Sensitive & Private Documents

Protect confidential files with password-locked sensitive documents and role-restricted private documents.

Overview

Not all documents should be visible to everyone on the team. The Documents module offers two levels of restricted access beyond the default Normal visibility:

Visibility	Who can see it	How access works
Normal	All team members (per role)	Direct access — no extra steps
Sensitive	All team members, but requires the org password	Hidden by default; entering the password unlocks them for a limited time
Private	Admin and Owner only	Role-based — Members and Viewers never see these documents

Sensitive is ideal for HR-type documents like passports, visas, and signed NDAs — files that any team member may need access to, but shouldn't be casually visible while browsing.

Private is for highly confidential admin documents like financial statements — files that only administrators should ever see.

Setting the Org Password

The org password is a shared password used to unlock sensitive documents. It is configured by an Admin or Owner.

Setup

Navigate to Settings > Documents
Enter a password and confirmation
Optionally add a Hint — visible to all users when prompted to unlock (e.g., "Ask your office manager")
Set the Unlock Duration in minutes — how long an unlock session lasts before sensitive documents are hidden again
Click Save

Changing or Removing the Password

To change: enter the new password and confirmation, then save
To remove: click Remove Password and confirm. Sensitive documents will become freely visible to all team members until a new password is set.

Note: The org password is separate from individual user passwords. It is shared across the team and entered when needed to access sensitive files.

Unlocking Sensitive Documents

In the Central Library

Click the lock icon in the toolbar (shows the count of sensitive documents)
The Password Prompt dialog appears, with the hint if one was set
Enter the org password
On success:
- Sensitive documents become visible in the library (marked with a lock badge)
- An emerald banner appears: "Sensitive documents unlocked — N minutes remaining"
- The unlock persists across page navigation within the duration

On Entity Profile Tabs

The same flow applies — click the lock toggle in the Documents tab header and enter the password.

Session Expiry

When the unlock timer expires, sensitive documents are automatically hidden again. If you're downloading a sensitive document and the session expires mid-action, a re-authentication prompt appears. After re-entering the password, the download proceeds automatically.

Manual Hide

Click the lock toggle again at any time to manually hide sensitive documents without ending the unlock session. This lets you quickly clear sensitive content from view if someone walks by.

Private Documents

Private documents require no password — they are simply invisible to Members and Viewers. Only users with the Admin or Owner role (specifically the documents.view_private permission) can see them.

Private documents do not appear:

In the central library for Members and Viewers
In entity Documents tabs for Members and Viewers
In link counts or stats for users who cannot see them

To make a document private, set its Visibility to Private in the Upload dialog or the Edit Details dialog.

Access Logs

Admins and Owners can audit who has been accessing sensitive documents.

Viewing Access Logs

Navigate to Settings > Documents
Scroll to the Access Logs section

The log shows a paginated table of recent access events:

Column	Description
Document	Name of the accessed document
User	Display name and email of who accessed it
Action	Type of access: view, download, or failed_auth
Result	Whether access succeeded or failed
Timestamp	When it happened

What Gets Logged

Successful unlocks — When a user correctly enters the org password
Views and downloads — When a user views or downloads a sensitive document during an active session
Failed attempts — When a user enters an incorrect password (useful for spotting unauthorized access attempts)

Tips

Use Sensitive for shared-access files — Passports, visas, work permits — things the team may occasionally need but shouldn't see by default
Use Private for admin-only files — Financial documents, confidential agreements, internal strategy docs
Set a reasonable unlock duration — Short durations (5-10 minutes) are more secure; longer durations (30-60 minutes) are more convenient for bulk work
Review access logs periodically — Check for unexpected failed attempts or unusual access patterns

Documents Overview — Module overview and key concepts
Document Library — Browse and manage the library
Managing Documents — Edit, link, download, and delete
Entity Documents — Documents tab on entity profiles

Sensitive & Private Documents

Protect confidential files with password-locked sensitive documents and role-restricted private documents.

