Skip to main content

Overview

The domain allowlist lets you restrict who can access your shared document based on their email domain. Only visitors with an email address matching one of your allowed domains can pass the email gate. This is designed for organizations that want to share content exclusively with their team or partners.
Domain allowlist is available on the Business plan only.

How to Set Up a Domain Allowlist

1

Open the Share panel

In the editor, click Share and create a share link (or select an existing one).
2

Enable the email gate

The domain allowlist works in conjunction with the email gate. Make sure Email verification is toggled on.
3

Add allowed domains

In the Allowed domains field, enter the email domains you want to permit (e.g., acme.com, partner.org). Add one domain per entry.
4

Save

Click Save. Only visitors with email addresses matching the allowed domains can verify and view the document.

How It Works

The domain allowlist uses OR logic:
  • A visitor’s email must match at least one of the allowed domains.
  • Example: if you allow acme.com and partner.org, then alice@acme.com and bob@partner.org both pass, but charlie@other.com is rejected.
You can also combine the allowlist with individual email addresses. If you add specific emails alongside domains, the visitor passes if their email matches any domain OR any individual address.

Use Cases

  • Internal documentation — allow only @yourcompany.com emails.
  • Partner access — allow your domain plus one or two partner domains.
  • Client projects — allow @clientcompany.com for a specific project deliverable.
The allowlist matches the exact domain you enter. If you enter acme.com, it matches user@acme.com but not user@sub.acme.com. Add subdomains separately if needed.
The domain allowlist only takes effect when the email gate is enabled. Without the email gate, visitors are not asked for their email and the allowlist is ignored.
Yes. You can add specific email addresses alongside domains. The OR logic means a visitor passes if they match any allowed domain or any allowed individual email.
There is no hard limit on the number of domains you can add to the allowlist.