Skip to main content

Restict Access to OnlyOffice Document Server to Nextcloud Users Only

ONLYOFFICE Document Server can use a token generated using the JSON Web Tokens (JWT) standard in order to secure the connection and restrict access the the OnlyOffice Document server which by default is accessible to everyone.

Edit the /etc/onlyoffice/documentserver/local.json file and find the following section:

"token": {

        "enable": {

          "request": {

            "inbox": false,

            "outbox": false

          },

          "browser": false

Set all the settings from “false” to “true” so it looks like below:

"token": {

        "enable": {

          "request": {

            "inbox": true,

            "outbox": true

          },

          "browser": true

Locate the following section:

"secret": {

        "inbox": {

          "string": "secret"

        },

        "outbox": {

          "string": "secret"

        },

        "session": {

          "string": "secret"

Substitute “secret” with a secret token of your choosing (ex: ThisisTheSecret) so it looks like below:

"secret": {

        "inbox": {

          "string": "ThisisTheSecret"

        },

        "outbox": {

          "string": "ThisisTheSecret"

        },

        "session": {

          "string": "ThisisTheSecret"
  • Save the file and restart the services:
sudo supervisorctl restart all

 

  • Go in Nextcloud under Settings --> ONLYOFFICE  and click on Advanced server settings. In the Secret key field enter the THESECRET token you created earlier and click the Save button (Figure 1).

Figure 1

image-1608566322223.png

  • Click the “Save” button, you should get the following message on top of the Nextcloud window (Figure 2):

Figure 2

image-1608566341479.png

Back to top