Configure Content Management API
Explains how to configure the Optimizely Content Management API.
The Optimizely Content Management API has the ContentManagementApiOptions
(located in the EPiServer.ContentManagementApi
namespace) where you can configure the API. Currently, there are security-related and CORS settings that you might want to change.
Register Content Management API services
After installing the package, clients need to register Content Management API services in their Startup.cs file:
public void ConfigureServices(IServiceCollection services)
{
services.AddContentManagementApi();
}
Security
CMA has three authorization levels:
- Allow Scopes – Scopes that require to hit any method of Content Management API endpoints. The user needs to have at least one of configured allowed scopes in order to call the API endpoints.
- Required Role – The required role must be assigned to content in order to be accessible in the Content Management API. The default value is null which means all content is accessible by the Content Management API.
- Privilege – The user must have privilege(s) on content in order to perform an action.
Content Management API supports authenticating the request by using OpenID Connect and Bearer Tokens (JWT):
public void ConfigureServices(IServiceCollection services)
{
services.AddContentManagementApi(OpenIDConnectOptionsDefaults.AuthenticationScheme);
}
For more detailed information about the OpenID Connect configuration, please see API authentication.
Flatten
The flatten configuration controls data format used in serialization (for GetCommonDraft
and deserialization for data sent to other endpoints). Its value can be configured at initialization time using ContentApiOptions
:
public void ConfigureServices(IServiceCollection services)
{
services.ConfigureContentApiOptions(o =>
{
o.FlattenPropertyModel = true;
});
}
Example
When we use any endpoints (Get common draft, post, put, patch …) in Content Management API without flatten, the data format is:
{
"name": "Alloy Plan",
"metaTitle": {
"value": "Alloy Plan, online project management",
"propertyDataType": "PropertyLongString"
},
"metaDescription": {
"value": "Project management...",
"propertyDataType": "PropertyLongString"
},
...
}
With flatten, the data format is:
{
"name": "Alloy Plan",
"metaTitle": "Alloy Plan, online project management",
"metaDescription": "Project management...",
...
}
CORS
You can configure Content Management API to use a specific CORS policy in ConfigureServices
in Startup.cs:
public void ConfigureServices(IServiceCollection services)
{
services.AddContentManagementApi(c =>
{
c.CorsPolicyName = "MyCorsPolicy"
});
}
For information about CORS configuration, see CORS configuration.
Updated 5 months ago