Settings - REST
On this tab, you can adjust settings related to Kentico REST service. The following settings can be adjusted:
General |
|
Service enabled |
Enables or disables the Kentico REST service. See Configuring the REST service. |
Service enabled for |
Choose if the REST service allows access to objects, documents, or both. |
Authentication type |
Determines which type of authentication the REST service uses. Supported types are Basic and Forms authentication. See Authenticating REST requests. Note: You can authenticate REST requests using the hash query string parameter in both modes. |
Always check document security |
If disabled, security is not checked when accessing published versions of documents. If enabled, security is always checked. |
Document access is read only |
If enabled, the REST service only allows GET requests for documents (documents cannot be modified). |
Object access is read only |
If enabled, the REST service only allows GET requests for objects (objects cannot be modified). |
Allowed document types |
Specifies a list of document types that the REST service is allowed to access. Enter the names of document types separated by semicolons. If empty, all document types are allowed. |
Allowed object types |
Specifies a list of objects types that the REST service is allowed to access. Enter the names of document types separated by semicolons. If empty, all object types are allowed. |
Generate authentication hash for URL |
Click the button to generate an authentication hash for specific REST URLs. Enter the full absolute URL of the REST request, including the protocol, website domain name, virtual directory, REST path, and query string parameters. For example: http://mywebsite.com/rest/content/currentsite/en-us/all/news?format=json The system adds the authentication hash parameter to the URL. You can copy the URL and use it to perform the REST request without any other type of authentication. Restrictions:
|
Default encoding |
Sets the character encoding that the REST service uses for requests that do not contain a supported Accept-Charset header. |
Allow sensitive fields for administrators |
If enabled, REST requests authenticated using the credentials of users with the Global administrator privilege level are allowed to work with data fields that contain sensitive information (for example fields related to passwords). Requests authenticated under non-administrator users can NEVER access sensitive fields, regardless of this setting’s value. |