This release gives you greater control over who can access your data. We have introduced two new features—Permissions for roles and Delivery Tokens—that let you define fine-grained rules for better security and control of your data. Let’s look at what is new in this release.
Fine-Grained Permissions for Roles
Custom roles are now more customizable; apart from defining permissions on all entries of content types, you can assign entry-level and field-level permissions to roles.
- Entry-level permissions: Manage permissions on entries of a content type. You can, for example, allow a role to access only specific entries of a content type, such as READ only ‘Blog Post 1’ and ‘Blog Post 2’ entries of the ‘Blog’ content type.
- Field-level permissions: Manage permissions on fields of a content type. You can, for example, restrict a role from accessing specific fields of a content type, such as CANNOT EDIT the SEO Title and SEO Description fields of the ‘Blog’ content type.
- Asset-level permissions: Manage permission on assets of the stack. For example, EDIT all assets of this stack.
You can add ‘exceptions’ to restrict access to certain fields, entries or assets. For example, NOT EDIT the ‘Title’ field of the ‘Blog’ content type.
More in-depth control over your content’s accessibility ensures that your data is secure and not exposed to other users. It allows you to assign users only the permissions required to perform a given task.
Learn more about these permissions.
Delivery Tokens for Content Delivery
Until this release, Contentstack provided a single ‘Access Token’ for each stack. This access token gave access to draft content as well as the content of all environments.
In this release, we introduced Delivery Tokens, which work a little differently.
A delivery token, as the name suggests, is a token used for content delivery, as it provides read-only access to an environment. It is used as a credential, along with stack API key, to fetch published content via APIs.
One delivery token gives access to only one environment, not all. You can create separate delivery tokens for separate environments, but it does not let you fetch draft or unpublished content. This separation ensures that only specified people have access to the required environments and that you can manage different delivery channels independently.
Using delivery tokens ensure that your content is secure, since you have greater control over who has access to what.
Read more on how to manage your stack’s delivery tokens.