Restict Access to OnlyOffice Document Server to Nextcloud Users Only ONLYOFFICE Document Server can use a token generated using the JSON Web Tokens (JWT) standard in order to secure the connection and restrict access the the OnlyOffice Document server which by default is accessible to everyone. Edit the /etc/onlyoffice/documentserver/local.json file: sudo vi /etc/onlyoffice/documentserver/local.json Find the following section: "token": { "enable": { "request": { "inbox": false, "outbox": false }, "browser": false Set all the settings from “false” to “true” so it looks like below: "token": { "enable": { "request": { "inbox": true, "outbox": true }, "browser": true Locate the following section: "secret": { "inbox": { "string": "secret" }, "outbox": { "string": "secret" }, "session": { "string": "secret" Substitute “secret” with a secret token of your choosing (ex: ThisisTheSecret) so it looks like below: "secret": { "inbox": { "string": "ThisisTheSecret" }, "outbox": { "string": "ThisisTheSecret" }, "session": { "string": "ThisisTheSecret" Save the file and restart the services: sudo supervisorctl restart all Go in Nextcloud under Settings --> ONLYOFFICE  and click on Advanced server settings. In the Secret key field enter the THESECRET token you created earlier and click the Save button (Figure 1). Figure 1 Click the “Save” button, you should get the following message on top of the Nextcloud window (Figure 2): Figure 2