Dev GuideAPI Reference
Dev GuideAPI ReferenceUser GuideGitHubNuGetDev CommunitySubmit a ticketLog In
GitHubNuGetDev CommunitySubmit a ticket

Restrict access to the Admin Console

Describes how to restrict access to the Admin Console in Optimizely Configured Commerce.

Currently this is an option only in the Cloud environment. Access to the Admin Console can be disabled for any website within its environment. Consider the following scenario: My environment has 6 web servers, 3 of them are exposed to the public and 3 are internal facing. I only want to allow people to access to the Admin Console features for the 3 web servers that are on an internal network. The other 3 external web servers need to be locked down for security reasons and therefore, I do not want people access the Admin Console.

To facilitate this behavior, the DisableAdminAccess appSetting (web.config) needs to be set to "true". When set to a value of "true" the Admin Console, CMS shell, and the admin api's will be disabled and return error messages if someone attempts to use them.