Sharing

Note

Sharing is a Pro feature. Start a 14-day free trial to try it.

Claspt lets you share pages or individual secret values with anyone — even people who don’t use Claspt. Shared content is encrypted client-side before it ever leaves your device, so the server never sees plaintext.

Share Types

Type	What’s shared	Use case
Page share	Full page content including all secrets	Sharing a complete credentials page with a teammate
Secret share	A single secret value	Sending one password or API key

How Sharing Works

1. Right-click a page in the sidebar and select Share, or click the share icon on an individual secret card.
2. Set a share password — this encrypts the content before upload. The recipient needs this password to view the share.
3. Configure options — expiry time and burn-after-reading (see below).
4. Copy the link and send it to your recipient.

The share link format is:

https://app.claspt.app/s/{id}

When the recipient opens the link, they enter the share password in their browser. Decryption happens entirely in the browser — the server only stores and delivers the encrypted blob.

Tip

Send the share link and the share password through different channels. For example, send the link via email and the password via a text message. This way, compromising one channel doesn’t expose the content.

Burn After Reading

Enable Burn after reading to automatically delete the share after it’s been viewed once. This is ideal for one-time credential handoffs — once the recipient opens and decrypts the share, it’s permanently deleted from the server. No one (including you) can access it again.

Expiry

Every share has an expiry time. You can configure it when creating the share:

Option	Duration
1 hour	Short-lived, for immediate handoffs
24 hours	Default for quick shares
7 days	For shares that might not be opened immediately
30 days	Maximum allowed expiry

After expiry, the encrypted blob is deleted from the server regardless of whether it was viewed.

Revoking Shares

Changed your mind? You can revoke a share before it’s been viewed or before it expires:

• From the app: Right-click the shared page in the sidebar and select Revoke Share.
• From the Account Portal: Go to Account Portal > Shares to see all active shares and revoke any of them.

Revoking immediately deletes the encrypted blob from the server. The share link will show “This share has expired or been revoked.”

Security Model

Property	Detail
Encryption	AES-256-GCM, client-side
Key derivation	Share password is never sent to the server
Server knowledge	Encrypted blob only — no plaintext, no share password
Size limit	256 KB per share
Transport	HTTPS (TLS 1.3)

Caution

The share password is the only thing protecting the content. Use a strong password — especially for sensitive credentials. The server cannot recover a forgotten share password, and neither can you.

Limitations

• Maximum share size is 256 KB (covers most credential pages).
• Shares expire after a maximum of 30 days.
• Burn-after-reading shares cannot be viewed again after the first decryption — make sure the recipient saves what they need.