Graphic symbols of documents and security

Simplifying paywalls and partial page access in Sitecore 

Consider the following scenario: there is a requirement to let a user visit a web page, but show only some of the content. A common example is a paywall where only the abstract of an article is shown until the visitor logs in. 

The security of items in Sitecore is controlled by a number of permissions that can be assigned to users. In order to visit a page, a website visitor will need the “Read” permission of that page.

Ordinarily, you could control this using out-of-the-box personalisation, perhaps showing the abstract only when the visitor is not logged in, and the main article body if they are.

However, this approach has its limitations. If you have a page made up of many components, and your criteria for access is complex, a heavy burden is placed on content editors. Each individual component must have personalisation applied, and when rules are complex the risk of human error is high.

One recent experience prompted us to create an additional permission called “Rules” which gave us a more controlled experience that was much kinder to content editors: All of the complex rules are defined only once at the page level, and each component then only needs a single rule condition “where the item is not restricted”.

Diagram showing full access for subscribers, rule-based access for registered users, and partial access for anonymous users

The rule conditions could grant early access to subscribers, be based on whether a visitor has triggered a particular Sitecore goal, or any other rule condition available.

Of course, more complex conditions can be developed too. For example, through integrations with other systems such as a CRM you could base permissions on whether a visitor has attended a particular event or spoken to a sales representative. Article closing icon

More stories you might like

See all stories

Short Clock icon Story

Engineering and development

LinkedIn access tokens

A new access token can be obtained manually in just a few minutes, but at what point do these few minutes every 60 days add up to enough inconvenience to automate the task?

Team working informally on couches

Some questions to ask for context marketing success

Successful context marketing isn’t driven by technology alone—organizations also need to be strategically and operationally ready.

Rakotz bridge, made of stone, in Kromlau, Germany

Being in balance

Great products can only be the result of a healthy dialogue between strategy, design and technology.