Sharing & Access Control
MarkDocs uses handle-based authentication and per-document access control.
Authentication
Users sign up with a handle (e.g. @john) and password. Authentication uses JWT tokens stored in HTTP-only cookies.
Invite Links
New users need an invite link to register:
- Go to Settings in the dashboard
- Click Create Invite to generate a link
- Share the link — it expires after 7 days
- The recipient signs up using the invite code
Document Access
Documents are visible to:
- The creator (owner) — full control
- Collaborators — explicitly shared with editor or viewer role
Roles
| Role | Can View | Can Edit | Can Share | Can Delete |
|---|---|---|---|---|
| Owner | Yes | Yes | Yes | Yes |
| Editor | Yes | Yes | No | No |
| Viewer | Yes | No | No | No |
Sharing Documents
From the Dashboard
- Click the share icon on any document you own
- Search for users by handle
- Check the users you want to share with
- Click Save
From the Editor
- Click the Share button in the toolbar
- Same multi-select user interface as the dashboard
From the CLI
# List all users
markdocs users
# Share a document
markdocs share add <doc-id> @john
markdocs share add <doc-id> @jane --role viewer
# List who has access
markdocs share list <doc-id>
# Remove access
markdocs share remove <doc-id> <collaborator-id>From an AI Agent (MCP)
AI agents with MCP access can use the share_document, unshare_document, list_collaborators, and list_users tools.
API Keys
API keys authenticate CLI and MCP requests. They are scoped to the user who created them.
- Go to Settings
- Click Create API Key
- Copy the key — it’s only shown once
- Set it as
MARKDOCS_API_KEYin your environment
Last updated on