How to encrypt, password-protect and set restricted permissions on a PDF in Node.JS

2 min readMay 15, 2020


Having the ability to encrypt sensitive PDF files can be crucial in this day and age. So how can we go about adding this to a project without burning through hours or even days of your precious time? I’ll tell you how: using an API.

This dependency reference will add the Cloudmersive API client if placed in your package.json.

"dependencies": {
"cloudmersive-convert-api-client": "^2.1.6"

Now we are able to call editPdfSetPermissions using a newly instanced API class. This example code will show you how that might look:

var CloudmersiveConvertApiClient = require('cloudmersive-convert-api-client');var defaultClient = CloudmersiveConvertApiClient.ApiClient.instance;// Configure API key authorization: Apikeyvar Apikey = defaultClient.authentications['Apikey'];Apikey.apiKey = 'YOUR API KEY';// Uncomment the following line to set a prefix for the API key, e.g. "Token" (defaults to null)//Apikey.apiKeyPrefix = 'Token';var apiInstance = new CloudmersiveConvertApiClient.EditPdfApi();var ownerPassword = "ownerPassword_example"; // String | Password of a owner (creator/editor) of the PDF file (required)var userPassword = "userPassword_example"; // String | Password of a user (reader) of the PDF file (optional)var inputFile = "/path/to/file"; // File | Input file to perform the operation on.var opts = {'encryptionKeyLength': "encryptionKeyLength_example", // String | Possible values are \"128\" (128-bit RC4 encryption) and \"256\" (256-bit AES encryption).  Default is 256.'allowPrinting': true, // Boolean | Set to false to disable printing through DRM.  Default is true.'allowDocumentAssembly': true, // Boolean | Set to false to disable document assembly through DRM.  Default is true.'allowContentExtraction': true, // Boolean | Set to false to disable copying/extracting content out of the PDF through DRM.  Default is true.'allowFormFilling': true, // Boolean | Set to false to disable filling out form fields in the PDF through DRM.  Default is true.'allowEditing': true, // Boolean | Set to false to disable editing in the PDF through DRM (making the PDF read-only).  Default is true.'allowAnnotations': true, // Boolean | Set to false to disable annotations and editing of annotations in the PDF through DRM.  Default is true.'allowDegradedPrinting': true // Boolean | Set to false to disable degraded printing of the PDF through DRM.  Default is true.};var callback = function(error, data, response) {if (error) {console.error(error);} else {console.log('API called successfully. Returned data: ' + data);}};apiInstance.editPdfSetPermissions(ownerPassword, userPassword, inputFile, opts, callback);

And now we are able to specify owner and user passwords, as well as a range of different permissions, including printing, annotations, and content extraction. There you have it, fully-fledged PDF encryption and permissions in a tiny fraction of the usual time needed.

PDF encryption giving you the blues? Not any more!




There’s an API for that. Cloudmersive is a leader in Highly Scalable Cloud APIs.