Skip to content

Add restrictions

Apply permissions to prevent copying, printing, or modifying a PDF. MCP tool add_restrictions / HTTP POST /v1/restrictions/add.

Apply usage permissions to a PDF — for example, allow viewing but block printing and copying — enforced by an owner password.

At a glance


MCP tool	`add_restrictions`
HTTP endpoint	`POST /v1/restrictions/add`
Price	$0.05
Input	One PDF + permission flags + an owner password
Output	A PDF with the permissions applied

Parameters

Parameter	Type	Required	Description
`file`	file	yes	Source PDF.
`permissions`	object	yes	Permission flags (see below). Any omitted flag defaults to allowed.
`owner_password`	string	yes	Owner password that enforces the restrictions and can later lift them.

Permission flags

Flag	When `false`
`print`	Printing is blocked.
`copy`	Copying/extracting text and images is blocked.
`modify`	Editing page content is blocked.
`annotate`	Adding comments/annotations is blocked.
`fill_forms`	Filling form fields is blocked.
`assemble`	Inserting, deleting, or rotating pages is blocked.

MCP example

Lock https://example.com/report.pdf so it can’t be printed or copied. Owner password 0wn3r.

{
  "file": "https://example.com/report.pdf",
  "permissions": { "print": false, "copy": false },
  "owner_password": "0wn3r"
}

HTTP example

curl
TypeScript

curl -i -X POST https://api.pdfasyougo.com/v1/restrictions/add \
  -H "Content-Type: application/json" \
  -H "X-PAYMENT: <base64-encoded-payment-payload>" \
  -d '{"file":"https://example.com/report.pdf","permissions":{"print":false,"copy":false},"owner_password":"0wn3r"}'

import { wrapFetchWithPayment } from 'x402-fetch';
import { privateKeyToAccount } from 'viem/accounts';

const account = privateKeyToAccount(process.env.X402_WALLET_PRIVATE_KEY as `0x${string}`);
const fetchWithPay = wrapFetchWithPayment(fetch, account);

const res = await fetchWithPay('https://api.pdfasyougo.com/v1/restrictions/add', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({
    file: 'https://example.com/report.pdf',
    permissions: { print: false, copy: false },
    owner_password: '0wn3r',
  }),
});
console.log((await res.json()).output.url);

Response

{
  "output": {
    "url": "https://files.pdfasyougo.com/o/b3f7…?token=…",
    "expires_at": "2026-06-29T12:00:00Z",
    "pages": 24,
    "bytes": 188416
  },
  "operation": "restrictions.add",
  "cost": "0.05 USDC"
}

Notes

Restrictions are enforced by the owner password; the document still opens without a password unless you also add an open password.
Any flag you don’t set is left allowed.
The owner_password is used only to apply the restrictions and is not retained — see Privacy & retention.

Home Operations Pricing

Getting Started

Introduction How it works Pricing Request preview access Quickstart: MCP server Quickstart: HTTP API

Core Concepts

Operations & pricing x402 payments Wallets & networks File handling Privacy & retention Errors & failures

MCP Server

Overview Connecting a client Paying with x402 Tools

HTTP API

Overview The 402 flow Conventions Errors

Operations

Resources

FAQ Changelog Roadmap Support

Legal

Privacy Policy Terms of Service