Make sure only your users have rights to edit emails in your application. Enable operation permissions checker to prevent third-party people from pretending to be who they are not!
This means that Stripo plugin will not perform any server side operation (load/save/update...) without permissions from your end.
When choosing Permissions Checker API option, you have to fill out the form to establish connection with your back-end. This is a description of the form fields with specifications regarding what information you will need to provide:
The Basic Authentication is used to send these requests.
To enable this feature, you need to implement this back-end endpoint on your end.
{
"POST": "/",
"Host": "YOUR_PERMISSIONS_CHECKER_URL",
"Content-Type": "application/json",
"Accept": "application/json",
"Body": {
"pluginId": "YOUR_PLUGIN_ID",
"uiData": {
"emailId": "123",
"someAnotherIdentifier": "456",
...
},
"requestPermissions":
[
{
"type": "BLOCKS",
"action": "READ",
"key": "pluginId_YOUR_PLUGIN_ID_emailId_123_id_456",
"keyTemplate": "emailId_${emailId}_id_${someAnotherIdentifier}"
},
...
]
},
"Response": {
"grantPermissions": [
{
"type": "BLOCKS",
"action": "READ",
"key": "pluginId_YOUR_PLUGIN_ID_emailId_123_id_456",
"keyTemplate": "emailId_${emailId}_id_${someAnotherIdentifier}"
},
...
]
}
}
If you still have any questions please feel free to contact us on support@stripo.email