Frontend API Restrictions
Enable access to various frontend API endpoints and individually configure user permissions and access rules.
Misc APIs
This section provides access to frontend APIs not relating to modules (which have their own separate permissions).
Google Analytics Report
These settings allow you to enable/disable access to the Google Analytics API data for frontend users and to control the type of users that can access it.
Logged in users (default)
Specifies that the user needs to be logged in to perform this action.
Users from the following secure zones
Specifies that the user needs to be logged in to one of the selected secure zones to perform this action.
Admin Users
Specifies that the logged in user needs to be of an 'Admin User' role in the CRM to perform this action.
Secure Zone Subscribers Analytics
These settings allow you to enable/disable access to the Secure Zone Subscribers API data for frontend users and to control the type of users that can access it.
Logged in users (default)
Specifies that the user needs to be logged in to perform this action.
Users from the following secure zones
Specifies that the user needs to be logged in to one of the selected secure zones to perform this action.
Admin Users
Specifies that the logged in user needs to be of an 'Admin User' role in the CRM to perform this action.
Module APIs
For frontend site users, permissions can be set to control how they can interact with the frontend APIs used for creating and/or modifying module items.
Each of your site's modules will be listed here, of which the following settings are available when clicking on the pencil icon ().
For ease of finding the appropriate module, a search field is available for the list of items.
Create Module Item
The following options relate specifically to the 'Create Module Item' action.
Workflow
The workflow notification/s that will be triggered upon a user taking this action.
Multiple workflows can be selected and will all be triggered at the same time.
Autoresponder
The autoresponder is an email sent out to the user after the form has been submitted from the front-end of the website.
Determines who's email address to use for delivery of the autoresponder email.
Form sender
Use the email address of the user submitting the form.
Item owner
Use the email address of the assigned module item's owner.
Sender and owner
Use both email addresses of the user submitting the form and module item's owner.
If the autoresponder relates to the 'Create Module Item' action, both 'form sender' and 'item owner' will be the same. Therefore, all options will result in the same autoresponder delivery.
The display name used for the email sender.
This field supports Liquid which can be used to insert dynamic content such as member details, form submission details or even data from other modules.
If using a non-verified email domain you’ll see a warning message and icon (). For more info on Email Domain verification see here.
The subject line used for the autoresponder email.
This field supports Liquid which can be used to insert dynamic content such as member details, form submission details or even data from other modules.
The content of your autoresponder email.
This field supports Liquid which can be used to insert dynamic content such as member details, form submission details or even data from other modules.
API Restrictions
Here you can allow website users to submit, or otherwise manipulate, the Module's items from the front-end of the website. Furthermore, these options allow you to control the permissions those users have.
Logged in users (default)
Specifies that the user needs to be logged in to perform this action.
Users from the following secure zones
Specifies that the user needs to be logged in to one of the selected secure zones to perform this action.
Admin Users
Specifies that the logged in user needs to be of an 'Admin User' role in the CRM to perform this action.
To facilitate module item editing from the front-end you’ll need to add the ‘Create/Update/Delete Item’ form/s (found in the Components Manager) to your layouts or pages, or otherwise pass the required item data to the API endpoints.
Update Module Item
The following options relate specifically to the 'Update Module Item' action.
Workflow
The workflow notification/s that will be triggered upon a user taking this action.
Multiple workflows can be selected and will all be triggered at the same time.
Autoresponder
The autoresponder is an email sent out to the user after the form has been submitted from the front-end of the website.
Determines who's email address to use for delivery of the autoresponder email.
Form sender
Use the email address of the user submitting the form.
Item owner
Use the email address of the assigned module item's owner.
Sender and owner
Use both email addresses of the user submitting the form and module item's owner.
If the autoresponder relates to the 'Create Module Item' action, both 'form sender' and 'item owner' will be the same. Therefore, all options will result in the same autoresponder delivery.
The display name used for the email sender.
This field supports Liquid which can be used to insert dynamic content such as member details, form submission details or even data from other modules.
If using a non-verified email domain you’ll see a warning message and icon (). For more info on Email Domain verification see here.
