Private Newspages 🔒
Private Newspages allow restricting the visibility of your Newspages.
You can restrict accesses by using:
a shared secret of your choice (password).
a secret token (assuming your Newspage is used behind a proxy).
IP addresses (IPv4, IPv6 or CIDR).
Open a project in the Noticeable dashboard.
Select Newspage in the left menu.
Identify the Visibility settings group at the bottom of the page and click on it:
Enable the switch button next to the Authentication or IP Filtering sections and fill options as desired:
When using authentication method Proxies have to pass a secret token to retrieve the Newspage content, you can use 2 manners to pass a secret token: a token query parameter and an Authorization: Bearer XXX header. In both cases, it is highly recommended to use HTTPS.
You can use an Authorization header of type Bearer. Let's say your secret token is XXX then the header key to use is Authorization and the value Bearer XXX.
Assuming your Newspage URL is https://acme.noticeable.news and your secret token is XXX, then you simple need to append the token query parameter to the Newspage URL and all other pages you browse: https://acme.noticeable.news/?token=XXX.
A secret token is assumed to be used behind a proxy of your own. When a request is made to a Private Newspage, the token is NOT passed to other links in your private pages. This is to prevent a proxy to expose the secret token when the response is sent back. It is the job of your proxy to pass the secret token with each request as explained above.
You can restrict accesses by using:
a shared secret of your choice (password).
a secret token (assuming your Newspage is used behind a proxy).
IP addresses (IPv4, IPv6 or CIDR).
Enabling Private Newspages
Open a project in the Noticeable dashboard.
Select Newspage in the left menu.
Identify the Visibility settings group at the bottom of the page and click on it:
Enable the switch button next to the Authentication or IP Filtering sections and fill options as desired:
Note about Secret Tokens
When using authentication method Proxies have to pass a secret token to retrieve the Newspage content, you can use 2 manners to pass a secret token: a token query parameter and an Authorization: Bearer XXX header. In both cases, it is highly recommended to use HTTPS.
Authorization Header (recommended approach)
You can use an Authorization header of type Bearer. Let's say your secret token is XXX then the header key to use is Authorization and the value Bearer XXX.
Query Parameter
Assuming your Newspage URL is https://acme.noticeable.news and your secret token is XXX, then you simple need to append the token query parameter to the Newspage URL and all other pages you browse: https://acme.noticeable.news/?token=XXX.
A secret token is assumed to be used behind a proxy of your own. When a request is made to a Private Newspage, the token is NOT passed to other links in your private pages. This is to prevent a proxy to expose the secret token when the response is sent back. It is the job of your proxy to pass the secret token with each request as explained above.
Updated on: 12/06/2021
Thank you!