The Content Delivery API can be configured by working with an instance of ContentApiOptions. This topic mainly presents how to customize the default configurations for ContentDeliveryApi.
In this topic
- ContentApiOptions
- ContentSearchApiOptions
- Map RequiredRole to group roles
- Default HttpConfiguration
- OAuth configuration
ContentApiOptions
To change the default values of ContentApiOptions:
- Create a new class inheriting IConfigurableModule and give it a name, for example: ExtendedContentApiCmsInitialization.
- Decorate the class with [ModuleDependency(typeof(ContentApiCmsInitialization))]
- Within the ConfigureContainer function, change the default values for ContentApiOptions.
Map RequiredRole to group roles
By default, Content Delivery API sets the value contentapiread for RequiredRole in ContentApiOptions, and maps it to the group roles: WebEditors, Administrators, and WebAdmins. Content Delivery API lets you change default values for mapped group roles by adding a virtual role in web.config.
Config sample
<virtualRoles addClaims="true">
<providers>
<add name="contentapiread"
type="EPiServer.Security.MappedRole, EPiServer.Framework"
roles="YourGroup01, YourGroup02, WebEditors"
mode="Any" />
</providers>
</virtualRoles>
Default HttpConfiguration
To enable web api, EPiServer.ContentDeliveryApi.Cms and EPiServer.ContentDelivery.Search need to set up some default values for HttpConfiguration and most importantly, call (HttpConfiguration)config.MapHttpAttributeRoutes(). If the site has done this before, you can disable those setups by adding theses two lines in appSettings.
- Disable settings from ContentDeliveryApi.Cms:
<add key="episerver:contentdelivery:maphttpattributeroutes" value="false" />
- Disable settings from ContentDeliveryApi.Search:
<add key="episerver:contentdeliverysearch:maphttpattributeroutes" value="false" />
Note: If the site installs both cms and search packages, and does not use any kind of service API, one of two lines above should be added to appSettings. This prevents (HttpConfiguration)config.MapHttpAttributeRoutes() from being called twice, which otherwise causes an exception.
OAuth configuration
If you need to use the EPiServer.ContentDeliveryApi.OAuth package, add this line in the Configuration function in Startup.cs, preferably at the end of the function.
app.UseContentApiIdentityOAuthAuthorization<ApplicationUserManager<ApplicationUser>, ApplicationUser>(new ContentApiOAuthOptions()
{
RequireSsl = false,
AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(41),
RefreshTokenExpireTimeSpan = TimeSpan.FromDays(14),
TokenEndpointPath = "your path" // by default, if not configured, its value is /api/episerver/auth/token
});
You can use the default implementation of CMS UI for both ApplicationUserManager and ApplicationUser. You can see the sample configuration in the Startup.cs in the Alloy sample site for Content Delivery API.
Last updated: Mar 02, 2022