The subject line used for the autoresponder email.
This field supports Liquid which can be used to insert dynamic content such as member details, form submission details or even data from other modules.
The content of your autoresponder email.
This field supports Liquid which can be used to insert dynamic content such as member details, form submission details or even data from other modules.
API Restrictions
Here you can allow website users to submit, or otherwise manipulate, the Module's items from the front-end of the website. Furthermore, these options allow you to control the permissions those users have.
Logged in users (default)
Specifies that the user needs to be logged in to perform this action.
Users from the following secure zones
Specifies that the user needs to be logged in to one of the selected secure zones to perform this action.
Admin Users
Specifies that the logged in user needs to be of an 'Admin User' role in the CRM to perform this action.
Only Owner allowed (default)
Restricts this action to only the item's owner.
Anyone allowed
Permits this action for any user regardless of the item's ownership.
The above 'Allowed to the Following Type of User' permission is used in conjunction with this option. eg: If you've selected a specific Secure Zone required for the types of users and selected only the owner can update, the owner must also belong to the selected secure zone to have permission to access the endpoint.
To facilitate module item editing from the front-end you’ll need to add the ‘Create/Update/Delete Item’ form/s (found in the Components Manager) to your layouts or pages, or otherwise pass the required item data to the API endpoints.
Delete Module Item
The following options relate specifically to the 'Delete Module Item' action.
Workflow
The workflow notification/s that will be triggered upon a user taking this action.
Multiple workflows can be selected and will all be triggered at the same time.
Autoresponder
The autoresponder is an email sent out to the user after the form has been submitted from the front-end of the website.
Determines who's email address to use for delivery of the autoresponder email.
Form sender
Use the email address of the user submitting the form.
Item owner
Use the email address of the assigned module item's owner.
Sender and owner
Use both email addresses of the user submitting the form and module item's owner.
If the autoresponder relates to the 'Create Module Item' action, both 'form sender' and 'item owner' will be the same. Therefore, all options will result in the same autoresponder delivery.
The display name used for the email sender.
This field supports Liquid which can be used to insert dynamic content such as member details, form submission details or even data from other modules.
If using a non-verified email domain you’ll see a warning message and icon (). For more info on Email Domain verification see here.
The subject line used for the autoresponder email.
This field supports Liquid which can be used to insert dynamic content such as member details, form submission details or even data from other modules.
The content of your autoresponder email.
This field supports Liquid which can be used to insert dynamic content such as member details, form submission details or even data from other modules.
API Restrictions
Here you can allow website users to submit, or otherwise manipulate, the Module's items from the front-end of the website. Furthermore, these options allow you to control the permissions those users have.
Logged in users (default)
Specifies that the user needs to be logged in to perform this action.
Users from the following secure zones
Specifies that the user needs to be logged in to one of the selected secure zones to perform this action.
Admin Users
Specifies that the logged in user needs to be of an 'Admin User' role in the CRM to perform this action.
Only Owner allowed (default)
Restricts this action to only the item's owner.
Anyone allowed
Permits this action for any user regardless of the item's ownership.
The above 'Allowed to the Following Type of User' permission is used in conjunction with this option. eg: If you've selected a specific Secure Zone required for the types of users and selected only the owner can update, the owner must also belong to the selected secure zone to have permission to access the endpoint.
To facilitate module item editing from the front-end you’ll need to add the ‘Create/Update/Delete Item’ form/s (found in the Components Manager) to your layouts or pages, or otherwise pass the required item data to the API endpoints.
Update Draft Module Item
The following options relate specifically to the 'Update Draft Module Item' action.
Workflow
The workflow notification/s that will be triggered upon a user taking this action.
Multiple workflows can be selected and will all be triggered at the same time.
Autoresponder
The autoresponder is an email sent out to the user after the form has been submitted from the front-end of the website.
Determines who's email address to use for delivery of the autoresponder email.
Form sender
Use the email address of the user submitting the form.
Item owner
Use the email address of the assigned module item's owner.
Sender and owner
Use both email addresses of the user submitting the form and module item's owner.
