurred while saving. Try again later. |
| 500 | Internal Server Error: Internal Server Error Occurred. |
| 400 | Missing PDF Password Exception: Please provide a password for security operations. |
| 400 | Weak Password Provided: Please provide a strong password. Refer to the documentation for password requirements. |
These errors might appear in the task-status response if the background job fails.
| Error | Description |
|---|---|
Invalid PDF File | The provided file is not a valid PDF file. |
File Saving Exception | An unknown error occurred while saving the file. Try again later. |
PDF Generation Exception | An unknown error occurred while generating the PDF. Try again later. |
Internal Server Error | Internal Server Error Occurred. |
Encrypted PDF Provided | The provided PDF file is encrypted. Please decrypt it first to perform operations. |
Invalid File Password | Please provide the correct file password for security operations. Refer to documentation for valid password selection. |
Missing Owner Password | Please provide an owner password for security operations. You have provided a user password which is not valid for this operation. |
ZIP File Creation Error | An error occurred while creating the ZIP file. Please try again later. |
Encrypt your PDF with password protection by uploading a file directly (multipart upload) or referencing a file_id of a stored file. Set a user password to control who can open the document, and optionally set an owner password for managing restrictions.
# Standard Response { "taskId": "04a06cd5-158d-4191-a45b-6f58249c599d", "inputIds": [ "7a9e4b12-f3c8-4d56-b7e1-8c2f9d0a3e6f" ] } # Response with destroy=true (No File IDs as they are deleted right away) { "taskId": "04a06cd5-158d-4191-a45b-6f58249c599d" }curl -X 'POST' \ 'https://api.apifreaks.com/v1.0/pdf/encrypt?user_password=MySecurePass123&owner_password=AdminPass456&output=protected_document' \ -H 'X-apiKey: YOUR_API_KEY' \ -F 'file=@/path/to/document.pdf'
Notes:
destroy=true parameter to delete input file after encryption completes (returns only taskId)After submitting a encryption or restriction task, check its progress using the Task Status API with your taskId. The task goes through these statuses: queued, processing, completed, and failed.
# Response (completed) { "taskId": "04a06cd5-158d-4191-a45b-6f58249c599d", "status": "completed", "outputFileId": "9b2e7f3a-5c8d-4e1b-a6f9-0d3c8e7b2a5f", "outputFileName": "processed_document.pdf", "createdAt": "2025-01-26 10:30:00", "expiresAt": "2025-01-27 10:30:00" } # Response (failed) { "taskId": "04a06cd5-158d-4191-a45b-6f58249c599d", "status": "failed", "error": "Invalid PDF File", "message": "The provided file is not a valid PDF file.", "createdAt": "2025-01-26 10:30:00" }curl -X GET "https://api.apifreaks.com/v1.0/pdf/task-status?taskId=04a06cd5-158d-4191-a45b-6f58249c599d" \ -H "X-apikey: YOUR_API_KEY"
Once the task status shows “completed”, download your protected PDF using the File Download API with the outputFileId from the task status response.
curl -X GET "https://api.apifreaks.com/v1.0/pdf/download?fileId=9b2e7f3a-5c8d-4e1b-a6f9-0d3c8e7b2a5f" \ -H "X-apikey: YOUR_API_KEY" \ --output output.pdf
Secure your PDF with permission restrictions by uploading a file directly or using a stored file_id. Define specific restrictions to prevent copying, printing, editing, and other actions. Optionally set passwords to enforce these restrictions and control document access.
# Standard Response { "taskId": "04a06cd5-158d-4191-a45b-6f58249c599d", "inputIds": [ "7a9e4b12-f3c8-4d56-b7e1-8c2f9d0a3e6f" ] } # Response with destroy=true (No File IDs as they are deleted right away) { "taskId": "04a06cd5-158d-4191-a45b-6f58249c599d" }curl -X 'POST' \ 'https://api.apifreaks.com/v1.0/pdf/restrict?restrictions=copy_and_extract_content&restrictions=print_high&restrictions=modify_content&user_password=UserPass123&owner_password=AdminPass456&output=restricted_document' \ -H 'X-apiKey: YOUR_API_KEY' \ -F 'file=@/path/to/document.pdf'
Notes:
restrictions parameter is required and can contain multiple restriction valuesprint_high, print_low, edit_document_assembly, fill_form_fields, edit_annotations, modify_content, copy_and_extract_content, use_accessibility which are explained in the table above.destroy=true parameter to delete input file after restriction completes (returns only taskId)To use the PDF Protect APIs, API credits are required. Charges apply only for successful queries, defined by a 2xx status code. If a request results in a 4xx or 5xx status code, no credits will be deducted, and any credits already charged will be refunded.
For each successful request, 200 credit will be charged. 1 extra credit will be charged per MB beyond 50 MB.
Utilize the Credits Usage API to efficiently monitor your recent consumption of both one-off and subscription credits. This API provides a streamlined way to track and manage your credit usage, ensuring you stay informed about your remaining balance and can optimize your resource allocation effectively.