- Does ONLYOFFICE have access to the information about operations with files and data?
No, such information is not shared with ONLYOFFICE unless exclusive access is provided to our services team. As an owner or administrator of ONLYOFFICE Workspace, you can access Audit Trail log in the security settings and retrieve the information about user actions.
- Is there a server-side data encryption feature? How does it work?
You can enable encryption at rest in the server version of ONLYOFFICE Workspace. This action protects your data from possible intruders even if they get access to your machine. Encryption is based on a Encrypt-then-MAC method and encrypts the entire body of data within the ONLYOFFICE Workspace instance and is compliant with AES-256 international data encryption standard.
- What content protection features does ONLYOFFICE provide?
You can encrypt document using simple password encryption which will also allow you to manage access to different actions in documents, such as commenting, reviewing, and filling forms. It is possible to restrict copy, downloading, and printing of the files, as well as apply watermarks. You can also encrypt spreadsheets, and apply additional settings to protect separate sheets, lock spreadsheet elements, hide formulas. In Private Rooms, you can encrypt text document end-to-end with the strongest encryption methods and work on them collaboratively in the encrypted form. Among other available tools are watermarks.
- What user roles does ONLYOFFICE Workspace support and what rights do they have?
There are following types of user roles available: Guest, User, Administrator and Owner. Owners have full access to all the features and settings in ONLYOFFICE Workspace. Module Administrators have access to selected module configuration and can moderate the module content, while Full Access Administrators can also manage general Workspace settings and its users. In Projects module, you can also appoint project managers who can manage the current project and its members, change settings and moderate various items in a project.
- Are there audit features in ONLYOFFICE Workspace? What information is included in the access log?
There is an Audit Trail feature in ONLYOFFICE Workspace. It includes the details about IP, browser, platform, date, user, page, action type, product, and module. You can search, sort, and filter items in the Audit Trail log.
- Is there automatic backup in ONLYOFFICE?
There are automatic backup options in ONLYOFFICE Workspace. You can choose the copy location, set up date and time, and define the number of backup copies to be stored.
- Does ONLYOFFICE Docs instance store any user data?
ONLYOFFICE Docs processes document editing and conversion, but it does not store any document or user data.
- What security features does ONLYOFFICE API support?
ONLYOFFICE Workspace (collaboration platform) API provides methods for managing active connections, audit trail data, login history, authentication and 2FA, IP restrictions, LDAP, SSO, and security settings for Workspace and its modules. Partial access to Private Rooms functionality can also be gained via API. ONLYOFFICE Docs API provides methods for setting up JWT, using watermarks, enabling basic and advanced document permissions.
- How does the OnlyOffice authenticate each request? How is request authentication supported in the API?
ONLYOFFICE authenticates POST requests using security tokens. Full information about how requests work can be found in our API documentation.