Extending the Layout Service

Current version: 20.x

If you want to customize the output of the Layout Service, you have the following options:

Security considerations

The Layout Service output is not secure and can be inspected client-side. Treat it like an open API, ensuring you are not exposing sensitive or excess data.

When extending Sitecore Context object or building custom Rendering Content Resolvers:

  • Only add fields necessary for front-end components. For example, do not inject the entire Sitecore Context object from back-end Sitecore pipelines into the Layout Service response.

  • Add data that represents the global app state and must be accessed by multiple components.

  • Avoid exposing sensitive information. Be aware of serialization depth to avoid accidentally exposing additional data through complex objects.

Do you have some feedback for us?

If you have suggestions for improving this article,