How to encrypt, password-protect and set restricted permissions on a PDF in Python
2 min readMay 14, 2020
Trying to set up PDF encryption with Python can quickly feel like a slog through the mud. I hear you, so I have a nice simple shortcut that is going to save you from this tedious fate.
For the sake of speed, we will be using a Cloudmersive API to get things done today. This will first require client installation:
pip install cloudmersive-convert-api-clientThen to call edit_pdf_set_permissions we shall first instance the API class, which can then be used for the function call. Here’s how that should look:
from __future__ import print_functionimport timeimport cloudmersive_convert_api_clientfrom cloudmersive_convert_api_client.rest import ApiExceptionfrom pprint import pprint# Configure API key authorization: Apikeyconfiguration = cloudmersive_convert_api_client.Configuration()configuration.api_key['Apikey'] = 'YOUR_API_KEY'# Uncomment below to setup prefix (e.g. Bearer) for API key, if needed# configuration.api_key_prefix['Apikey'] = 'Bearer'# create an instance of the API classapi_instance = cloudmersive_convert_api_client.EditPdfApi(cloudmersive_convert_api_client.ApiClient(configuration))owner_password = 'owner_password_example' # str | Password of a owner (creator/editor) of the PDF file (required)user_password = 'user_password_example' # str | Password of a user (reader) of the PDF file (optional)input_file = '/path/to/file' # file | Input file to perform the operation on.encryption_key_length = 'encryption_key_length_example' # str | Possible values are \"128\" (128-bit RC4 encryption) and \"256\" (256-bit AES encryption). Default is 256. (optional)allow_printing = true # bool | Set to false to disable printing through DRM. Default is true. (optional)allow_document_assembly = true # bool | Set to false to disable document assembly through DRM. Default is true. (optional)allow_content_extraction = true # bool | Set to false to disable copying/extracting content out of the PDF through DRM. Default is true. (optional)allow_form_filling = true # bool | Set to false to disable filling out form fields in the PDF through DRM. Default is true. (optional)allow_editing = true # bool | Set to false to disable editing in the PDF through DRM (making the PDF read-only). Default is true. (optional)allow_annotations = true # bool | Set to false to disable annotations and editing of annotations in the PDF through DRM. Default is true. (optional)allow_degraded_printing = true # bool | Set to false to disable degraded printing of the PDF through DRM. Default is true. (optional)try:# Encrypt, password-protect and set restricted permissions on a PDFapi_response = api_instance.edit_pdf_set_permissions(owner_password, user_password, input_file, encryption_key_length=encryption_key_length, allow_printing=allow_printing, allow_document_assembly=allow_document_assembly, allow_content_extraction=allow_content_extraction, allow_form_filling=allow_form_filling, allow_editing=allow_editing, allow_annotations=allow_annotations, allow_degraded_printing=allow_degraded_printing)pprint(api_response)except ApiException as e:print("Exception when calling EditPdfApi->edit_pdf_set_permissions: %s\n" % e)
As you can see you may set both a creator and user password, as well as customize the permissions for different things, such as form filling and printing. All in all, this should save you a ton of time and still provide a great deal of flexibility.