If the autoresponder relates to the 'Create Module Item' action, both 'form sender' and 'item owner' will be the same. Therefore, all options will result in the same autoresponder delivery.
The display name used for the email sender.
This field supports Liquid which can be used to insert dynamic content such as member details, form submission details or even data from other modules.
If using a non-verified email domain you’ll see a warning message and icon (). For more info on Email Domain verification see here.
The subject line used for the autoresponder email.
This field supports Liquid which can be used to insert dynamic content such as member details, form submission details or even data from other modules.
The content of your autoresponder email.
This field supports Liquid which can be used to insert dynamic content such as member details, form submission details or even data from other modules.
API Restrictions
Here you can allow website users to submit, or otherwise manipulate, the Module's items from the front-end of the website. Furthermore, these options allow you to control the permissions those users have.
Logged in users (default)
Specifies that the user needs to be logged in to perform this action.
Users from the following secure zones
Specifies that the user needs to be logged in to one of the selected secure zones to perform this action.
Admin Users
Specifies that the logged in user needs to be of an 'Admin User' role in the CRM to perform this action.
Only Owner allowed (default)
Restricts this action to only the item's owner.
Anyone allowed
Permits this action for any user regardless of the item's ownership.
The above 'Allowed to the Following Type of User' permission is used in conjunction with this option. eg: If you've selected a specific Secure Zone required for the types of users and selected only the owner can update, the owner must also belong to the selected secure zone to have permission to access the endpoint.
To facilitate module item editing from the front-end you’ll need to add the ‘Create/Update/Delete Item’ form/s (found in the Components Manager) to your layouts or pages, or otherwise pass the required item data to the API endpoints.
Publish Draft Module Item
The following options relate specifically to the 'Publish Draft Module Item' action.
Workflow
The workflow notification/s that will be triggered upon a user taking this action.
Multiple workflows can be selected and will all be triggered at the same time.
Autoresponder
The autoresponder is an email sent out to the user after the form has been submitted from the front-end of the website.
Determines who's email address to use for delivery of the autoresponder email.
Form sender
Use the email address of the user submitting the form.
Item owner
Use the email address of the assigned module item's owner.
Sender and owner
Use both email addresses of the user submitting the form and module item's owner.
If the autoresponder relates to the 'Create Module Item' action, both 'form sender' and 'item owner' will be the same. Therefore, all options will result in the same autoresponder delivery.
The display name used for the email sender.
This field supports Liquid which can be used to insert dynamic content such as member details, form submission details or even data from other modules.
If using a non-verified email domain you’ll see a warning message and icon (). For more info on Email Domain verification see here.
The subject line used for the autoresponder email.
This field supports Liquid which can be used to insert dynamic content such as member details, form submission details or even data from other modules.
The content of your autoresponder email.
This field supports Liquid which can be used to insert dynamic content such as member details, form submission details or even data from other modules.
API Restrictions
Here you can allow website users to submit, or otherwise manipulate, the Module's items from the front-end of the website. Furthermore, these options allow you to control the permissions those users have.
Logged in users (default)
Specifies that the user needs to be logged in to perform this action.
Users from the following secure zones
Specifies that the user needs to be logged in to one of the selected secure zones to perform this action.
Admin Users
Specifies that the logged in user needs to be of an 'Admin User' role in the CRM to perform this action.
Only Owner allowed (default)
Restricts this action to only the item's owner.
Anyone allowed
Permits this action for any user regardless of the item's ownership.
The above 'Allowed to the Following Type of User' permission is used in conjunction with this option. eg: If you've selected a specific Secure Zone required for the types of users and selected only the owner can update, the owner must also belong to the selected secure zone to have permission to access the endpoint.
To facilitate module item editing from the front-end you’ll need to add the ‘Create/Update/Delete Item’ form/s (found in the Components Manager) to your layouts or pages, or otherwise pass the required item data to the API endpoints.
Admin User Roles
Access to these Frontend API Restrictions via the admin can also be controlled via Admin User Roles, allowing you to manage which Admin Users can view or edit these settings.
