At times, you may need to control access to your Turtl content so that only a specific group of people can read it. Turtl's access control settings provide controls to help you achieve this.
Applying an access control policy
Navigate to the main content listing page and click the drop-down arrow to get to your Content settings.
Select the "Access Control" tab.
Select the access policy you want to apply using the drop-down menu. Available policies are:
Public on the web (default for drafts): Anyone on the internet can read your Turtl content. Indexing is enabled for search engines.
Anyone with the link: Anyone who has the link can access your Turtl content. Search engine indexing will be turned off.
Anyone at my company: With SSO enabled, anyone who has a company SSO can access your Turtl content. With no SSO enabled, anyone with a Turtl login can access your content. Search engine indexing will be turned off.
Specific people only: Provide a list of contacts (emails) who can access your Turtl content. Search engine indexing will be turned off.
Notes:
If you select Specific people only, individual contact information (PII - personal identifying information) is requested, therefore your company's privacy policy should be set, lest this access setting will not work. Find out how to set this policy here.
If you select Anyone at my company or Specific people only, the PDF download option will be removed to keep the content from being shared publicly.
For drafts, you can also enable the Require login to view draft links setting. When this option is turned on, only logged-in users will be able to access draft links, adding an extra layer of security before publication.
Checking that the correct policy is applied
Turtl notifies you of the access settings applied to a content in several places to help you avoid sharing with incorrect settings:
A status banner is shown for each piece of content with a restricted access policy in the main content list:
A lock icon is displayed at the top of the browser when an internal user accesses a Private or email-protected content. Hovering over this displays more information:
Configuring protection for content
The email authentication access policy allows you to specify a list of contact email addresses that can access your content.
How to apply the email authentication policy
Simply add the email addresses in the box shown above. Whole domains can also be added to allow access to everyone in the company, for example, @turtl.co would give access to everyone with that domain in their email address.
What does your reader see?
Note: The activation link only remains active for 15 minutes. After this time has expired the reader will need to enter their email address again and click a new activation email.
When "Specific people only" is selected, all external readers will be presented with an access screen requiring them to enter their email address in order to read your Turtl content.
If they have been granted access in advance, they will be sent an email with a link to the now unlocked Turtl content.
You can also control the access settings of your personalized Turtl content. Read more about this here.
Tip: If you would like the email activation link to be sent from your own email address, this is available as a professional service. Please email professional-services@turtl.co for further details.