PDF.co MCP Server

Official

Overview Schema Related Servers Score Discussions

pdf_add_password

Add password protection to PDF files to control access, restrict printing, and prevent unauthorized modifications using encryption algorithms like AES-256.

Instructions

Add password protection to a PDF file.
Ref: https://developer.pdf.co/api-reference/pdf-password/add.md

Input Schema

TableJSON Schema

Name	Required	Description	Default
`url`	Yes	URL to the source PDF file. Supports publicly accessible links including Google Drive, Dropbox, PDF.co Built-In Files Storage. Use 'upload_file' tool to upload local files.
`owner_password`	Yes	The main owner password that is used for document encryption and for setting/removing restrictions.
`user_password`	No	The optional user password will be asked for viewing and printing document.
`encryption_algorithm`	No	Encryption algorithm. Valid values: RC4_40bit, RC4_128bit, AES_128bit, AES_256bit. AES_128bit or higher is recommended.	AES_256bit
`allow_accessibility_support`	No	Allow or prohibit content extraction for accessibility needs.
`allow_assembly_document`	No	Allow or prohibit assembling the document.
`allow_print_document`	No	Allow or prohibit printing PDF document.
`allow_fill_forms`	No	Allow or prohibit the filling of interactive form fields (including signature fields) in the PDF documents.
`allow_modify_document`	No	Allow or prohibit modification of PDF document.
`allow_content_extraction`	No	Allow or prohibit copying content from PDF document.
`allow_modify_annotations`	No	Allow or prohibit interacting with text annotations and forms in PDF document.
`print_quality`	No	Allowed printing quality. Valid values: HighResolution, LowResolution.
`httpusername`	No	HTTP auth user name if required to access source url. (Optional)
`httppassword`	No	HTTP auth password if required to access source url. (Optional)
`password`	No	Password of the PDF file if it's already password-protected. (Optional)
`name`	No	File name for the generated output. (Optional)
`api_key`	No	PDF.co API key. If not provided, will use X_API_KEY environment variable. (Optional)

Implementation Reference

pdfco/mcp/tools/apis/security.py:8-119 (handler)

MCP tool handler for 'pdf_add_password'. Includes @mcp.tool() decorator for registration, detailed input schema via Pydantic Fields, and logic to build parameters before calling the service helper.

@mcp.tool()
async def pdf_add_password(
    url: str = Field(
        description="URL to the source PDF file. Supports publicly accessible links including Google Drive, Dropbox, PDF.co Built-In Files Storage. Use 'upload_file' tool to upload local files."
    ),
    owner_password: str = Field(
        description="The main owner password that is used for document encryption and for setting/removing restrictions."
    ),
    user_password: str = Field(
        description="The optional user password will be asked for viewing and printing document.",
        default="",
    ),
    encryption_algorithm: str = Field(
        description="Encryption algorithm. Valid values: RC4_40bit, RC4_128bit, AES_128bit, AES_256bit. AES_128bit or higher is recommended.",
        default="AES_256bit",
    ),
    allow_accessibility_support: bool = Field(
        description="Allow or prohibit content extraction for accessibility needs.",
        default=False,
    ),
    allow_assembly_document: bool = Field(
        description="Allow or prohibit assembling the document.", default=False
    ),
    allow_print_document: bool = Field(
        description="Allow or prohibit printing PDF document.", default=False
    ),
    allow_fill_forms: bool = Field(
        description="Allow or prohibit the filling of interactive form fields (including signature fields) in the PDF documents.",
        default=False,
    ),
    allow_modify_document: bool = Field(
        description="Allow or prohibit modification of PDF document.", default=False
    ),
    allow_content_extraction: bool = Field(
        description="Allow or prohibit copying content from PDF document.",
        default=False,
    ),
    allow_modify_annotations: bool = Field(
        description="Allow or prohibit interacting with text annotations and forms in PDF document.",
        default=False,
    ),
    print_quality: str = Field(
        description="Allowed printing quality. Valid values: HighResolution, LowResolution.",
        default="",
    ),
    httpusername: str = Field(
        description="HTTP auth user name if required to access source url. (Optional)",
        default="",
    ),
    httppassword: str = Field(
        description="HTTP auth password if required to access source url. (Optional)",
        default="",
    ),
    password: str = Field(
        description="Password of the PDF file if it's already password-protected. (Optional)",
        default="",
    ),
    name: str = Field(
        description="File name for the generated output. (Optional)", default=""
    ),
    api_key: str = Field(
        description="PDF.co API key. If not provided, will use X_API_KEY environment variable. (Optional)",
        default="",
    ),
) -> BaseResponse:
    """
    Add password protection to a PDF file.
    Ref: https://developer.pdf.co/api-reference/pdf-password/add.md
    """
    params = ConversionParams(
        url=url,
        httpusername=httpusername,
        httppassword=httppassword,
        password=password,
        name=name,
    )

