Configure Token Permissions for Content

If you manage content through an API or have automated workflows, you can use API tokens to restrict access based on permissions. By default, API tokens with administrative-level access can retrieve and manage all content. To enhance security, you can add tokens to certain content with lower access levels. Learn more about the various API token access levels.

You can add an API token under content visibility or editing depending on your workflow use case.

Prerequisite:

• You have an API token with the desired access level and know the name of the API token. Learn more.

1. In the Studio, navigate to Content.
2. Navigate to the page, news channel, or plugin for which you want to add the token permissions.
3. Click the gear wheel icon to open the settings.
4. In the Visibility in the App dropdown, select For selected users, groups or API tokens to add a token with Restricted Read-only access.
   To make the content accessible to all users and tokens, use a token with minimum Read-only access instead of Restricted Read-only access when making the API request. In this case, select For all users, and you do not need to add the token separately, as it automatically has read access to the content.
   A new field appears.
5. From the new field, select the desired API token.
   If you are adding tokens to News, you can also add a token for Contributors of a news channel.
6. In the Editors dropdown, select the API token for which you want to provide editorial access.
7. Click Save.

You have configured token permissions for a page, news channel, or plugin.