Dev GuideAPI ReferenceUser Guide
HomeDev GuideAPI Reference
Dev GuideAPI ReferenceUser GuideGitHubNuGetDev CommunityDoc feedbackLog In
GitHubNuGetDev CommunityDoc feedback

Configure Content Management API

Explains how to configure the Optimizely Content Management API.

Suggest Edits

The Optimizely Content Management API has the ContentManagementApiOptions (located in the EPiServer.ContentManagementApi namespace) where you can configure the API. Currently, there are security-related and CORS settings that you might want to change.

Register Content Management API services

After installing the package, clients need to register Content Management API services in their Startup.cs file:

public void ConfigureServices(IServiceCollection services)
{
    services.AddContentManagementApi();
}

Security

CMA has three authorization levels:

  • Allow Scopes – Scopes that require to hit any method of Content Management API endpoints. The user needs to have at least one of configured allowed scopes in order to call the API endpoints.
  • Required Role – The required role must be assigned to content in order to be accessible in the Content Management API. The default value is null which means all content is accessible by the Content Management API.
  • Privilege – The user must have privilege(s) on content in order to perform an action.

Content Management API supports authenticating the request by using OpenID Connect and Bearer Tokens (JWT):

public void ConfigureServices(IServiceCollection services)
{
    services.AddContentManagementApi(OpenIDConnectOptionsDefaults.AuthenticationScheme);
}

For more detailed information about the OpenID Connect configuration, please see API authentication.

Flatten

The flatten configuration controls data format used in serialization (for GetCommonDraft and deserialization for data sent to other endpoints). Its value can be configured at initialization time using ContentApiOptions:

public void ConfigureServices(IServiceCollection services)
{
    services.ConfigureContentApiOptions(o =>
	{                
		o.FlattenPropertyModel = true;                
	});
}

Example
When we use any endpoints (Get common draft, post, put, patch …) in Content Management API without flatten, the data format is:

{
  "name": "Alloy Plan",
  "metaTitle": {
    "value": "Alloy Plan, online project management",
    "propertyDataType": "PropertyLongString"
  },
  "metaDescription": {
    "value": "Project management...",
    "propertyDataType": "PropertyLongString"
  },
  ...
}

With flatten, the data format is:

{ 
  "name": "Alloy Plan", 
  "metaTitle": "Alloy Plan, online project management", 
  "metaDescription": "Project management...", 
  ...
}

CORS

You can configure Content Management API to use a specific CORS policy in ConfigureServices in Startup.cs:

public void ConfigureServices(IServiceCollection services)
{
    services.AddContentManagementApi(c =>
	{
		c.CorsPolicyName = "MyCorsPolicy"                
	});
}

For information about CORS configuration, see CORS configuration.

Updated 5 months ago