SNote for Business

Secure one-time secret sharing for teams and customers

Share passwords, API keys, access links, and sensitive notes via self-destructing links — with company-wide policies, recipient verification, and enterprise-grade controls.

Why SNote for Business

Most teams still share secrets in places they shouldn't — Slack messages, emails, screenshots, or tickets. Password managers help, but they're often too heavy for quick one-off sharing.

SNote is built for the moment you just need to send a secret fast, and make sure it won't leak.

  • One-time links that expire automatically
  • Optional recipient verification (email OTP) to prevent forwarding
  • Centralized policy controls for the whole company
  • Available as SaaS or self-hosted
  • Predictable pricing for teams of any size — a flat monthly fee per company, no per-seat billing

Common Business Use Cases

Internal team workflows

  • Sending temporary admin passwords to teammates
  • Passing SSH keys / VPN configs / access tokens
  • Secure handover during onboarding or offboarding
  • Sharing secrets inside support / ops / dev teams quickly

Customer & client delivery

  • Sending login details to customers securely
  • Delivering API keys to client developers
  • Sharing portal access without emailing passwords
  • Sending sensitive info to customers without requiring an account

Vendor & contractor collaboration

  • Sharing one-time access with external contractors
  • Sending credentials during short projects
  • Avoiding long-lived secrets stored in chat logs

Brand & Domain Customization

Make SNote look and feel like your company tool.

  • Custom domain
    Use your own domain like secrets.yourcompany.com
  • Logo and colors
    Match your brand identity for employee trust
  • Custom disclaimer / legal notice
    Add internal policy reminders or corporate messaging
  • Optional white-label experience
    Minimal SNote branding for customer-facing flows

Policy Engine (Company-Wide Controls)

Set rules once — and every secret shared through your organization follows them automatically.

Expiration & access rules

  • Default expiration time (e.g., 5 minutes / 1 hour / 24 hours)
  • Maximum allowed lifetime (to block "forever secrets")
  • One-time view (burn after read)
  • Max number of views (1 / 3 / 10 / custom)
  • Auto-delete after X days even if unopened

Recipient protection (anti-forward)

Prevent secrets from being shared with the wrong person.

  • Email OTP verification
  • Allowed recipient email domains (e.g., @company.com)
  • Optional recipient-bound secrets (only a specific email can open it)
  • Block external recipients by policy

Network restrictions (IP allowlist)

Lock your SNote instance down to internal networks only.

  • Allow access only from specific IPs
  • Support for IP ranges (CIDR), e.g. 203.0.113.0/24
  • Optional separation for internal vs customer-facing usage

Rate limits & abuse prevention

Keep the service safe and predictable.

  • API rate limits by IP / token
  • OTP request limits per email / IP
  • Optional CAPTCHA / anti-abuse rules
  • Session attempt limits and temporary lockouts

Content & attachment limits

Define what can be shared.

  • Max note length
  • Attachments on/off (if enabled)
  • File size limits (per secret and per month)
  • Restrict allowed file types (optional)

Deployment Options

SaaS (Hosted by SNote)

Fastest way to roll out company-wide secret sharing.

  • Hosted and maintained by SNote
  • Custom domain + branding
  • Policy engine and access controls
  • Optional region selection for data storage

Data residency: choose the region where your encrypted data is stored (availability depends on plan).

Contact: business@snote.io

Self-hosted (Docker / On-Prem)

For teams that require full infrastructure control.

  • Run SNote in your own environment
  • Docker-based deployment
  • Your own domain, policies, and storage
  • Ideal for regulated or security-sensitive organizations

Interested in self-hosting? Email us: business@snote.io

Built for Security

SNote is designed to reduce risk, not add complexity.

  • Secrets are end-to-end encrypted (server can't decrypt them)
  • Secrets are shared via time-limited links
  • Access can be restricted by policy
  • Optional recipient verification prevents link forwarding
  • Minimal footprint — no permanent vault required for one-off secrets

Get Early Access

Be the first to try SNote for Business and help shape the product.

Contact: business@snote.io

FAQ

Do users need an account?

No. By default, SNote works without accounts. You can optionally require recipient email verification via OTP.

Is SNote end-to-end encrypted?

Yes. Secrets are encrypted in the browser before upload. The server stores only encrypted data and cannot decrypt it.

Can we prevent sharing secrets outside the company?

Yes — restrict allowed recipient domains (e.g., only @company.com) and optionally require OTP verification.

Can we limit access to internal networks only?

Yes — enable IP allowlists and CIDR range restrictions to keep access private.

Do you offer self-hosting?

Yes — Docker-based self-hosted deployments are available for business customers.

Can we choose where data is stored?

Yes — on SaaS plans you can select a storage region (availability depends on plan).