This approach enables teams to model their organizational structures and business logic, and makes it possible to restrict visibility and access as required. Teams are now able to create custom roles for internal and external users, and tokens, to give more control over who has access to what content and their ability to interact with that content. Using custom roles and permissions, teams’ GraphCMS projects can be even more flexible and a broader range of use cases are now possible.
Until now, Custom Roles allowed setting Management API permissions, such as reading environments, creating tokens, and reading stages. With this new rollout, permissions can be set for the Content API, allowing more flexibility in defining who is permitted to perform which action within a GraphCMS project.
GraphCMS users get a set of system roles out of the box to help get their project off the ground faster. These options include:
Owner: Admin + Ability to change billing and to delete projects
Admin: Developer + Ability to manage teams and create, update projects.
Developer: Editor + Ability to create, update and delete models and enums.
Editor: Contributor + Ability to delete content.
Contributor: Ability to create and update content.
To create and update custom roles, a user must have Management API permissions to create new roles and update existing roles. Owners and Admins of a project have this permission set by default.