Skip to main content

Restict Access to OnlyOffice Document Server to Nextcloud Users Only

ONLYOFFICE Document Server can use a token generated using the JSON Web Tokens (JWT) standard in order to secure the connection and restrict access the the OnlyOffice Document server which by default is accessible to everyone.

  • Edit the /etc/onlyoffice/documentserver/local.json file:
sudo vi /etc/onlyoffice/documentserver/local.json
  • Find the following section:
"token": {

        "enable": {

          "request": {

            "inbox": false,

            "outbox": false

          },

          "browser": false
  • Set all the settings from “false” to “true” so it looks like below:
"token": {

        "enable": {

          "request": {

            "inbox": true,

            "outbox": true

          },

          "browser": true
  • Locate the following section:
"secret": {

        "inbox": {

          "string": "secret"

        },

        "outbox": {

          "string": "secret"

        },

        "session": {

          "string": "secret"
  • Substitute “secret” with a secret token of your choosing (ex: ThisisTheSecret) so it looks like below:
"secret": {

        "inbox": {

          "string": "ThisisTheSecret"

        },

        "outbox": {

          "string": "ThisisTheSecret"

        },

        "session": {

          "string": "ThisisTheSecret"
  • Save the file and restart the services:
sudo supervisorctl restart all

 

  • Go in Nextcloud under Settings --> ONLYOFFICE  and click on Advanced server settings. In the Secret key field enter the THESECRET token you created earlier and click the Save button (Figure 1).

Figure 1

image-1608566322223.png

  • Click the “Save” button, you should get the following message on top of the Nextcloud window (Figure 2):

Figure 2

image-1608566341479.png

Back to top