Private Timelines allow restricting Timeline accesses with a secret token.

Private Timelines are available with the Enterprise Plan only.

The feature is assumed to be used behind a proxy of your own. When a request is made to a private Timeline, the token is NOT passed to other links in your Timeline pages. This is to prevent a proxy to expose the secret token when the response is sent back. It is the job of your proxy to pass the secret token with each request as explained below.

Enabling Private Timelines

Open a project page.
Select "Timeline" in the project menu bar:



Click on "Visibility" in the right side menu:



On the page that appears, check the box "Request a secret token" and enter your secret token in the input box below:



Click "Save".

Passing a Token to Timelines

Noticeable Timelines support 2 manners to pass a secret token: a token query parameter and an Authorization: Bearer XXX header. In both cases, it is highly recommended to use HTTPS.

Query Parameter

Let's say your timeline URL is http://timeline.noticeable.io/ZW6TLvP70GfMDgy9dHEX and your secret token is XXX, then you simple need to append the token query parameter to the timeline URL and all other pages you browse: http://timeline.noticeable.io/ZW6TLvP70GfMDgy9dHEX?token=XXX.

Authorization Header (recommended approach)

Noticeable Timelines also support passing a secret token via an Authorization header of type Bearer. Let's say your secret token is XXX then the header key to use is Authorization and the value Bearer XXX.

If a Private Timeline is accessed with an invalid token or a missing one, then the user is automatically redirected to the URL associated with the project.
Was this article helpful?
Cancel
Thank you!