Private Topics

Secure your notifications with private topics - full access control for production systems and sensitive data.

Subscription Required

Private topics are available on ESSENTIALS plan and higher ($9.99/month). View Pricing →

What Are Private Topics?

Private topics provide true privacy and access control for your notifications. Unlike public topics where anyone can publish, private topics require authentication for both publishing and subscribing.

Key Features:

• 🔒 Authentication required - Only authorized users can publish or subscribe
• 🎟️ Access tokens - Fine-grained control over who can access your topic
• 👥 Team collaboration - Share private topics with team members (TEAM plan)
• 🔐 Token permissions - Separate read/write access levels
• ⏰ Token expiry - Set expiration dates for temporary access
• 🚫 Revocation - Instantly revoke access by deleting tokens

Public vs Private Topics

Feature	Public Topics	Private Topics
Who can publish	Anyone who knows the name ⚠️	Only owner + token holders 🔒
Who can subscribe	Anyone	Owner, token holders, or discoverable subscribers (read-only) 🔒
Access control	None (IP rate limiting only)	Full control via tokens ✅
Discoverable	Yes (optional)	Optional - enables read-only public access
Best for	Open communities, testing	Production, sensitive data
Plan requirement	FREE	ESSENTIALS+ ($9.99/mo)

Creating Private Topics

Via Web Dashboard

1. Navigate to Dashboard

   • Go to app.notifer.io
   • Click "+ New Topic"

2. Choose Privacy Level

   • Select "Private" option
   • Enter topic name and description

3. Create Topic

   • Click "Create Topic"

Plan Limits

• FREE: 1 private topic
• ESSENTIALS: 10 private topics
• TEAM: 25 private topics

Discoverable Private Topics

Private topics can optionally be made discoverable in the public catalog, allowing anyone to find and subscribe with read-only access.

How It Works

When you enable discoverability for a private topic:

• 🔍 Visible in Browse - The topic appears in the public "Discover Topics" catalog
• 👀 Read-Only Access - Subscribers can receive notifications but cannot publish
• 🔒 Write Protection - Only the owner and token holders can publish messages
• 🏷️ Read-Only Badge - Subscribers see a "Read-Only" indicator on the topic

Use Cases

Announcements & Status Updates:

• Share company announcements with customers (they can subscribe, you control publishing)
• Public status page for your service (subscribers get updates, but can't post)
• Product release notifications to interested users

Controlled Information Sharing:

• Internal team topics visible to external stakeholders (read-only)
• Project updates for clients without giving them write access
• News feeds where only authorized staff can publish

Enabling Discoverability

1. Create or edit a private topic
2. Check "Discoverable in public catalog"
3. Add a description (required for discoverable topics)
4. Save the topic

Description Required

Discoverable private topics must have a description so users browsing the catalog understand what the topic is about.

Subscriber Experience

When someone subscribes to a discoverable private topic:

• They can view and receive all messages (real-time SSE, push notifications)
• They see a "Read-Only" badge on the topic card
• Publishing attempts will be rejected with "Permission denied"
• They can unsubscribe at any time

Disabling Discoverability

If you disable discoverability on a private topic:

• The topic is removed from the public catalog
• Existing subscribers keep read-only access (they already subscribed)
• New users cannot discover or subscribe to the topic
• To remove existing subscribers, you need to make them unsubscribe or recreate the topic

Access Control with Tokens

Private topics use access tokens for authentication. Each token can have different permissions:

Token Types

READ - Can subscribe and read messages only

curl -N https://app.notifer.io/private-topic/sse?token=tk_read_abc123

WRITE - Can publish messages only

curl -d "Deploy complete" \
  -H "X-Topic-Token: tk_write_xyz789" \
  https://app.notifer.io/private-topic

READ_WRITE - Can both publish and subscribe

curl -d "Message" \
  -H "X-Topic-Token: tk_full_def456" \
  https://app.notifer.io/private-topic

Creating Access Tokens

1. Navigate to Topic Settings

   • Open topic menu (three dots)
   • Click "Manage access tokens"

2. Create New Token

   • Click "Generate Token"
   • Enter token name (e.g., "CI/CD Pipeline")
   • Select access level (READ, WRITE, or READ_WRITE)
   • Optional: Set expiration date

3. Save Token

   • ⚠️ Copy the token immediately - it's shown only once!
   • Store securely (password manager, secrets vault)

Token Security

Access tokens are shown only once during creation. If you lose a token, you must delete it and create a new one.

