Make sure only your users have rights to edit emails in your application. Enable operation permissions checker to prevent third-party people from pretending to be who they are not!

This means that Stripo plugin will not perform any server side operation (load/save/update...) without permissions from your end. 

When choosing Permissions Checker API option, you have to fill out the form to establish connection with your back-end. This is a description of the form fields with specifications regarding what information you will need to provide:

The Basic Authentication is used to send these requests.

To enable this feature, you need to implement this back-end endpoint on your end.

{
    "POST": "/",
    "Host": "YOUR_PERMISSIONS_CHECKER_URL",
    "Content-Type": "application/json",
    "Accept": "application/json",
    "Body": {
        "pluginId": "YOUR_PLUGIN_ID",
        "uiData": {
            "emailId": "123",
            "someAnotherIdentifier": "456",
            ...
        },
        "requestPermissions":
        [
            {
                "type": "BLOCKS",
                "action": "READ",
                "key": "pluginId_YOUR_PLUGIN_ID_emailId_123_id_456",
                "keyTemplate": "emailId_${emailId}_id_${someAnotherIdentifier}"
            },
            ...
        ]
    },
    "Response": {
        "grantPermissions": [
            {
                "type": "BLOCKS",
                "action": "READ",
                "key": "pluginId_YOUR_PLUGIN_ID_emailId_123_id_456",
                "keyTemplate": "emailId_${emailId}_id_${someAnotherIdentifier}"
            },
            ...
        ]
    }
}

If you still have any questions please feel free to contact us on support@stripo.email

Did this answer your question?