Granular access rights can be configured for restricting access to the CMS component.
Four different access authorizations are provided, each with specified access scopes:
Available scopes:
Available scopes:
Available scopes:
Available scopes:
The CMS service is preconfigured with the following default users roles for each of the access scopes mentioned above:
manage-contents
manage-taxonomies
manage-media-library
manage-themes
The needed roles should be defined in the chosen identity provider solution.
In case other custom roles are needed, you can configure them using environment variables. More than one role can be set for each access scope.
To configure access for each of the roles above, adapt the following input:
SECURITY_ACCESSAUTHORIZATIONS_AUTHORIZATIONNAME_SCOPES_SCOPENAME_ROLESALLOWED: NEEDED_ROLE_NAMES
Possible values for AUTHORIZATIONNAME
: MANAGECONTENTS
, MANAGETAXONOMIES
.
Possible values for SCOPENAME
: import, read, edit, admin.
For example, if you need to configure role access for import, insert this:
Granular access rights can be configured for restricting access to the CMS component.
Four different access authorizations are provided, each with specified access scopes:
Available scopes:
Available scopes:
Available scopes:
Available scopes:
The CMS service is preconfigured with the following default users roles for each of the access scopes mentioned above:
manage-contents
manage-taxonomies
manage-media-library
manage-themes
The needed roles should be defined in the chosen identity provider solution.
In case other custom roles are needed, you can configure them using environment variables. More than one role can be set for each access scope.
To configure access for each of the roles above, adapt the following input:
SECURITY_ACCESSAUTHORIZATIONS_AUTHORIZATIONNAME_SCOPES_SCOPENAME_ROLESALLOWED: NEEDED_ROLE_NAMES
Possible values for AUTHORIZATIONNAME
: MANAGECONTENTS
, MANAGETAXONOMIES
.
Possible values for SCOPENAME
: import, read, edit, admin.
For example, if you need to configure role access for import, insert this: