Secure Public URLs of Assets

Contentstack lets you secure asset URLs and restrict public access. If your asset URLs are secured, unauthorized users cannot access the assets by URL alone.

How to access assets whose public URLs are secured

You need to append the delivery token and the environment name to the asset URL to access assets whose URLs are secured.

Examples:

https://assets.contentstack.io/v3/assets/stack_uid/asset_uid/asset_version_id/asset_file_of_pdf.pdf?access_token={delivery_token}&environment={environment_name}

https://images.contentstack.io/v3/assets/stack_uid/asset_uid/asset_version_id/image_file_name.jpeg?access_token={delivery_token}&environment={environment_name}

Impact of securing asset URLs

If asset URLs are secured for your stack, the JSON Rich Text Editor, Rich Text Editor (RTE), and Markdown fields will not have the provision to insert assets or images.

If you want to display assets in Rich Text and Markdown editors, you need to manually append the authentication parameters to the asset URLs used in these editors. This is however not recommended.

Another impact is that the Overlay parameter of the Image Delivery API will not work for assets whose URLs are secured.

How to secure asset URLs for my stack

To secure asset URLs of your stack, send in a request to our support team at support@contentstack.com.

Note: Asset privatization works for all assets in a stack. You can download assets via the Contentstack app just by logging in.