Version: Edit on GitHub

Security Settings


Defines how users are authenticated when accessing the endpoint.

Supported Methods

  • API Key: needs to be sent with every request.
  • ... more to come

Workspace Settings

Defines workspaces for data that should be accessible via the endpoint. The definition is similar to Pimcore user workspace permissions

Available permissions:

  • Create
  • Read
  • Update
  • Delete


Error Handling - Configuration Values

The default behavior for associated/related objects, documents or assets that are not visible for the endpoint is, to simply null it out.

You can change that via a configuration setting in symfony configuration tree:

  • 1 = the entire query will fail
  • 2 = null it out/skip it for multi-relations (default)
        not_allowed_policy: 2

It is also possible to disable the permission checks entirely by setting the configuration option in the security definition tab.