    additional_params = {
        "ownerPassword": owner_password,
    }

    if user_password is not None:
        additional_params["userPassword"] = user_password

    if encryption_algorithm is not None:
        additional_params["EncryptionAlgorithm"] = encryption_algorithm

    if allow_accessibility_support is not None:
        additional_params["AllowAccessibilitySupport"] = allow_accessibility_support

    if allow_assembly_document is not None:
        additional_params["AllowAssemblyDocument"] = allow_assembly_document

    if allow_print_document is not None:
        additional_params["AllowPrintDocument"] = allow_print_document

    if allow_fill_forms is not None:
        additional_params["AllowFillForms"] = allow_fill_forms

    if allow_modify_document is not None:
        additional_params["AllowModifyDocument"] = allow_modify_document

    if allow_content_extraction is not None:
        additional_params["AllowContentExtraction"] = allow_content_extraction

    if allow_modify_annotations is not None:
        additional_params["AllowModifyAnnotations"] = allow_modify_annotations

    if print_quality is not None:
        additional_params["PrintQuality"] = print_quality

    return await add_pdf_password(params, **additional_params, api_key=api_key)

pdfco/mcp/services/pdf.py:101-106 (helper)

Service helper function that performs the actual HTTP request to the PDF.co API endpoint for adding password to PDF.

async def add_pdf_password(
    params: ConversionParams, api_key: str | None = None, **kwargs
) -> BaseResponse:
    return await request(
        "pdf/security/add", params, custom_payload=kwargs, api_key=api_key
    )

pdfco/mcp/tools/apis/security.py:72-119 (schema)

Output type annotation using BaseResponse model for standardized response handling.

) -> BaseResponse:
    """
    Add password protection to a PDF file.
    Ref: https://developer.pdf.co/api-reference/pdf-password/add.md
    """
    params = ConversionParams(
        url=url,
        httpusername=httpusername,
        httppassword=httppassword,
        password=password,
        name=name,
    )

    additional_params = {
        "ownerPassword": owner_password,
    }

    if user_password is not None:
        additional_params["userPassword"] = user_password

    if encryption_algorithm is not None:
        additional_params["EncryptionAlgorithm"] = encryption_algorithm

    if allow_accessibility_support is not None:
        additional_params["AllowAccessibilitySupport"] = allow_accessibility_support

    if allow_assembly_document is not None:
        additional_params["AllowAssemblyDocument"] = allow_assembly_document

    if allow_print_document is not None:
        additional_params["AllowPrintDocument"] = allow_print_document

    if allow_fill_forms is not None:
        additional_params["AllowFillForms"] = allow_fill_forms

    if allow_modify_document is not None:
        additional_params["AllowModifyDocument"] = allow_modify_document

    if allow_content_extraction is not None:
        additional_params["AllowContentExtraction"] = allow_content_extraction

    if allow_modify_annotations is not None:
        additional_params["AllowModifyAnnotations"] = allow_modify_annotations

    if print_quality is not None:
        additional_params["PrintQuality"] = print_quality

    return await add_pdf_password(params, **additional_params, api_key=api_key)

pdfco/mcp/tools/apis/security.py:8-8 (registration)
Decorator that registers the function as an MCP tool named 'pdf_add_password'.
```
@mcp.tool()
```

Tool Definition Quality

C2.9/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries the full burden of behavioral disclosure. The description states the action ('Add password protection') but doesn't explain key behavioral aspects: whether this modifies the original file or creates a new one, what the output is (e.g., a download link or modified file), potential side effects, error conditions, or rate limits. The reference link hints at external details but isn't self-contained.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is concise and front-loaded with the core purpose in the first sentence. The second sentence provides a reference link, which adds value but could be integrated more smoothly. There's no unnecessary verbosity, and both sentences earn their place by stating the action and directing to further resources.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the complexity (17 parameters, no annotations, no output schema), the description is incomplete. It lacks details on the tool's behavior (e.g., output format, whether it's destructive), usage guidelines, and how it fits among sibling tools. The reference link partially mitigates this but doesn't substitute for a self-contained description that an AI agent can rely on without external lookup.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, so the schema already documents all 17 parameters thoroughly. The description adds no parameter-specific information beyond what's in the schema (e.g., it doesn't clarify the relationship between 'owner_password' and 'user_password' or explain the default values). With high schema coverage, the baseline is 3, as the description doesn't compensate with additional semantic context.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: 'Add password protection to a PDF file.' It specifies the verb ('Add') and resource ('password protection to a PDF file'), making the action clear. However, it doesn't explicitly differentiate from sibling tools like 'pdf_remove_password' or explain how this differs from other PDF manipulation tools in the list.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides minimal usage guidance. It includes a reference link to external documentation but doesn't specify when to use this tool versus alternatives (e.g., 'pdf_remove_password' for the opposite action, or other PDF tools for different operations). There's no mention of prerequisites, such as needing a source PDF, or contextual advice on when password protection is appropriate.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/pdfdotco/pdfco-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server