Loading
Loading
Our Unlock PDF API provides a streamlined solution to programmatically decrypt PDF files and strip away permission limits. Whether you need to recover access to a password-protected archive or remove PDF restrictions to enable printing and editing, our API handles it securely and efficiently. Unlock secured PDFs completely or selectively remove restrictions while keeping the file encrypted.
Ideal for enterprises managing large document repositories, legal teams handling archived contracts, and accounting systems processing password-protected invoices. Remove passwords to migrate documents between systems, unlock restrictions to enable collaboration features, or batch decrypt files for automated processing. With asynchronous request processing and webhook support, integrate seamlessly in your workflows.
If you don't want to poll for task status, you can simply provide the webhook data in your request. Instead of manually checking status, we will automatically notify your endpoint the moment the task processing is completed.
destroy parameter, your files are permanently wiped from our servers immediately after processing finishes, ensuring complete data security. If destroy is not set, files are retained up to 30 days based on user's plan.Remove all security from PDF files including both user passwords and owner passwords using our decrypt endpoint. This creates a completely open PDF with no encryption or restrictions, perfect for authorized document processing and content extraction workflows.
Our API strips permission restrictions while keeping file passwords intact, allowing you to reset security policies without compromising encryption. Perfect for updating legacy document permissions or enabling full access for authorized users.
Handle heavy documents and high-resolution assets with ease. Our API supports a massive 1GB payload size per request, allowing you to process even the largest PDF files without worrying about size restrictions.
$ pip install requestsimport requests
url = "https://api.apifreaks.com/v1.0/pdf/decrypt?file_password=CurrentPassword123&output=unlocked_document"
payload = {}
files=[
('file',('file.pdf',open('/path/to/file.pdf','rb'),'application/pdf'))
]
headers = {
'X-apiKey': 'API-KEY'
}
response = requests.request("POST", url, headers=headers, data=payload, files=files)
print(response.text)
$ pip install requestsimport requests
url = "https://api.apifreaks.com/v1.0/pdf/unrestrict?file_password=CurrentPassword123&user_password=NewUserPass456&output=unrestricted_document"
payload = {}
files=[
('file',('file.pdf',open('/path/to/file.pdf','rb'),'application/pdf'))
]
headers = {
'X-apiKey': 'API-KEY'
}
response = requests.request("POST", url, headers=headers, data=payload, files=files)
print(response.text)
Which endpoint should I use?
/pdf/decrypt to remove all security (passwords + restrictions) and create a completely open PDF/pdf/unrestrict to remove only restrictions while keeping password protection intactUse these endpoints to manage files and check task status.
task_id. The response includes creation and expiry timestamps to help you track result availability, along with specific error details if a task fails. Results are retained for up to 7 days, depending on the operation.file_id. Returns details including file name, size, type, and creation/deletion timestamps. Generated or uploaded files are retained up to 30 days based on user's plan, unless destroy is enabled to delete them immediately. You can use this endpoint to check if the file has expired using its file_id.multipart/form-data request. Each file receives a unique file_id that can be used with the PDF APIs.file_id for uses with the PDF APIs.Decrypt your PDF to remove all security including passwords and restrictions by uploading a file directly (multipart upload) or referencing a file_id of a stored file. Provide the file password (user or owner password) to unlock and decrypt the document.
# Standard Response { "taskId": "04a06cd5-158d-4191-a45b-6f58249c599d", "inputIds": [ "7a9e4b12-f3c8-4d56-b7e1-8c2f9d0a3e6f" ] } # Response with destroy=true (No File IDs as they are deleted right away) { "taskId": "04a06cd5-158d-4191-a45b-6f58249c599d" }curl -X POST "https://api.apifreaks.com/v1.0/pdf/decrypt?file_password=CurrentPassword123&output=unlocked_document" \ -H "X-apikey: YOUR_API_KEY" \ -F "file=@/path/to/protected.pdf"
Notes:
file_password parameter is required to unlock the protected PDFdestroy=true parameter to delete input file after decryption completes (returns only taskId)After submitting a decrypt or unrestrict task, check its progress using the Task Status API with your taskId. The task goes through these statuses: queued, processing, completed, and failed.
