In this topic
Install the EPiServer.ContentManagementApi NuGet package from the Episerver NuGet feed (https://nuget.episerver.com/feed/packages.svc/).
The Content Management API (CMA) uses claimed-based authorization, and both OAuth and Bearer Tokens can be used to authorize the requests. In order to use OAuth, you need to install the EPiServer.ContentDeliveryApi.OAuth package. See section OAuth section in the Configuration topic in the Content Delivery API developer guide.
Currently, the OAuth package does not support scope so if Episerver OAuth is used, this feature should be disabled (see Configuration). In case an external authorization server is used and it supports Scope claim, the Episerver application can use the feature. You then need to have at least one of the configured allowed scopes in order to call the API endpoints. Default scope is epi_content_management and the value can be configured at initialization time (see Configuration).
The required role must be assigned to content (choose Read as the screenshot below) in order for Content Management API to be able to access content. This is the same as ContentApiRead in Content Delivery API. The default required role is ContentApiWrite. We can configure this value at initialization time (see Configuration for more details).
Response JSON includes property type information by default, but this can be configured by changing the "flatten" setting in the API configuration.
Default flatten setting is false (which is in line with Content Delivery API) . If the value is true, only property value is returned (see Deserialization for more details).
To enable web API, EPiServer.ContentManagementApi needs to set up some default values for HttpConfiguration and most importantly, call (HttpConfiguration)config.MapHttpAttributeRoutes(). If the site has done this before, you can disable this setup by adding the following line in app settings:
<add key="episerver:contentmanagementapi:maphttpattributeroutes" value="false"/>
Last updated: Apr 20, 2021