Try our conversational search powered by Generative AI!

Minesh Shah (Netcel)
Mar 6, 2024
  355
(5 votes)

Exploring SaaS CMS: API Clients and Content Management APIs

Introduction

In continuation of my previous post on leveraging the Content Management API and OpenID Connect Authentication on the PaaS-based Optimizely CMS, I delve into the delivery mechanisms within the SaaS-based CMS Platform. Surprisingly, the majority of functionalities are readily available and seamlessly integrated into the system. In this article, I provide a quick preview of the available features and guide on configuring the exposed API for definition and content management.

Note: It's essential to bear in mind that while I explore these features, the SaaS platform is still in its BETA phase, and APIs are currently at version 0.5. Changes might occur as the SaaS CMS transitions into general availability.

Configuring the API Client (Equivalent to OpenID Connect Package)

The API client functionality comes pre-installed in the SaaS CMS, and the setup is near identical to what we found on the PaaS platform with the Open ID Connect package. The tool can be found within Settings and the Access Rights section as highligted in the image below.  

Once on the API Client interface we can create a Client ID, the Client Secret is automatically generated please store this safely as there is no way of retrieving once you leave the page. The option to "Allow the client to impersonate users" is self-explanatory; enabling this allows the client to function as another user within the CMS.

Using the credentials

I'll demonstrate how to utilize these credentials using Postman to retrieve a JWT token for subsequent API calls. To obtain a Bearer Auth Token, a GET call needs to be made to the designated URL:

https://app-xxxprod.cms.optimizely.com/_cms/v0.5/oauth/token

Sending the required parameters along with the request, including grant_type, client_id, client_secret, and optionally act_as, will result in the generation of a token for future requests. Notably, this token expires automatically after 300 seconds.

Example: 

Authorisation to API using the Bearer Token

With the Bearer Token generated, subsequent API requests can now be authenticated by passing this token as the "Authorization" Header parameter.

Example:

Content Definitions API

Now armed with the bearer token, we can interact with the Content and Definitions API. The first API we explore is the Content Definitions API. Detailed API reference can be found here.

Get Content Types

A simple GET request to the following URL provides a list of all content types within the CMS:

https://app-xxxprod.cms.optimizely.com/_cms/v0.5/contenttypes

Example: 

To only get the details of a certain known type we pass in the definition name (key) to the URL:

https://app- xxxprod.cms.optimizely.com/_cms/v0.5/contenttypes/articlepage

Create Content Type

To create a content type, a POST request is made to the same URL, passing in the necessary parameters.

Example: 

Content {Delivery} API

The API reference to the Content API can be found here : Create content (optimizely.com)

Get Content

To retrieve a content item, a GET request is made to the designated URL, using the Guid of the page as the key. The key is in a UUID format so should not include any dashes e.g. 115988243510434482925671c3ee601a

https://app- xxxprod.cms.optimizely.com/_cms/v0.5/content/{key}

Example: 

Conclusion

As you can see its very easy to interact with the API’s and retrieve the relevant information you may need, as well as programmatically being able to create Content Models and Instances of these models. Its great to see this has all been included from the get go and provides a lot of scope to decide on how we manage the content definition creation process.

Mar 06, 2024

Comments

Andrew Markham
Andrew Markham Mar 7, 2024 08:29 AM

Hi Minesh,

I looked at the SaaS version of the Content Delivery API earlier in the year and whilst it worked really well, I did feel that in some areas it was difficult to use.  It wasn't possible to query the content to find the site root, or a specific content item which I felt is required to make the API really useful, e.g. being able to upload blog items to a specific parent item within the site.

I also found it wasn't possible to upload media (images, etc) with this API.

Have these features been added, or did you run into the same issues?

Minesh Shah (Netcel)
Minesh Shah (Netcel) Mar 7, 2024 03:54 PM

Hey @Andy thanks for the comment, in regards of being able to query for content against anything else barring the Site Guid is not currently possible although I believe this is in the wider plan and should be ready for for GA (This assumption is based on feedback from Optimizely). E.g. being able to use a Path or Page name as the key (Something that is unique - So maybe not Page Name) 

In regards of being able to upload media or other assets using the API I have not yet tried this, but will investigate further on this topic

Please login to comment.
Latest blogs
The A/A Test: What You Need to Know

Sure, we all know what an A/B test can do. But what is an A/A test? How is it different? With an A/B test, we know that we can take a webpage (our...

Lindsey Rogers | Apr 15, 2024

.Net Core Timezone ID's Windows vs Linux

Hey all, First post here and I would like to talk about Timezone ID's and How Windows and Linux systems use different IDs. We currently run a .NET...

sheider | Apr 15, 2024

What's new in Language Manager 5.3.0

In Language Manager (LM) version 5.2.0, we added an option in appsettings.json called TranslateOrCopyContentAreaChildrenBlockForTypes . It does...

Quoc Anh Nguyen | Apr 15, 2024

Optimizely Search & Navigation: Boosting in Unified Search

In the Optimizely Search & Navigation admin view, administrators can set a certain weight of different properties (title, content, summary, or...

Tung Tran | Apr 15, 2024