Secret / Shareable Links for Books and PagesΒ #6047
Description
Describe the feature you'd like
First of all β a huge thank you to the entire BookStack team. π
You've built something truly exceptional. BookStack is clean, fast, self-hostable, and genuinely enjoyable to use. It's rare to find an open-source project with this level of polish and thoughtful design. The community around it is wonderful too. We deeply appreciate everything you do.
Describe the benefits this would bring to existing BookStack users
Secret shareable links (token-based public access)
Summary
It would be incredibly useful to share a specific Book, Chapter, or Page via a unique secret link β without requiring the recipient to have an account, and without exposing any other content to them.
Use case
Currently, if you want to share content with an external person (a client, partner, or contractor), you have two options:
Create a guest user account and configure roles β which is complex and leaks visibility of other content
Make content fully public β which is not always acceptable
There is no middle ground: a private, token-based link that grants read-only access to exactly one resource.
Proposed behavior
An authenticated user can generate a unique secret link for a Book / Chapter / Page
Anyone with that link can view the content without logging in
They cannot see any other content, navigation, shelves, or books
The link can optionally have an expiration date or be revoked manually
No account creation required for the recipient
Example URL pattern
https://wiki.example.com/share/abc123xyz-unique-token
Why this matters
This pattern is well established in tools like Notion, Confluence, and GitLab Snippets. For self-hosted teams that need to occasionally share documentation externally, this would be a game-changer β without compromising the security of the rest of the knowledge base.
Current workaround
Creating a dedicated low-privilege user with a restricted role, which works but adds friction and doesn't truly isolate the shared content from other visible resources.
Thank you again for considering this. BookStack is an outstanding project and this feature would make it even more powerful for teams working with external stakeholders. π
Can the goal of this request already be achieved via other means?
Can the goal of this request already be achieved via other means?
Partially, yes β but none of the existing options provide a clean, isolated sharing experience:
Guest account + restricted role β You can create a guest user with a role limited to specific books. However, the guest still sees the general UI, navigation, and potentially other accessible content. It also requires manual account/role management for every external person you want to share with.
Dedicated low-privilege user β Creating a named user with a tightly scoped role works, but requires sharing login credentials, which is not ideal for one-time or temporary access.
Reverse proxy with Basic Auth β It's possible to put a specific URL path behind Basic Auth at the infrastructure level (e.g. nginx/Traefik), but this is a complex workaround that requires external tooling and doesn't integrate with BookStack's permission system.
BookStack REST API + custom frontend β The API can be used to build a custom share-by-token proxy service, but this requires significant custom development effort.
None of these approaches provide a native, frictionless "share this page with anyone via a link" experience. The feature request is about making this a first-class, built-in capability.
Have you searched for an existing open/closed issue?
- I have searched for existing issues and none cover my fundamental request
How long have you been using BookStack?
Not using yet, just scoping
Additional context
About 11 months