# Response (completed) { "taskId": "04a06cd5-158d-4191-a45b-6f58249c599d", "status": "completed", "createdAt": "2025-01-26 10:30:00", "outputUrls": [ "https://api.apifreaks.com/v1.0/pdf/resource/download?resource_id=9b2e7f3a-5c8d-4e1b-a6f9-0d3c8e7b2a5f" ], "outputFileId": [ "9b2e7f3a-5c8d-4e1b-a6f9-0d3c8e7b2a5f" ], "inputIds": [ "7a9e4b12-f3c8-4d56-b7e1-8c2f9d0a3e6f" ], "expiresAt": "2025-01-27 10:30:00" } # Response (failed) { "taskId": "04a06cd5-158d-4191-a45b-6f58249c599d", "status": "failed", "createdAt": "2025-01-26 10:30:00", "inputIds": [ "7a9e4b12-f3c8-4d56-b7e1-8c2f9d0a3e6f" ], "error": "Invalid PDF File", "message": "The provided file is not a valid PDF file.", "expiresAt": "2025-01-27 10:30:00" }curl -X GET "https://api.apifreaks.com/v1.0/pdf/task-status?task_id=04a06cd5-158d-4191-a45b-6f58249c599d" \ -H "X-apikey: YOUR_API_KEY"
Once the task status shows “completed”, download your decrypted PDF using the File Download API with the outputFileId from the task status response.
curl -X GET "https://api.apifreaks.com/v1.0/pdf/resource/download?resource_id=9b2e7f3a-5c8d-4e1b-a6f9-0d3c8e7b2a5f" \ -H "X-apikey: YOUR_API_KEY" \ --output unlocked_document.pdf
Remove permission restrictions from your PDF while optionally setting new passwords by uploading a file directly or using a stored file_id. This keeps the PDF encrypted but removes restrictions like copy protection, print blocking, or edit prevention.
# Standard Response { "taskId": "04a06cd5-158d-4191-a45b-6f58249c599d", "inputIds": [ "7a9e4b12-f3c8-4d56-b7e1-8c2f9d0a3e6f" ] } # Response with destroy=true (No File IDs as they are deleted right away) { "taskId": "04a06cd5-158d-4191-a45b-6f58249c599d" }curl -X POST "https://api.apifreaks.com/v1.0/pdf/unrestrict?file_password=CurrentPassword123&user_password=NewUserPass456&owner_password=NewOwnerPass789&output=unrestricted_document" \ -H "X-apikey: YOUR_API_KEY" \ -F "file=@/path/to/restricted.pdf"
Notes:
file_password parameter is required to unlock the protected PDFuser_password or owner_password must be provided for the output PDF (both cannot be absent)owner_password is provided, it will be used as both owner and user passworddestroy=true parameter to delete input file after processing completes (returns only taskId)Get automatic notifications when your task completes instead of polling the task status endpoint. Good for event-driven applications and real-time document processing.
Add webhook_urlto your request. We'll send a POST request to this URL when the task finishes (either completed or failed).
See the Complete Webhook Example section below for a full demonstration including custom authorization headers.
Webhook delivery will be attempted up to 3 times. If all retries fail and webhook_failure_notificationis enabled, we'll send an email notification to the requesting user or their organization admin.
Use X-Webhook-Authorization to add a custom header to webhook requests for endpoint security.
Format: Key:Value
Example: If you send Authorization:Bearer token123, the webhook request will include: Authorization: Bearer token123
See the Complete Webhook Example below for a full demonstration.
Here's a complete example showing webhook integration with custom authorization header and failure notifications:
# Response { "taskId": "04a06cd5-158d-4191-a45b-6f58249c599d", "inputIds": [ "566dc743-d8fe-4943-8cef-61e5d3d6096c" ] }curl -X 'POST' \ 'https://api.apifreaks.com/v1.0/pdf/decrypt?webhook_url=https://yourdomain.com/webhook/pdf-decrypt&webhook_failure_notification=true' \ -H 'X-apiKey: YOUR_API_KEY' \ -H 'X-Webhook-Authorization: Authorization:Bearer token123' \ -F 'file=@/path/to/document.pdf'
When your task completes, we send a POST request to your webhook_url with these headers:
| Header | Description |
|---|---|
Content-Type | Always application/json |
X-Signature | HMAC-SHA256 signature of the request body using your API key. Use this to verify the payload is authentic. |
| Custom Header | (If provided) Your custom header from X-Webhook-Authorization |
The webhook payload contains the same response structure as the Task Status API endpoint when checked for the task ID.
Use the X-Signatureheader to verify webhook requests actually came from API Freaks and weren't tampered with.
How the signature works:
X-Signature header valueTo verify the webhook:
X-Signature header valueImportant:Don't transform or process the raw request body before verification. Adding whitespace or other formatting creates a different signature and verification will fail.
To use this Unlock PDF APIs, API credits are required. Charges apply only for successful queries, defined by a 2xx status code. If a request results in a 4xx or 5xx status code, no credits will be deducted, and any credits already charged will be refunded. In the event of a Task Processing Error, a maximum of 200 credits will be refunded. Surcharges for additional file sizes are non-refundable.
For each successful request, 200 credits will be charged. 1 extra credit will be charged per MB beyond 50 MB.
Utilize the Credits Usage API to efficiently monitor your recent consumption of both one-off and subscription credits. This API provides a streamlined way to track and manage your credit usage, ensuring you stay informed about your remaining balance and can optimize your resource allocation effectively.