Cloudinary Blog

DAM for Developers: Access Control

DAM for Developers: Access Control

In my last post, we spoke about AI-Based Content Analysis. Now, given the importance of security and privacy, authentication is at the heart of virtually all software. Access control is the layer on top of authentication that determines who can access what. Why is access control necessary? Because within most organizations nowadays is a multitude of digital assets stored in various folders, and functional teams need access to some of those assets to do their work even though their access to private assets must be restricted. Complexity arises as a result, especially during cross-functional collaboration among developers and other teams.

Cloudinary’s digital asset management (DAM) solution features built-in access-control modes. For example, to avoid inadvertent deletions of valid or relevant assets, Cloudinary retains deleted assets for at least 30 days and blocks access to private assets.

Webinar
Marketing Without Barriers Through Dynamic Asset Management

Access Control

Access control is a premium Cloudinary feature, currently available only to accounts with a custom plan or those accounts whose owners have explicitly requested enablement of access control.

Mode Setup

Once Cloudinary has enabled access control for your account, you can set up the modes for your assets from within your Media Library.

If an asset is restricted for access, as shown in the image above, no one can view it outside the Media Library—except those individuals who have both the asset’s URL and authentication token.

To change an asset’s access-control mode, click the asset and then the Summary tab for the Access control section, as shown in the image below:

Summary Tab of an Asset in Access-Control Mode

This dialog box then opens:

access control settings

Here, you can make the asset publicly available or restricted within a certain time frame. For example, you can specify the duration of the related project under Time-limited access to avoid assets being shared outside the company or team while the project is in progress.

To change the access-control mode for multiple assets, set up upload presets before uploading those assets with the Media Library’s upload widget. By default, the Upload Presets option is not available in the advanced options of the upload widget. Contact Cloudinary support to enable that option.

Authentication Tokens

An authentication token is an obfuscated alphanumeric code that ensures that the person requesting access to an asset through its URL has the permission to do so. Cloudinary DAM generates two types of tokens for access control:

  • The query parameter token, which is appended to an asset’s delivery URL.
  • The cookie token, which is downloaded to the user’s device for verification when the user accesses the asset through its URL.

Recall that you can access assets outside the Media Library only if you have both their URLs and authentication tokens.

Collections for Access Control

Collections are conceptual groupings of assets regardless of the latter’s folder structure. As an administrator or someone with owner permissions for a particular collection, you can perform the following tasks:

  • Create assets and add them to the collection
  • View the collection
  • Rename the collection
  • Delete the collection
  • Remove assets from the collection
  • Share the collection

See these two examples:

share folder

share collection dialog

As an administrator or owner of all collections, you can set up access-permission levels to control who can access which groups.

The sharing and permission-setup capabilities are available for multiple user accounts only, which are offered under Cloudinary’s advanced plan and other higher plans.

Next . . .

For more details on the access control-related tasks described in this post, see the related documentation. Stay tuned for my next post in the DAM for developers series about asset metadata.


Further Reading on Digital Asset Management

Recent Blog Posts

New Learning Pathways From the Cloudinary Academy

In December 2019, Cloudinary launched its customer education platform, the Cloudinary Academy, replete with courses taught by the company’s experts on developer-oriented products and digital asset management (DAM) solution. The courses comprise interactive lessons and hands-on assignments, a proven way of familiarizing the audience with the course material and illustrating it with live examples.

Read more
Maya Shavin: How I Built My Website

Besides working as a senior front-end developer at Cloudinary, I'm also a content creator, a blogger, and an open-source developer. Follow me at @mayashavin and on mayashavin.com.

In the beginning, my website, mayashavin.com, was mainly for showcasing the status of my development projects and keeping me organized with my speaking schedule. Initially, I built it with Vue.js, later on switching to Nuxt.js (aka Nuxt) for a higher SEO score, and deployed it with Netlify. After some time, I added a blog section with Netlify CMS as the content management system (CMS). Everything was fine until I added more content and features, which led to a significant decline in the site’s performance. Also, the site design needed a modern look. So, I gave the site a makeover.

Read more
Automation Frees Up PetRescue’s Staff to Help Pets Find Their Forever Homes

As we spend more time at home, many of us are adopting pets for the joy, companionship and a surprising range of health benefits. In Australia, where our nonprofit customer PetRescue is located, there’s a shortage of pets to adopt. Last August, the Guardian reported that dog shelters in Australia emptied and adoption fees for puppies were running as high as $AUS1800.

Read more
Cloudinary and Contentful Make Modern Content Management Easier

I am pleased to share that Cloudinary and Contentful have joined forces to further streamline the creation, processing, and delivery of online content through Cloudinary’s digital asset management (DAM) solution and advanced transformation and delivery capabilities for images and video. What’s more, the partnership delivers a headless approach to DAM. By leveraging APIs for media management tasks, marketers and developers alike benefit from an integrated stack of optimized assets for optimization and automation. As a result, page loads are fast and beautiful, and at scale—with less overhead and effort.

Read more
Introducing Cloudinary's Nuxt Module

Since its initial release in October 2016 by the Chopin brothers as a server-side framework that runs on top of Vue.js, Nuxt (aka Nuxt.js) has gained prominence in both intuitiveness and performance. The framework offers numerous built-in features based on a modular architecture, bringing ease and simplicity to web development. Not surprisingly, Nuxt.js has seen remarkable growth in adoption by the developer community along with accolades galore. At this writing, Nuxt has earned over 30K stars on GitHub and 96 active modules with over a million downloads per month. And the upward trend is ongoing.

Read more