Share Links
Share links let you grant access to a document without requiring the recipient to have a Notebind account. Each link has a permission level and optional expiration.
Share link object
Section titled “Share link object”{ "id": "link-uuid", "document_id": "doc-uuid", "created_by": "user-uuid", "token": "a21e739e4fcf3cc2844e4b23a3b14b14", "permission": "comment", "expires_at": null, "created_at": "2026-03-13T12:00:00.000Z"}| Field | Type | Description |
|---|---|---|
id | UUID | Share link identifier |
document_id | UUID | The shared document |
created_by | UUID | Who created the link |
token | string | 32-character hex token |
permission | string | "view", "comment", or "edit" |
expires_at | ISO 8601 or null | When the link expires (null = never) |
created_at | ISO 8601 | When the link was created |
Permission levels
Section titled “Permission levels”| Permission | View document | List comments | Create comments | Edit content | Create suggestions |
|---|---|---|---|---|---|
view | Yes | Yes | No | No | No |
comment | Yes | Yes | Yes | No | No |
edit | Yes | Yes | Yes | Yes | Yes |
Shareable URL format
Section titled “Shareable URL format”https://notebind.com/share/{token}This URL loads the document in a public viewer with controls matching the permission level.
List share links
Section titled “List share links”GET /api/documents/:id/shareReturns all share links for a document. Only the document owner can list share links.
Request
Section titled “Request”curl https://notebind.com/api/documents/DOC_ID/share \ -H "Authorization: Bearer nb_sk_YOUR_KEY"const response = await fetch("https://notebind.com/api/documents/DOC_ID/share", { headers: { "Authorization": "Bearer nb_sk_YOUR_KEY", },});const { data, error } = await response.json();import requests
response = requests.get( "https://notebind.com/api/documents/DOC_ID/share", headers={"Authorization": "Bearer nb_sk_YOUR_KEY"},)data = response.json()Response 200 OK
Section titled “Response 200 OK”{ "data": [ { "id": "link-uuid", "token": "a21e739e4fcf3cc2844e4b23a3b14b14", "permission": "comment", "expires_at": null, "created_at": "2026-03-13T12:00:00.000Z" } ], "error": null}Create a share link
Section titled “Create a share link”POST /api/documents/:id/shareRequest body
Section titled “Request body”| Field | Type | Required | Default | Description |
|---|---|---|---|---|
permission | string | No | "view" | "view", "comment", or "edit" |
expires_at | ISO 8601 | No | null | When the link should expire |
Request
Section titled “Request”curl -X POST https://notebind.com/api/documents/DOC_ID/share \ -H "Authorization: Bearer nb_sk_YOUR_KEY" \ -H "Content-Type: application/json" \ -d '{"permission": "comment"}'const response = await fetch("https://notebind.com/api/documents/DOC_ID/share", { method: "POST", headers: { "Authorization": "Bearer nb_sk_YOUR_KEY", "Content-Type": "application/json", }, body: JSON.stringify({ permission: "comment" }),});const { data, error } = await response.json();import requests
response = requests.post( "https://notebind.com/api/documents/DOC_ID/share", headers={"Authorization": "Bearer nb_sk_YOUR_KEY"}, json={"permission": "comment"},)data = response.json()Response 201 Created
Section titled “Response 201 Created”{ "data": { "id": "link-uuid", "document_id": "doc-uuid", "created_by": "user-uuid", "token": "a21e739e4fcf3cc2844e4b23a3b14b14", "permission": "comment", "expires_at": null, "created_at": "2026-03-13T12:00:00.000Z" }, "error": null}Creating a link with expiration
Section titled “Creating a link with expiration”curl -X POST https://notebind.com/api/documents/DOC_ID/share \ -H "Authorization: Bearer nb_sk_YOUR_KEY" \ -H "Content-Type: application/json" \ -d '{"permission": "edit", "expires_at": "2026-04-01T00:00:00.000Z"}'const response = await fetch("https://notebind.com/api/documents/DOC_ID/share", { method: "POST", headers: { "Authorization": "Bearer nb_sk_YOUR_KEY", "Content-Type": "application/json", }, body: JSON.stringify({ permission: "edit", expires_at: "2026-04-01T00:00:00.000Z", }),});const { data, error } = await response.json();import requests
response = requests.post( "https://notebind.com/api/documents/DOC_ID/share", headers={"Authorization": "Bearer nb_sk_YOUR_KEY"}, json={"permission": "edit", "expires_at": "2026-04-01T00:00:00.000Z"},)data = response.json()Revoke a share link
Section titled “Revoke a share link”DELETE /api/documents/:id/share?link_id=LINK_IDRevokes a share link. Anyone with the token will no longer be able to access the document.
