Headless CMS Blog
Read everything on headless CMS technology, tips, best practices, and how-tos.
Introducing Two-Factor Authentication: A New Level of Security
At Contentstack, we take security and privacy seriously.So today, we are pleased to inform you that our security has been upgraded with the introduction of two-factor authentication for Contentstack. This opt-in feature enables secure access to your account and ensures safety of your data and resources that reside in your Contentstack account.Two-Factor Authentication DefinedWhen you log in to your average social networking site or app, you typically enter your username/email and password to access your account. This may be the single step taken by the website/app to verify your identity and grant access to your account. This is known as one-factor authentication.When you add another factor to this password-only authentication system, it is known as two-factor authentication (2FA). In such a setup, you are required to provide an additional piece of information to verify your identity. In general, 2FA uses two of the three possible methods of verifying an identity:Something you know (password, secret PIN, zip code, etc.)Something you have (phone number, smart card, etc.)Something you are (fingerprint, retina scan, facial recognition, etc.)Benefits of Two-Step AuthenticationToday, most services focused on improving the security of the users and their data have adopted 2FA as a standard method for authentication. This is mainly because 2FA ensures that even if one of the factors have been compromised or leaked, the other factor keeps hackers/criminals from breaking into your account, thereby minimizing the risk of data theft.Here are the other benefits of using 2FA:Provides additional layer of securityMinimizes risk of data and identity theftReduces operational and security costThe Two Factors Used by ContentstackThe two factors used by Contentstack for authentication are:Password (something you know)One-time security code via Authy mobile app or SMS (something you have)How to Use Two-Factor Authentication (TFA) in ContentstackIf you are an existing Contentstack user, setting up 2FA for your Contentstack account is quick and easy. Here are the steps for enabling two-factor authentication for your account:Log in to your account.Click on profile name and go to the security page.Under ‘Two-Factor Authentication’, enter your phone number and click ‘Enable 2FA’.Select one of the methods to verify your phone number.Enter security codeThis will enable 2FA for your account.Now, the next time you try to log in to your account, you will be first asked to enter your login credentials (email and password). Then, it will prompt you to verify the security code that you get on the Authy app installed on your phone. If you do not have the app, you can request to receive the verification code via SMS. You will be granted access to your account only upon entering this security code.Why Introduce Two-Factor Authentication Now?Two-factor authentication is not a new concept and, as such, is a proven method to enhance security, which is more important than ever. With the recent feature enhancements and updates to Contentstack, users now have more power and control over the content stored in their account than ever before – something an intruder could exploit. 2FA minimizes this risk substantially.Owing to the increasing risks due to the growing level of sophistication by online hackers and attackers, security measures around the world are constantly evolving. While 2FA does not completely eliminate all potential threats, it makes it a lot harder for attackers to hack your accounts.As of now, two-factor authentication is an opt-in security feature that can be enabled/disabled for your Contentstack account as and when you wish. However, we highly recommend you to enable this as soon as possible to keep you account safe from potential threats.To learn more about two-factor authentication, please read our documentation.
Webhooks Security – Featuring HTTP Authentication
Webhooks provide a way to notify external apps, services, and urls when changes are made in your content stack. For instance, you can create a webhook that notifies a URL whenever a new entry is created in a particular content type or whenever an existing content type is modified. This allows for data synchronicity across applications. While it was always possible to use webhooks in our content management system, Contentstack, we have made several major changes to make webhooks more secure and powerful. Here’s what’s new: Basic HTTP Authentication You can now add basic HTTP authentication to make your webhooks more secure. To do this, add a username and password before saving your webhook. This will ensure that the webhook data will be accessible only by the users who have the credentials. Custom Headers We have added the functionality to add custom headers to your webhook. This lets you pass any number of key-value pairs to the webhook URL when the webhook is triggered. This is especially helpful when the receiving URL needs additional data such as API key or access token of your application. Manual Trigger If the destination URL is not able to accept requests due to any reason, Contentstack will make multiple calls ( five attempts total) to the URL at regular intervals. After the fifth attempt, it will stop making calls. However, at any given time, you can access the activity and make the call manually. Detailed Logs Now you can view all the details of a webhook call by clicking the “Logs” link inside the webhook’s configurations area. You can sees the date and time when the webhook was triggered, the current status of the webhook call, and the “Call Details” – which shares the results of the request and response of the webhook. Watch the video to learn more about our new features and how to use webhooks security in our CMS.
