Protect your content and assets with secure access. You might want to enable secure access with sensitive content, content hidden behind sign-in walls, or for projects that are not public facing.Without secure access, your assets and published content items are publicly available by default.
Use the new API key to authenticate your API requests.
Retrieve content items securely
When getting content items, specify the API key when making requests. The code below shows how to securely retrieve the content of an article named My article.After sending the request, you receive a single content item in the JSON format. You can filter your requests to retrieve only specific elements or items.
Retrieve assets securely
With advanced asset management, you can restrict access to your assets by requiring an API key. This API key differs from the API keys in Project settings > API keys.To set up secure access for assets, contact our support and let them know the following:
Your environment ID
Whether to enable secure assets for the Delivery Preview API, Delivery API, or both
Once you enable secure assets, you need to provide an API key for every asset request. Fetch assets on the server side of your app to prevent exposing the API key.
Revoke API keys
When you suspect unauthorized key usage, you need to switch to a new API key and revoke the old one. For example, when a user leaves your company.We recommend switching to a newly created API key and revoking the old API key. The revocation process can take up to a couple of minutes. Any requests made with a revoked API key receive the 401 Unauthorized error.