This section describes how security is mapped between Digizuite and Episerver.
Introduction
The API connection to the DAM is running the secure protocol (HTTPS). The username and password is what provides Optimizely access to the DAM web services. If the user requires additional security, there are different possibilities to choose between, for example:
- configuring IP restrictions on the communications between Optimizely and the DAM
- limiting the Optimizely user in the DAMto DAM to only access content published to the Optimizely channel.
Roles
In the configuration there is a mapping of DAM roles and Optimizely roles. When a DAM asset metadata is returned to Optimizely , there happens a real-time mapping of access rights. It means that only Optimizely users with read access to the asset can see it (typically everyone), and only Optimizely users with write access can edit metadata and upload new assets (typically editors)
- .