CDN and Other Features for a Faster and More Secure Web CMS
Increase Productivity with These Headless CMS Features
The all new ‘Default URL Pattern’ feature lets you standardize the URL pattern for pages of your website. This is a common use case for the majority of our customers when building out a blog or a product catalog. You can define a URL pattern of your choice while creating/editing a content type. Once this is determined, Contentstack automatically generates the URL every time you create an entry. For instance, if you decide the pattern to be www.yourdomain.com/title, the auto-generated URL for your next post will be www.yourdomain.com/my-first-post. You can include date, title, custom text, or a combination of any of these elements in the URLs. This gives you the flexibility to create meaningful, reader-friendly, and beautiful URLs that rate high on SEO parameters. Read the docs to get started with this feature. Default Value for a Field Save time and effort While creating content types, you can set a default value for a field. The next time you create an entry, you do not have to manually enter a value for that field. It will, by default, contain the specified value. This reduces the time and effort spent entering the same data every time for a field. Content managers also maintain the ability to overwrite the preset value without having to make a request to development. Data Columns Field data at a glance By default, the entries page displays basic info about each entry (such as title, created at, publish status, and version) in separate columns. We have added a new feature that lets you add data columns to display the fields’ data of each entry. This helps you get a quick overview of the data of all the fields in a particular content type.
New Content Type Builder Makes Creating Content Structures Easy
Working with content structure is one of the most common—and challenging—tasks for a developer. Are you looking out for the easiest technique to build and customize your content? Here’s where our new content type builder comes in handy. You can now build your content structure in just a few minutes, or rather, a few seconds! This new release makes working with content easy and flexible! It’s packaged with enhanced features to quickly create content types, add fields using the drag-and-drop functionality, edit field properties in real time, rearrange fields, label them, and do a lot more. Follow the instructions below to set it up. 1. Create a Content Type When creating a new content type, name it, and select the kind of content type you want—"Webpage" or "Content Block". If you want to add a single entry, select "Single," otherwise, select "Multiple" for multiple entries. 2. Drag and Drop Fields Build powerful content structures that require no technical expertise. Just drag and drop the fields you want from the list available in the right panel. To learn more, read the Content Types documentation. Realtime Field Editing The changes made to your field properties are reflected immediately. Simply click on the selected field to edit its properties, and watch your changes happen in real time. For instance, Contentstack has the Instructional Value, Placeholder Text, and Help Text fields designed to help content editors manage content. If you edit any of these fields, the UI reflects it simultaneously. Rearrange Fields in No Time To rearrange fields, drag them using the grip icon (dots) appearing on the left side of the field. Easy Categorization Organize the content types in your stack by adding labels. You can add and nest as many labels as you need for easy access.
Introducing Markdown in Contentstack Headless CMS
The latest Contentstack upgrade brings you the most-awaited feature: a full-featured Markdown Editor. This Markdown Editor allows you to add content in Markdown, an easy-to-use markup language with plain text formatting that can be easily converted to HTML. Adding a Markdown Editor You can add one or more Markdown editors to new, as well as existing forms. Add a new form or edit an existing one to enter the Form Editor mode. In the Form Editor mode, simply add a new field with Markdown as its data type. Save your changes and this field will now be available when creating or editing an entry associated with this form. Adding Content in Markdown Add text with the appropriate annotations. We have also included a toolbar with buttons for the most common annotations. Click the expanding arrows button to use the Markdown editor in the distraction-free, fullscreen mode. You can also view a preview of your content with just a click. When adding content to the Markdown editor, simply click the preview button to view how your content will look in HTML.
Our Latest Release Includes Audit Logs, Webhooks, and Publish Status
We are excited to announce a major update to Contentstack, our award-winning CMS. These updates include import and export functionality; now you can download the schema of a form in JSON format and import it back into Contentstack. This is a very useful feature if you want to introduce changes across several entries or forms, or simply keep backups of your data in Contentstack. We’ve also introduced webhooks, which provide a way to integrate Contentstack with other applications. Webhooks can be triggered for all significant events on your websites and provide notifications in a format easily understood by applications. Simply add a trigger URL and specify a condition that will trigger this webhook. With the latest release we now provide an interface for developers to view comprehensive records of all events associated with a website. The Audit Logs screen lists all events since the inception of the website. This is especially helpful for site owners to monitor the activities of all collaborators on the website, along with the public IP from which they performed the action. There is now a filter for the Publish Status and a facility to specify a date range. The format changed from a timeline view to a tableview, which is more intuitive and focuses on providing comprehensive information to the user. To show you just how easy and intuitive it is to use Contentstack, our youngest ever intern is going to teach you how to update the “News and Awards” page on the Built.io website: You can read more about the Contentstack update in our press release.
CMS Versioning | Compare Versions with Contentstack
Contentstack now offers a "Compare Versions" feature. Powerful and easy to use, this CMS versioning feature lets users compare different versions of the same page side by side. With just one click, it is now possible to view committed changes by authorized content editors, observe how content has evolved over time or simply revert a page back to its last saved state if something is posted by mistake. Since enterprise companies typically have complex content management workflows, the ability to compare versions when multiple employees are contributing to the same project is indispensable. Using the CMS versioning feature is as simple as using the product itself: When editing an entry, open the Compare Versions screen. On the Compare Versions screen, choose the versions for comparison from the drop down menu. Open a version in the editable mode. Added items and text are shown in green in the new version. Deleted items are shown in red for single fields and gray for multiple ones. Reordered items are also highlighted.