Configure Content Management API
Explains how to configure the Optimizely Content Management API.
The Optimizely Content Management API has the ContentManagementApiOptions
(located in the EPiServer.ContentManagementApi
namespace) where you can configure the API. There are security-related and CORS settings that you might want to change.
Register Content Management API services
After installing the package, clients need to register Content Management API services in their Startup.cs
file:
public void ConfigureServices(IServiceCollection services) {
services.AddContentManagementApi();
}
Security
CMA has three authorization levels:
- Allow Scopes – Scopes that must hit any method of Content Management API endpoints. The user must have at least one of the configured allowed scopes to call the API endpoints.
- Required Role – The required role must be assigned to content to be accessible in the Content Management API. The default value is null, which means content is accessible by the Content Management API.
- Privilege – The user must have privilege(s) on content to perform an action.
Content Management API supports authenticating the request by using OpenID Connect and Bearer Tokens (JWT):
public void ConfigureServices(IServiceCollection services) {
services.AddContentManagementApi(OpenIDConnectOptionsDefaults.AuthenticationScheme);
}
For information about the OpenID Connect configuration, see API authentication.
Flatten
The flatten
configuration controls data format used in serialization (for GetCommonDraft
and deserialization for data sent to other endpoints). Its value can be configured at initialization time using ContentApiOptions
:
public void ConfigureServices(IServiceCollection services) {
services.ConfigureContentApiOptions(o => {
o.FlattenPropertyModel = true;
});
}
Example
When you use any endpoints (Get common draft, post, put, patch, and so on) in Content Management API without flatten
, the data format is:
{
"name": "Alloy Plan",
"metaTitle": {
"value": "Alloy Plan - Online Project Management",
"propertyDataType": "PropertyLongString"
},
"metaDescription": {
"value": "Project management...",
"propertyDataType": "PropertyLongString"
}
...
}
With flatten, the data format is:
{
"name": "Alloy Plan",
"metaTitle": "Alloy Plan, online project management",
"metaDescription": "Project management...",
...
}
CORS
You can configure Content Management API to use a specific CORS policy in ConfigureServices
in Startup.cs:
public void ConfigureServices(IServiceCollection services) {
services.AddContentManagementApi(c => {
c.CorsPolicyName = "MyCorsPolicy"
});
}
See CORS configuration.
Updated 8 months ago