Enable JWT token
Add a Token in you local.json file. If your running ONLYOFFICE on linux you will find the file here:
/etc/onlyoffice/documentserver/local.json
Set inbox, outbox and browser to true and add you token in the secret part for inbox, outbox and session. I just generated a random string via Bitwarden.
"token": {
"enable": {
"request": {
"inbox": true,
"outbox": true
},
"browser": true
},
"inbox": {
"header": "Authorization"
},
"outbox": {
"header": "Authorization"
}
},
"secret": {
"inbox": {
"string": "token_string"
},
"outbox": {
"string": "token_string"
},
"session": {
"string": "token_string"
}
Save the file and run:
supervisorctl restart all
Go to your Nextcloud web interface, open your ONLYOFFICE App and add your token beneath your server url.
Configure IP Filter
Search in the following file for “ipfilter”:
/etc/onlyoffice/documentserver/default.json
Add you domain or IP to the IP rules. Disallow everything else. Use * as wildcard. Also set useforrequest to true.
"ipfilter": {
"rules": [{"address": "url_or_ip", "allowed": true},
{"address": "*", "allowed": false}],
"useforrequest": true,
"errorcode": 403
},
Now run again:
supervisorctl restart all
And test if the service is reachable.