Related Articles
- Site Settings & Management
Domains
The WebinOne Domain settings allow you to control default domain, landing pages, domain authentication for system emails along with country and cultural settings like number and currency formatting. - Site Settings & Management
Site Globals
Site Globals, under ‘Settings’, is where you can set up customised data points for your... - Site Settings & Management
System Pages
System Pages, under 'Settings', is where you’ll find all those pages required by certain system... - Site Settings & Management
Payment Settings
Integrate various payment gateways, for multiple countries and currencies, into WebinOne for form payments, subscriptions and eCommerce workflows. - Site Settings & Management
Admin Users
Admin Users, found under ‘Settings’, is where you can control administrator access to your website management and content. - Site Settings & Management
Admin User Roles
Admin User Roles provide fine-grain control over permissions for users granted with admin access. - Site Settings & Management
Admin Menu Configurator
Customise the way admin users find and access site content and settings by configuring the admin menu with your own structure, labels, icons and links. - Site Settings & Management
URL Redirects
URL Redirects, found under ‘Settings’, enable you to set up 301 permanent redirects from a prior, or constructed, URL to another URL (within your domain/s). - Site Settings & Management
Sitemap.xml / Robots.txt
The Sitemap feature allows you to manage the sitemap.xml content, which lists your site’s important pages/items, their priority and last modified date, in XML format, for SEO and site indexing purposes. - Site Settings & Management
SEO
Configuring these settings will help search engines and accessibility systems better understand the context of your website. - Site Settings & Management
Misc Settings
These various site-wide settings allow you to further control and customise the way your website functions, both in the admin and on the front-end. - WebinOne Portal
Trial Sites
Trial Sites are your WebinOne development environments for starting new site projects, before you publish to a custom domain name. - WebinOne Portal
Live Sites
Live sites are your published WebinOne instances that have been activated, have commenced a billing subscription and/or have a custom domain name assigned to them. - About WebinOne
File System
Most of the content management related assets and files used in WebinOne are accessible in the file system either via the admin File Manager or via FTP. - About WebinOne
Trial Sites vs Live Sites
Site Performance & Resources Currently, there are no differences in performance or resources limits between... - OpenAPI (Admin)
Site Globals API
Create, Retrieve, Update and Delete Site Global Groups and their Properties via the public API endpoint using "where" filtering. - OpenAPI (Admin)
Categories API
Create, Retrieve, Update and Delete Categories via the public API endpoint using "where" filtering. - eCommerce
Settings
These various eCommerce settings allow you to further control and customise the way your website functions, both in the admin and on the front-end, in terms of eCommerce functionality. - Site Settings & Management
Empty Cache
Clear the server-side cache for generated ‘ImageProcessor’ images throughout the site. - Site Settings & Management
FTP access
WebinOne allows you to access site files through secure SFTP. In this article you will learn how to connect to your WebinOne website via SFTP as a reseller and/or admin user, as well as learn about WebinOne's file structure. - Website Templates
*Bikes - Website Templates
*Clothing Store - Website Templates
Coffee - Website Templates
*Coworking - Website Templates
Digital Agency - Extensions
Direct Billing
Allow your customer to pay WebinOne directly for their site plan from the admin, as well as activating the site and assign their primary domain name (if the site is still in Trial Site mode). - Website Templates
Furniture - Extensions
Granular White-labeling
An addition to the regular white-labeling feature, this extension provides branding controls on an individual site, allowing you to customise a site’s brand logo and login screen separately to your overall white-labeling settings. - Website Templates
*Hair Salon - Extensions
Import/Export of Modules
Quickly and easily replicate (or back-up) a complete Custom Module configuration via import/export, including; Settings, Properties, Layouts and Table setup. - Website Templates
Max - Extensions
Website Backup
Website Backup allows you to create and restore full site backups, including the site database, FTP files and admin configurations, from manual backups as well as a custom automatic schedule.
External Resources
There are currently no external resources available.
Please let us know if you have any other contributions or know of any helpful resources you'd like to see added here.
Questions?
We are always happy to help with any questions you may have.
Visit the Treepl Forum for community support and to search previously asked questions or send us a message at support@webinone.com and we will consult you as soon as possible.