Using Content API

You must be a system administrator or higher to manage Content API access across your Matrix instance.

All Content API tokens are managed through the Content API Manager, which is located under System Management  Content API Manager.

Create tokens beneath this management asset and link the tokens to other root asset nodes you want to access using headless mode.

Field reference

The following fields let you configure what access the API has to your site.

Enabled

Lets you enable or disable this token. If you disable the token, any integrations you have set up using this token will be unavailable.

Requests sent while the token is disabled return a HTTP 401 Unauthorized error when returned in an API request.

Name

The name of the asset displayed in the asset tree. You set this name when you create the token asset.

You can change the name without affecting access to the API endpoint: the asset name is purely to help you locate it in the asset tree.

Token

The API token you use in requests for this content API integration. The token is a unique value, and can not be changed.

User

Select the user to base the permissions of the token against. You can choose any user account type to base the permissions on, depending on the requirements of your API integration.

If you do not select a user, the API returns an HTTP 401 Unauthorized error.

You can also set Root node restrictions to explicitly control what parts of your site are accessible to the API endpoint, in addition to inherited user permissions.

Root node restrictions

Select the root node (or nodes) you want to explicitly grant access to through the API integration, in line with the inherited permissions of the selected user.

If you do not set root node restrictions, the permissions of the selected User determine what assets and resources are available through the API.

Requesting a resource that is not under a restricted root node results in an HTTP 403 Forbidden response being returned.

How to create a Content API token

Tokens can be restricted to assets that are either root nodes, or children of root nodes.

Matrix permissions based on the assigned token user are applied if root node access restrictions are not set against a token.

  1. Right-click on the Content API Manager and select New child  Content API Token.

  2. Set a name for the token and click Save.

  3. In the User field, select a user profile that provides the minimum access level required for the API.

  4. In the Root node restrictions field, use the asset picker to select one or more root-node assets to apply the access token to.

  5. Click Enabled to set the token to active.

  6. Click Save.

  7. Release the asset locks.

The token asset now has a Token assigned to it. You use this token in an API request to retrieve information from the assets you selected and granted access to.

© 2015- Squiz Pty Ltd