Publishing to Private Topics

Use a topic access token (recommended) to publish to private topics:

curl -d "Production deployment started" \
  -H "X-Topic-Token: tk_your_token_here" \
  -H "X-Priority: 2" \
  https://app.notifer.io/prod-alerts

More authentication options

You can also authenticate with JWT tokens or API keys. For all authentication methods and code examples, see Authentication.

Subscribing to Private Topics

Web Dashboard

1. Navigate to topic page
2. Click "Subscribe"
3. You're automatically subscribed (owner has full access)

Mobile App

1. Open mobile app
2. Search for your private topic
3. Subscribe (owner has automatic access)

SSE with Token

const token = 'tk_your_read_token';
const eventSource = new EventSource(
  `https://app.notifer.io/private-topic/sse?token=${token}`
);

eventSource.onmessage = (event) => {
  const message = JSON.parse(event.data);
  console.log(message);
};

Team Private Topics

On TEAM plan and higher, you can create private topics owned by a team:

Benefits:

• All team members can publish and subscribe
• Rate limits based on team owner's subscription
• Shared management and access control
• Survives when team members leave

Creating Team Private Topics:

1. Create topic and select "Private"
2. Under "Team (Optional)", select your team
3. All team members with appropriate roles can access

See Team Collaboration Guide for details.

Use Cases

Production Monitoring

# CI/CD pipeline
curl -d "Build #${BUILD_NUMBER} deployed to production" \
  -H "X-Topic-Token: ${PROD_DEPLOY_TOKEN}" \
  -H "X-Priority: 2" \
  https://app.notifer.io/prod-deployments

Secure Customer Alerts

# Order notifications (internal only)
curl -d "New order #12345 - $599.99" \
  -H "X-Topic-Token: ${ORDER_TOKEN}" \
  https://app.notifer.io/customer-orders

Sensitive System Alerts

# Database backup status
curl -d "Backup completed: 2.3GB, 00:23:45" \
  -H "X-Topic-Token: ${BACKUP_TOKEN}" \
  -H "X-Tags: backup,success" \
  https://app.notifer.io/db-backups

Best Practices

Token Management

✅ DO:

• Use descriptive token names ("Jenkins CI", "Monitoring Script")
• Set expiration dates for temporary access
• Use READ-only tokens when possible
• Store tokens in secure vaults (AWS Secrets Manager, 1Password)
• Rotate tokens periodically (every 90 days)
• Delete unused tokens immediately

❌ DON'T:

• Share tokens in code repositories
• Use same token across multiple systems
• Store tokens in plain text files
• Use overly permissive tokens (READ_WRITE when READ is enough)

Topic Naming

For private topics, you can use simple, descriptive names since they're not guessable:

✅ prod-alerts
✅ customer-orders
✅ db-backups
✅ team-notifications

No need for complex random strings like public topics!

Troubleshooting

"Private topic. Provide X-Topic-Token header"

Problem: Trying to publish/subscribe without authentication

Solution:

# Add token to request
curl -d "Message" \
  -H "X-Topic-Token: tk_your_token_here" \
  https://app.notifer.io/private-topic

"Invalid or expired topic access token"

Problem: Token is invalid, expired, or deleted

Solution:

1. Verify token is correct (copy/paste error?)
2. Check if token has expired
3. Ensure token hasn't been deleted
4. Create new token if needed

"Only the topic owner can create access tokens"

Problem: You're not the topic owner

Solution:

• Only topic owners can manage access tokens
• Ask the topic owner to share a token with you
• For team topics, you need owner or admin role

Migration from Public to Private

Cannot Convert Directly

You cannot convert a public topic to private (or vice versa). You must create a new private topic.

Migration steps:

1. Create new private topic with different name
2. Update integrations to use new topic + tokens
3. Test publishing and subscribing
4. Delete old public topic when ready

Related Documentation

• Topic Access Tokens - Detailed token documentation
• Creating Topics Guide - Complete topic creation guide
• Team Collaboration - Team private topics
• Publishing via HTTP - Authentication methods

---

Need Help?

• See FAQ for common questions
• Check Troubleshooting for problem solving
• Contact support: support@notifer.io