Query parameters
Section titled “Query parameters”| Parameter | Type | Required | Description |
|---|---|---|---|
link_id | UUID | Yes | The share link ID to revoke |
Request
Section titled “Request”curl -X DELETE "https://notebind.com/api/documents/DOC_ID/share?link_id=LINK_ID" \ -H "Authorization: Bearer nb_sk_YOUR_KEY"const response = await fetch( "https://notebind.com/api/documents/DOC_ID/share?link_id=LINK_ID", { method: "DELETE", headers: { "Authorization": "Bearer nb_sk_YOUR_KEY", }, },);const { data, error } = await response.json();import requests
response = requests.delete( "https://notebind.com/api/documents/DOC_ID/share", params={"link_id": "LINK_ID"}, headers={"Authorization": "Bearer nb_sk_YOUR_KEY"},)data = response.json()Response 200 OK
Section titled “Response 200 OK”{ "data": { "deleted": true }, "error": null}Using share tokens in API calls
Section titled “Using share tokens in API calls”Share tokens can be passed as query parameters to access document endpoints without authentication:
# Read a documentcurl "https://notebind.com/api/documents/DOC_ID?share_token=TOKEN"
# List commentscurl "https://notebind.com/api/documents/DOC_ID/comments?share_token=TOKEN"
# Create a comment (requires comment or edit permission)curl -X POST "https://notebind.com/api/documents/DOC_ID/comments?share_token=COMMENT_TOKEN" \ -H "Content-Type: application/json" \ -d '{"body": "Looks great!"}'
# Update content (requires edit permission)curl -X PATCH "https://notebind.com/api/documents/DOC_ID?share_token=EDIT_TOKEN" \ -H "Content-Type: application/json" \ -d '{"content": "Updated content"}'// Read a documentconst doc = await fetch( "https://notebind.com/api/documents/DOC_ID?share_token=TOKEN").then((r) => r.json());
// List commentsconst comments = await fetch( "https://notebind.com/api/documents/DOC_ID/comments?share_token=TOKEN").then((r) => r.json());
// Create a comment (requires comment or edit permission)const newComment = await fetch( "https://notebind.com/api/documents/DOC_ID/comments?share_token=COMMENT_TOKEN", { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ body: "Looks great!" }), },).then((r) => r.json());
// Update content (requires edit permission)const updated = await fetch( "https://notebind.com/api/documents/DOC_ID?share_token=EDIT_TOKEN", { method: "PATCH", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ content: "Updated content" }), },).then((r) => r.json());import requests
# Read a documentdoc = requests.get( "https://notebind.com/api/documents/DOC_ID", params={"share_token": "TOKEN"},).json()
# List commentscomments = requests.get( "https://notebind.com/api/documents/DOC_ID/comments", params={"share_token": "TOKEN"},).json()
# Create a comment (requires comment or edit permission)new_comment = requests.post( "https://notebind.com/api/documents/DOC_ID/comments", params={"share_token": "COMMENT_TOKEN"}, json={"body": "Looks great!"},).json()
# Update content (requires edit permission)updated = requests.patch( "https://notebind.com/api/documents/DOC_ID", params={"share_token": "EDIT_TOKEN"}, json={"content": "Updated content"},).json()Expired and revoked tokens
Section titled “Expired and revoked tokens”Expired or revoked tokens return:
{ "data": null, "error": { "message": "Unauthorized", "code": "UNAUTHORIZED" }}Error responses
Section titled “Error responses”| Status | Code | Description |
|---|---|---|
400 | VALIDATION_ERROR | Missing link_id on delete |
401 | UNAUTHORIZED | Missing or invalid credentials |
404 | NOT_FOUND | Document not found or not owned by you |