Teams & permissions

Restricting a document to specific people

Lock a sensitive file down when org-shared-by-default isn't right.

3 min read · Updated June 28, 2026


Documents in a team org are shared with everyone by default. When something is sensitive, mark it restricted and grant access only to specific people or groups.

Restrict a document

  1. 1Open the document and choose Restrict access.
  2. 2Add the individual people or groups who should see it, each as view or edit.
  3. 3Save. Everyone else in the org can no longer find or open it.

How it behaves

  • A document you can't see returns a plain not found: its very existence isn't leaked, you never get a revealing "forbidden".
  • The document's owner, and any Owner or Admin, can still see it (they bypass restrictions).
  • Restricted documents are never exposed through a collection link to someone who couldn't already see them.

Good to know

Restricting a folder hides the folder itself, not the documents filed inside it. Each document carries its own access, so to protect what's in a folder, restrict those documents directly.

Was this article helpful?

Ready to try it?

Open your vault and put this into practice.

Open app