Magnolia is an enterprise content management system. This means that a typical Magnolia site has many users in many roles, working together. An editor may use Magnolia daily, whereas an administrator may access it sporadically. The default roles, groups and users that ship with Magnolia are set up to reflect this reality. An editor has permissions to view and edit the website. An editor can also create new pages and submit changes to a review process. A publisher has permission to view the content and approve the publication, and so on.
Use the Security app to see permissions on workspaces and pages.
Base role for public, unauthenticated users.
On most systems, the rights and permissions of the anonymous role differ between author and public instances: allow read access to all on the public instance, while deny the same on the author instance. That is why you should not activate that role.
|Full access to everything.|
Base role denying to certain system pages.
|REST administrator role granting GET/POST permissions to all Magnolia's REST APIs.|
|REST editor role granting GET/POST permissions to REST services APIs (nodes, properties), for a limited set of workspaces.|
|REST Anonymous Consumer granting GET permissions to Magnolia's content delivery REST API.|
|Base role allowing users to access REST services.|
Base role allowing users to read and generate images.
Base role allowing users to use the
|Base role allowing users to use |
Base role allowing users to user the
Base role allowing users to read contacts information.
|Base role allowing users to use the |
|Allows editing content.|
|Allows publishing content.|
Base role allowing users to read
Base role allowing users to read categorization information.
Base role allowing users to read stories.
|Travel demo registered public users. Allows users to access the members' area.|
|Example role for the travel demo. Gives read access to some basic workspaces needed by all users.|
|Example editor role for the travel-demo project.|
|Example publisher role for the travel-demo project.|
|Example role to enable access to AdminCentral for the travel-demo project.|
|Example role who can only edit tours and tour categories for the travel-demo project.|
The purpose of groups is to define settings for a group of users, as opposed to individual users. Users with similar privileges are assigned to appropriate groups. Permissions that apply to a group are inherited by its users.
|Sample group created by the workflow module that allows editing and submission to |
|Sample group created by the workflow module that allows publication after submission from |
A sample public users group for travel-demo.
A sample editors group for travel-demo.
A sample publishers group for travel-demo.
A sample travel editor group for travel-demo.
|Default group for developers using Magnolia Cloud. Assigned to the |
|Default group for Magnolia Cloud subscription package owners. Assigned to the |
|Default group for support staff using Magnolia Cloud. Assigned to the |
User settings define the login credentials as well as certain personal settings that identify individuals accessing Magnolia. Users inherit permissions from the roles they belong to, either directly or through groups.
Unauthenticated, public users access the websites using this account.
User assigned unlimited access permissions.
The following sample users are included in the standard installation.
Sample travel demo editor
Sample German travel demo editor
Sample travel demo publisher
Sample travel demo tour editor