Blog

We sometimes receive support requests asking how API2PDF can access a secure a page on your website when using the wkhtmltopdf/url or chrome/url endpoints as shown below.

A secure page means that it is behind some kind of login wall. When using a URL to PDF endpoint, API2PDF will take your URL that you provided, visit the page, and then render a PDF of the result. However, you run into a problem because API2PDF is not “logged in” to your website. What to do?

There are 2 common approaches:

Option 1

Follow the documentation at https://api2pdf.com/documentation to make use of the extraHTTPHeaders attribute which takes in a JSON dictionary of key-value attributes like so:

By making use of this attribute in the payload, you can include your own “Authorization: 12345” or whatever other key-value pair you deem appropriate and allow those requests through your authentication or not.

Option 2

Including a query string parameter with a secret key that only API2PDF has. For example if your page is at some route yourwebsite.com/super-secure-page, you can have API2PDF go to yourwebsite.com/super-secure-page?pdfOnly=58320023434, where if the pdfOnly query parameter matches your secret key, it is clear to show the page. You can make it more secure by generating new keys on the fly, storing them, and only making them valid for a brief amount of time, like one minute.

Hopefully you are able to implement one of the two solutions above. Good luck!