Appearance
Permissions and Access Management
Permissions and Access Management allows you to define what actions each user can perform in the Stripo Plugin editor.
This ensures that only authorized users can view or modify emails, modules, or related resources.
All permissions are managed on your backend — the Stripo Plugin enforces them automatically.
How it works
Enable the User Permissions API in your Stripo Plugin account: Plugin → Server Settings → User Permissions API.
Provide your backend endpoint URL and Basic Authentication credentials.
When the editor is initialized, Stripo will call your endpoint with the
ES‑PLUGIN‑UI‑DATA
header, which contains themetadata
you passed in the plugin initialization script.Your backend must respond with a JSON object that specifies which actions are allowed for this user.
Based on the response, the Stripo editor will enable or disable features accordingly.
Response format
json
{
"codeEditor": {
"read": true,
"write": false
},
"appearance": {
"read": true,
"write": false
},
"content": {
"read": true,
"write": false,
"textOnly": false
},
"modules": {
"read": true,
"write": false
},
"versionHistory": {
"read": true,
"write": false
}
}
Permissions reference
The response object supports the following permission groups and actions:
Permission | Action | Description |
---|---|---|
codeEditor | read | Allows the user to open and view the HTML code editor. |
write | Allows the user to edit and save changes in the HTML code editor. | |
appearance | read | Allows viewing appearance settings (fonts, colors, styles). |
write | Allows modifying and saving appearance settings. | |
content | read | Allows opening and viewing template content. |
write | Allows modifying content (adding/removing blocks, changing layout, etc.). | |
textOnly | Allows editing only text values without changing layout or design. | |
modules | read | Allows browsing and inserting custom/saved modules. |
write | Allows creating, updating, or deleting modules. | |
versionHistory | read | Allows viewing the template version history. |
write | Allows restoring the versions. |
Example scenarios
- Full editing
Grantread: true
andwrite: true
in all permissions. - Read-only access
Grantread: true
and set allwrite: false
. - Text-only editing
Grantcontent.read: true
andcontent.textOnly: true
, withcontent.write: false
.
API Reference
For details on the request/response format, see User Permissions API → GET
method.