Content Permissions

After a content item has been deployed, you can manage who can view or modify the item.

Access Type

The access type of the content determines who can access your items. The access type can be controlled by the access_type of the [content] section of an item's _ricochet.toml file.

There are three types of access you can provide:

• private: only specified users can access this item
• internal: all authenticated users can access this item
• external: anyone can access this item

Private access

Unless otherwise specified, the first deployment of an item has an access_type set to private in the _ricochet.toml. Private items can only be accessed by the owner of the item, collaborators, or server admins.

Internal access

Internal content items can be viewed by everyone who has authenticated into your ricochet server. These items are not accessible without first authenticating and logging into the ricochet server.

Public access

Public content items can be viewed by anone with access to your ricochet server. Visitors to the ricochet server will be able to view the item without needing to authenticate.

Collaborators

By default, only users who own an item can view, modify, or invoke a content item. Additional collaborators can be added through the ricochet web UI. Collaborators can have the following roles:

• consumer: can view or invoke the content item
• contributor: can create new deployments
• editor: can deploy new bundles, manage access, and modify settings
• admin: can deploy new bundles, add viewers & collaborators, and delete the item