You will find the "access" page by going to Settings > Project > Access (page). From here, you will be able to manage access to your project, through API keys, custom security templates or OAuth2.
Loading...
Loading...
Loading...
OAuth2 allows external websites or applications to access resources hosted by Hub on behalf of a user.
OAuth2 authentication is a more secure and complex authentication method that allows users to grant limited access to their resources without exposing their credentials.
Only users with admin or owner levels (roles) have access to the OAuth2 page in Settings
OAuth 2 login URL
Read only input field which providing a link to Hub OAuth2 login page and could be used on external website.
Service Name
Input field to add name of the service which will appears on OAuth2 login page.
Communication Type
Section where the communication type can be selected to define how the Hub will interact (sending session data) with an external section. There are two options:
Post message - a common way for OAuth2 login when data is sent by window.opener.postMessage(JSON.stringify(data))
Redirect - communication type to send session_uuid in URL via redirect (e.g. https://redirect.com/oauth2/success?session_uuid=…)
Example
Section to simplify integration
Code block content is different based on selected Communication type (Post message|Redirect)
Manage API keys for headless applications
API keys allow to call of the Scaleflex DAM file management API and are suited for backend or headless applications where no user context is needed and where the key is not exposed to the browser
Authentication against the Scaleflex API is done with an API Secret Key, available under Settings > Project > Access (page) > API keys (tab).
New API keys can be created with the +Add key button. On click, the user will be requested to:
Enter the API key description so it can be easily identified
Select the permissions to be attached with the API key (multi-selection from the permissions list) -- these define what the user will be able to do with the assets
| API Permission | Description |
|---|---|
Existing API keys can be managed individually or in bulk for status (Active <> Deactivate). The following settings can be edited:
| Setting | Description |
|---|---|
OBJECTS_LIST
List assets
OBJECTS_FETCH
Fetch assets
FILE_UPLOAD
Upload file
FILE_META_CREATE
Create file metadata
FILE_META_CHANGE
Update file metadata
FILE_RENAME
Rename file
FILE_MOVE
Move file
FILE_DELETE
Delete file
FILE_SET_VISIBILITY
Set file visibility
FILE_LABEL_CHANGE
Update file labels
FILE_IMAGE_EDITOR
Edit file
DIR_CREATE
Create directory
DIR_RENAME
Rename directory
DIR_META_CHANGE
Create and update directory metadata
DIR_MOVE
Move directory
DIR_DELETE
Delete directory
DIR_SET_VISIBILITY
Set dir visibility
CONFIG_CHANGE
Change container configuration
CONFIG_LIST
List container configuration
FILE_PRODUCT_CHANGE
Change product information
FILE_PROCESS_AUTOTAGGING
Perform autotagging
COLLECTIONS_LIST
List collections
COLLECTIONS_MANAGE
Manage collections
LABELS_LIST
View labels
LABEL_MANAGE
Manage labels
OBJECTS_SHARE_MANAGE
Manage sharebox
OBJECTS_AIRBOX_MANAGE
Manage airbox
OBJECTS_APPROVAL_MANAGE
Manage approval
OBJECTS_APPROVAL_VOTE
Approve/Reject assets
ACCESS_READ
View accesses
ACCESS_MANAGE
Manage accesses
Description
To identify the API keys
Secret key
The API key value. To be kept secret
Created at
The API key creation date
Active
The API key status that can be toggled from activated to deactivated using the ... options
Note: If used, deactivated API keys will return an error
Copy
Copy the secret key in the clipboard for easy integration
Security templates are used to generate API access keys (temporary keys with configurable permissions & restrictions)
The Security Templates are accessible from Settings > Project > Access (page) > Security template (tab).
Security Templates can be created with the +Add Template button by entering the following informations
Used to identify the security template
Used to define what users can / can't do with the assets. Permissions are selected from the list:
| API Permission | Description |
|---|---|
These settings set limits on the Upload API.
Restrict IP limitation
It restricts API calls based on IP address ranges and/or countries.
This setting allows to set the validity period of the key, for example to match the user's session length in your authenticated application
Directories where the key is allowed to list elements.
Existing API keys can be managed individually or in bulk for status (Active <> Deactivate):
| Setting | Description | Default |
|---|---|---|
| Setting | Description | Default |
|---|---|---|
| Setting | Description | Default |
|---|---|---|
| Setting | Description | Default |
|---|---|---|
| User level | Description |
|---|---|
OBJECTS_LIST
List assets
OBJECTS_FETCH
Fetch assets
FILE_UPLOAD
Upload file
FILE_META_CREATE
Create file metadata
FILE_META_CHANGE
Update file metadata
FILE_RENAME
Rename file
FILE_MOVE
Move file
FILE_DELETE
Delete file
FILE_SET_VISIBILITY
Set file visibility
FILE_LABEL_CHANGE
Update file labels
FILE_IMAGE_EDITOR
Edit file
DIR_CREATE
Create directory
DIR_RENAME
Rename directory
DIR_META_CHANGE
Create and update directory metadata
DIR_MOVE
Move directory
DIR_DELETE
Delete directory
DIR_SET_VISIBILITY
Set directory visibility
CONFIG_CHANGE
Change container configuration
CONFIG_LIST
List container configuration
FILE_PRODUCT_CHANGE
Change product information
FILE_PROCESS_AUTOTAGGING
Perform autotagging
COLLECTIONS_LIST
List collections
COLLECTIONS_MANAGE
Manage collections
LABELS_LIST
View labels
LABEL_MANAGE
Manage labels
OBJECTS_SHARE_MANAGE
Manage sharebox
OBJECTS_AIRBOX_MANAGE
Manage airbox
OBJECTS_APPROVAL_MANAGE
Manage approval
OBJECTS_APPROVAL_VOTE
Approve/Reject assets
ACCESS_READ
View accesses
ACCESS_MANAGE
Manage accesses
Limit per min (limit_per_min)
Set the maximum uploads per minute with the key
Unlimited
Limit per source IP (limit_per_source_ip)
Maximum number of uploads allowed by IP by the key
Unlimited
Directory scope (dir_scope)
Directories where the key is allowed to upload. If you want to allow all subdirectories of /folder, set the value to /folder/*
All directories
Whitelist IP ranges (whitelist_ip_ranges)
IP addresses allowed to perform requests using this SecurityTemplate
No restrictions
Whitelist countries (whitelist_countries)
If the IP address is detected to come from these countries, they are allowed to make requests to the system
All countries are allowed
expiration_duration
time in second before the key expires
1200 s (20 minutes)
directory_scope
Directories where the key is allowed to list and search assets. If you want to allow all subdirectories of /folder, set the value to /folder/*
All directories
Description
To identify the Security template
Secret key
The Security Template value. To be kept secret
Created at
The Security Template creation date
Scope
Used to limit the scope. Value "project" by default.
Active
The Security template status that can be toggled from activated to deactivated using the ... options
Copy
Copy the secret key in the clipboard for easy reuse