# Security settings

{% hint style="info" %}
Available in the **Premium** plan or higher
{% endhint %}

## Restrict access to a board

By default, a board is public, and anyone with the link can access it. You can change this behavior through the security settings.

<figure><img src="https://3144793569-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FI4JDAoWgD5Av9Hly3dSb%2Fuploads%2Fi9obaElwvkusQ6KNCtjR%2Fimage.png?alt=media&#x26;token=89597a2d-54ac-4803-921e-2c665ff12429" alt=""><figcaption><p>Security settings for a public kanban board</p></figcaption></figure>

In certain situations, you may need to restrict access to the board. In these cases, you can limit access by allowing only specific domains, ensuring the board remains private.

### Allowed domains

Instead of adding all stakeholders from your client as individual users, you can simply add "client.com" as allowed domain. This way, anyone with an email ending in "@client.com" will automatically gain access.

If your stakeholder uses subdomains, like "<name@ext.client.com>" for external contractors, they won't automatically gain access until you add the "ext.client.com" as an allowed domain.

<figure><img src="https://3144793569-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FI4JDAoWgD5Av9Hly3dSb%2Fuploads%2FThlxKxn8RNIqzHWXplG8%2Fimage.png?alt=media&#x26;token=b7520d12-e3df-4fbb-8507-a262c048b9cd" alt=""><figcaption><p>Security settings for a restricted kanban board</p></figcaption></figure>

### Accessing a restricted board

You can still share a restricted board through the same URL. When accessed by an anonymous visitor, a login prompt will be shown.

<figure><img src="https://3144793569-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FI4JDAoWgD5Av9Hly3dSb%2Fuploads%2FTtnsIJWWuVMT8r3imzy8%2Fimage.png?alt=media&#x26;token=7608de43-c35f-41cf-9bec-f3a2120f863f" alt=""><figcaption><p>Login screen for a restricted kanban board</p></figcaption></figure>

Stakeholders will be able to log in through a magic link, only if their domain is added to the allowed domains list. Upon their first visit, an account will be created for them automatically.

If the stakeholder is a Publicboards user, such as yourself, they will be redirected to the default login screen of Publicboards.

## Permissions

You can choose the permissions a visitor has. Everyone who has access to the board has the same permissions.

<figure><img src="https://3144793569-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FI4JDAoWgD5Av9Hly3dSb%2Fuploads%2FQ81urA9JNmF6azfoesmO%2Fimage.png?alt=media&#x26;token=51838ba0-bd8b-4bc8-98e0-c0a18fc8b8b0" alt=""><figcaption><p>Permission settings for a public kanban board</p></figcaption></figure>

### Issues

This defines what permissions a board visitor has towards issues that are being loaded on the board:

<table><thead><tr><th width="296">Setting</th><th data-type="checkbox">View board</th><th data-type="checkbox">Open issue details</th><th data-type="checkbox">Create new issues</th></tr></thead><tbody><tr><td><ol><li>View and create new issues</li></ol></td><td>true</td><td>true</td><td>true</td></tr><tr><td><ol start="2"><li>Detailed view</li></ol></td><td>true</td><td>true</td><td>false</td></tr><tr><td><ol start="3"><li>Overview only</li></ol></td><td>true</td><td>false</td><td>false</td></tr></tbody></table>

### Comments

This defines what permissions a board visitor has towards comments on the issues:

<table><thead><tr><th width="294">Setting</th><th data-type="checkbox">Read comments</th><th data-type="checkbox">Add comments</th></tr></thead><tbody><tr><td><ol><li>Read &#x26; comment</li></ol></td><td>true</td><td>true</td></tr><tr><td><ol start="2"><li>Read-only</li></ol></td><td>true</td><td>false</td></tr><tr><td><ol start="3"><li>Hidden</li></ol></td><td>false</td><td>false</td></tr></tbody></table>