Privacy & Visibility

Every session, plan, and project you push has a privacy level and an optional expiration.

Privacy levels

Public

Public sessions and plans appear on your profile page and are discoverable by anyone browsing the site.

rn session push --public

Secret

Secret sessions and plans are only accessible via their direct URL. They don't appear on your profile or in any listing. Anyone with the URL can view them, but the URL contains a cryptographic nanoid that is not guessable.

rn session push --secret

This is the default.

Private

Private sessions and plans are only accessible to you. They don't appear on your profile, and anyone else visiting the URL sees a 404 — indistinguishable from non-existent content.

rn session push --private

To view a private session or plan in your browser:

rn session open <id>
rn plan open <name>

The open command generates a short-lived signed URL (valid for 1 hour) that lets you view private content in the browser.

Default privacy

The default privacy level is secret. You can change this in your config:

[global]
privacy = "public"    # public, secret, or private

Or override per resource type:

[session]
privacy = "secret"

[plan]
privacy = "public"

The precedence is: CLI flag > resource-type config > global config > default (secret).

Project privacy ceiling

Projects act as a privacy ceiling for their contents. A private project hides all its sessions and plans from non-owners, regardless of individual item privacy levels. A public or secret project shows items according to their own privacy levels.

Project privacy Item privacy Visible to non-owners?
public public Yes
public secret Yes (via direct URL)
public private No
secret public Yes (via project URL)
private any No

Expiration

Set an expiration when pushing:

rn session push --expires 7d
rn plan push my-plan --expires 30d

Duration format

  • 1h — 1 hour
  • 24h — 24 hours
  • 7d — 7 days
  • 30d — 30 days
  • 365d — 1 year

What happens on expiry

When a session or plan expires, it becomes inaccessible. A background cleanup process permanently deletes expired content. The URL returns a 404.

Default expiration

Set a default in your config:

[global]
expires = "30d"       # all content expires in 30 days unless overridden

Or per resource type:

[session]
expires = "7d"

[plan]
expires = "90d"

If no expiration is set (and no default is configured), content persists until you delete it manually.

Updating metadata

You can change the privacy and expiration of existing content through the API:

PATCH /api/v1/sessions/{nanoid}
PATCH /api/v1/plans/{nanoid}

See the API Reference for details.

← Authentication Configuration →
rockstar.ninja · docs · privacy