Overview

Not all documents should be visible to everyone on the team. The Documents module offers two levels of restricted access beyond the default Normal visibility:

Visibility	Who can see it	How access works
Normal	All team members (per role)	Direct access — no extra steps
Sensitive	All team members, but requires the org password	Hidden by default; entering the password unlocks them for a limited time
Private	Admin and Owner only	Role-based — Members and Viewers never see these documents

Sensitive is ideal for HR-type documents like passports, visas, and signed NDAs — files that any team member may need access to, but shouldn't be casually visible while browsing.

Private is for highly confidential admin documents like financial statements — files that only administrators should ever see.

Setting the Org Password

The org password is a shared password used to unlock sensitive documents. It is configured by an Admin or Owner.

Setup

Navigate to Settings > Documents
Enter a password and confirmation
Optionally add a Hint — visible to all users when prompted to unlock (e.g., "Ask your office manager")
Set the Unlock Duration in minutes — how long an unlock session lasts before sensitive documents are hidden again
Click Save

Changing or Removing the Password

To change: enter the new password and confirmation, then save
To remove: click Remove Password and confirm. Sensitive documents will become freely visible to all team members until a new password is set.

Note: The org password is separate from individual user passwords. It is shared across the team and entered when needed to access sensitive files.

Unlocking Sensitive Documents

In the Central Library

Click the lock icon in the toolbar (shows the count of sensitive documents)
The Password Prompt dialog appears, with the hint if one was set
Enter the org password
On success:
- Sensitive documents become visible in the library (marked with a lock badge)
- An emerald banner appears: "Sensitive documents unlocked — N minutes remaining"
- The unlock persists across page navigation within the duration

On Entity Profile Tabs

The same flow applies — click the lock toggle in the Documents tab header and enter the password.

Session Expiry

Manual Hide

Click the lock toggle again at any time to manually hide sensitive documents without ending the unlock session. This lets you quickly clear sensitive content from view if someone walks by.

Private Documents

Private documents do not appear:

In the central library for Members and Viewers
In entity Documents tabs for Members and Viewers
In link counts or stats for users who cannot see them

To make a document private, set its Visibility to Private in the Upload dialog or the Edit Details dialog.

Access Logs

Admins and Owners can audit who has been accessing sensitive documents.

Viewing Access Logs

Navigate to Settings > Documents
Scroll to the Access Logs section

The log shows a paginated table of recent access events:

Column	Description
Document	Name of the accessed document
User	Display name and email of who accessed it
Action	Type of access: view, download, or failed_auth
Result	Whether access succeeded or failed
Timestamp	When it happened

What Gets Logged

Successful unlocks — When a user correctly enters the org password
Views and downloads — When a user views or downloads a sensitive document during an active session
Failed attempts — When a user enters an incorrect password (useful for spotting unauthorized access attempts)

Tips

Use Sensitive for shared-access files — Passports, visas, work permits — things the team may occasionally need but shouldn't see by default
Use Private for admin-only files — Financial documents, confidential agreements, internal strategy docs
Set a reasonable unlock duration — Short durations (5-10 minutes) are more secure; longer durations (30-60 minutes) are more convenient for bulk work
Review access logs periodically — Check for unexpected failed attempts or unusual access patterns

Documents Overview — Module overview and key concepts
Document Library — Browse and manage the library
Managing Documents — Edit, link, download, and delete
Entity Documents — Documents tab on entity profiles

Sensitive & Private Documents

Protect confidential files with password-locked sensitive documents and role-restricted private documents.

Overview

Setting the Org Password

Setup

Changing or Removing the Password

Unlocking Sensitive Documents

In the Central Library

On Entity Profile Tabs

Session Expiry

Manual Hide

Private Documents

Access Logs

Viewing Access Logs

What Gets Logged

Tips

Related Pages

Sensitive & Private Documents

Protect confidential files with password-locked sensitive documents and role-restricted private documents.

Overview

Setting the Org Password

Setup

Changing or Removing the Password

Unlocking Sensitive Documents

In the Central Library

On Entity Profile Tabs

Session Expiry

Manual Hide

Private Documents

Access Logs

Viewing Access Logs

What Gets Logged

Tips

Related Pages