Sharing & permissions
Permissioning is the product, so Renza borrows the model you already trust: Google Drive's share dialog, near-verbatim. Two ways to give access — by link and by person — and a small set of roles.
Link access
A share grants link-based access to a deck. Two modes:
link— anyone with the link can open it. The link is unguessable; access is by possession.public— discoverable and open.
Shared decks carry the "Shared with Renza" badge. On a paid plan you can remove the badge and serve from your own custom domain. On Renza Pro and above, links can be password-protected or set to expire, with link analytics.
To create a link share (POST /v1/shares):
renza shares create deck_2a9f8c1b --mode linkcurl https://api.renza.io/v1/shares \
-H "Authorization: Bearer $RENZA_API_KEY" \
-X POST \
-H "Content-Type: application/json" \
-d '{
"deck": "deck_2a9f8c1b",
"mode": "link"
}'import { createRenzaClient } from "renza-sdk";
const renza = createRenzaClient({ apiKey: process.env.RENZA_API_KEY! });
const share = await renza.shares.create({
deck: "deck_2a9f8c1b",
mode: "link",
});To take a link back, revoke the share (DELETE /v1/shares/{id}) — the
token stops resolving immediately:
renza shares revoke shr_7a2c…curl https://api.renza.io/v1/shares/shr_7a2c… \
-H "Authorization: Bearer $RENZA_API_KEY" \
-X DELETEimport { createRenzaClient } from "renza-sdk";
const renza = createRenzaClient({ apiKey: process.env.RENZA_API_KEY! });
const share = await renza.shares.revoke("shr_7a2c…");The full surface — list, resolve, revoke — is under Shares in the reference.
Per-person access (grants)
To give a specific person access, create a grant: a principal (a user, an email, or a group) plus a role on a deck or folder.
| Role | Can do |
|---|---|
| viewer | Open and present the deck |
| commenter | Everything a viewer can, plus drop and resolve comments |
| editor | Everything a commenter can, plus change content and settings |
To grant someone commenter access by email (POST /v1/grants):
renza grants create deck_2a9f8c1b alice@acme.com \
--principal-type email \
--resource-type deck \
--role commentercurl https://api.renza.io/v1/grants \
-H "Authorization: Bearer $RENZA_API_KEY" \
-X POST \
-H "Content-Type: application/json" \
-d '{
"principal_type": "email",
"principal": "alice@acme.com",
"resource_type": "deck",
"resource": "deck_2a9f8c1b",
"role": "commenter"
}'import { createRenzaClient } from "renza-sdk";
const renza = createRenzaClient({ apiKey: process.env.RENZA_API_KEY! });
const grant = await renza.grants.create({
principal_type: "email",
principal: "alice@acme.com",
resource_type: "deck",
resource: "deck_2a9f8c1b",
role: "commenter",
});Revoking the grant (renza grants revoke <id>) removes that access;
list, get, and revoke are under Grants in the reference.
Grants on a folder cascade to the decks inside it. The effective role a person has is computed from every grant that applies to them — the most permissive wins.
Guests are free
Viewers and commenters are never metered, on any plan. Anyone with a link can view and comment without an account. This is deliberate: review is the step where the collaboration network forms, so Renza never gates it behind seats. You pay for editors, never for reach.
Cross-org access
When you share with someone outside your workspace, they get access scoped to that one deck or folder — they don't join your org. A reviewer at a client can comment on the deck you shared without seeing anything else, and without you provisioning a seat.
Putting it together
A typical agency flow:
- Import the client deck and keep it Draft.
- Grant the internal team
editorand the client contactcommenter. - Move the deck to In review; reviewers comment, you resolve.
- Set it Published, create a
linkshare, and send one clean URL to the distribution list.