Platform Administration and Architecture

The access rights

Abstract

Overview of the access rights that you can assign to a Sitecore user or role on an item level.

You can assign access rights to an account on an item level. The following access rights can be granted or denied to individual users or roles, or they can be inherited from the parent item.

Note

To view more access rights in the Security Editor, in the Security group, click Columns. In the Columns dialog box, select the access rights that you want to display in the Security Editor and click OK.

Access right

Description

Field Read

Controls whether a user can view a specific field on an item.

Field Write

Controls whether a user can edit a specific field on an item.

Read

Controls whether a user can see an item in the content tree and/or on the published website, including all the properties and field values.

Write

Controls whether a user can edit field values. The Write access right requires the Read access right and Field read and Field write access rights for individual fields (Field read and Field write are allowed by default).

Rename

Controls whether a user can change the name of an item. The Rename access right requires the Read access right.

Create

Controls whether a user can create child items. The Create access right requires the Read access right.

Delete

Controls whether a user can delete an item. The Delete access right requires the Read access right.

Important

This command also deletes all child items, even if the Delete access right has been denied for the account for one or more of the subitems.

Administer

Controls whether a user can configure the access rights of an item. The Administer access right requires Read and Write access rights.

Language Read

Controls whether a user can view a specific language version of an item in the Sitecore Clients. Does not influence the web site.

Language Write

Controls whether a user can edit a specific language version of an item in the Sitecore Clients. Does not influence the web site.

Show in Insert

Controls whether a template is shown in the Content Editor in the Insert Options list and in the Experience Editor in the Insert dialog box.

Workflow State Delete

Controls whether a user can delete items when they are in a specific workflow state.

Workflow State Write

Controls whether a user can update items when they are in a specific workflow state.

Workflow Command Execute

Controls whether a user can execute a specific workflow command.

Customize Profile Key Values

Controls whether a user can customize the profile key values on a profile card.

Create Bucket

Controls whether a user can create an item bucket.

Revert Bucket

Controls whether a user can revert an item bucket to a regular item.

Field Remote Read

Controls whether the Item Web API services can access (read, retrieve) the fields of an item. If you want a field to be available for requests, you should allow this access right for the field.

Note

This access right is only applicable on fields and by default set to Denied.

Inheritance

Controls whether security rights can be passed from a parent item to the child items. The security model supports the possibility to grant or deny the Inheritance access right on a per account basis (it applies to all access rights). The inheritance settings that you choose, only apply to the selected account.