Skip to main content
Table of Contents

Shared Password Protection

Whether you're using your HelpDocs internally to train staff, or just because they're not ready for the limelight yet, there's a load of reasons you might want to password protect your HelpDocs.

River Sloane
Updated by River Sloane

There are plenty of reasons you might want to password protect your HelpDocs Knowledge Base. Maybe you're using it internally for staff training or perhaps your docs aren't quite ready for public viewing yet.

Setting Up a Shared Password

Adding password protection to your Knowledge Base is super simple. Here's how to set up a shared password that visitors will need to enter before accessing your docs:

  1. Head to Settings > Access > Options
  2. Head to Restrict access and toggle Enabled Shared Password on
  3. Under Shared Password enter a password of your choice
  4. Click Save Changes
Remember you'll need to share this password with your team, so avoid using anything that's personally sensitive to you ✋

That's it! Now anyone visiting your site will need to enter the password before they can read any of your docs.

Password protection screen

Using Team Passwords for Single Sign On

You can automatically log in users by sending the team password through as an hd_team query parameter. Example: your-domain.helpdocs.io/?hd_team=password

Team passwords work great when you need to set up docs that only users logged into your app can view.

The easiest approach is to load HelpDocs in an iframe on your dashboard when people log in. Include the team password in the query string to set a cookie that keeps them logged in.

Here's the basic URL structure:

https://<your-helpdocs>.helpdocs.io/_hd/team_sso?hd_team=<your-team-password>

Use this iframe snippet to get started:

<iframe src="https://<your-helpdocs>.helpdocs.io/_hd/team_sso?hd_team=<your-team-password>" width="0" height="0" style="display: none"></iframe>

You can customize several parameters:

Query Parameter

Description

Default Value

hd_team

Your shared team password

undefined

duration

How long (in days) users with this cookie stay logged in

30

redirect_uri

Where to redirect users after dropping a cookie (usually not needed for iframes)

undefined

To log a user out of HelpDocs, pass an empty string as the password or set the cookie duration to a negative value
If you use a custom domain, be sure to replace your HelpDocs subdomain with your custom domain in the URLs above

Redirecting Logged Out Users

When a user hasn't visited your site for a while, their cookie expires. You might want to override the default HelpDocs team password login page with a redirect to your own app.

Add this snippet to Settings > Code > Javascript:

<script type="text/javascript">
(function() {
if (window.location.pathname.indexOf('/team-login') === 0) {
// Parse query string parameters
var qs = function (a) {
if (a === '') return {};
var b = {};
for (var i = 0; i < a.length; i += 1) {
var p = a[i].split('=', 2);
if (p.length === 1) {
b[p[0]] = '';
} else {
b[p[0]] = decodeURIComponent(p[1].replace(/\+/g, ' '));
}
}
return b;
}(window.location.search.substr(1).split('&'));
var redirectUri = 'https://your-app.your-domain.com'; // Replace this with your login page URL
if (typeof qs.forward === 'string') redirectUri += '?hd_url=' + qs.forward; return window.location.href = redirectUri; }
})();
</script>

For a better user experience, your developers can set up a redirect back to the specific HelpDocs article after login by extracting the hd_url query parameter.

Passing User Data to Your Template

Want to identify users in your docs? You can pass user data in the URL query parameter when using an iframe or redirect.

The data should be JSON-encoded and sent as a hd_user_data query parameter:

https://helpdocs.your-custom-domain.com/_hd/team_sso?hd_team=password-here&hd_user_data={"name":"Taylor","user_id":"1"}

Need to access that data? Check out our guide on accessing user data in HelpDocs.

What did you think of this doc?

Using JWT Studio

Get in touch

This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply.