Authentication
Grant access to Optimizely Graph resources
Optimizely Graph supports multiple authentication methods, each designed for specific access levels and use cases.
You can group the available methods as follows:
- Admin access: Provides full access to all Graph resources without restriction.
- Restricted access: Provides scoped access to specific resources based on identity and assigned roles.
- HMAC + (
cg-usernameandcg-rolesheaders) - Basic
- Bearer (JWT)
- HMAC + (
- Public access: Provides read-only access to publicly available resources, such as published CMS
- Single Key
Best Practices
- Use
HTTPSin all requests. - Prefer
HMACorJWTfor secured production environments. - Rotate single keys regularly and treat them as sensitive.
- Never expose secrets or tokens in front-end code unless you use a single key for public content.
Updated about 15 hours ago