1. REST API for Sites Management
  2. Tasks
  3. Settings

Update the Site Management Settings

patch

/sites/management/api/v1/settings

SINGULAR

Update one of more of the site management settings. Settings can be individually changed or changed together.

Introduced in release 20.1.2.

Authorization

To invoke this operation, the authenticated user or client application must have one of the following roles:

  • CECServiceAdministrator

Successful Response Examples

This operation responds with the following success (2xx) responses. For a full list of response HTTP status codes and example bodies, consult the Response section of this operation.

200OK - Disable Site Governance

Disable site governance, allowing any member of a template to create a site.

Request

PATCH https://api.example.com/sites/management/api/v1/settings

Request Body

{
  "governanceEnabled": false
}

200OK - Enable Site Governance

Enable site governance, allowing site administrators to control who can create sites and who can approve site creation.

Request

PATCH https://api.example.com/sites/management/api/v1/settings

Request Body

{
  "governanceEnabled": true
}

200OK - Disable Site Prerender Service

Disable the site prerender service.

Request

PATCH https://api.example.com/sites/management/api/v1/settings

Request Body

{
  "prerender": {
    "enabled": false
  }
}

200OK - Enable Site Prerender Service

Enable the site prerender service so that site access is optimized.

Request

PATCH https://api.example.com/sites/management/api/v1/settings

Request Body

{
  "prerender": {
    "enabled": true
  }
}

200OK - Allow Site Creation by Non Site Administrators

Allow site creation by service users. When site governance is enabled site creation this setting is ignored and site creation is controlled by policies managed by site administrators.

Request

PATCH https://api.example.com/sites/management/api/v1/settings

Request Body

{
  "allowSiteCreation": true
}

200OK - Prevent Site Creation

Prevent anyone from creating sites.

Request

PATCH https://api.example.com/sites/management/api/v1/settings

Request Body

{
  "allowSiteCreation": false
}

200OK - Change the Minimum Site Security

Change the minimum site security settings for online sites.

Request

PATCH https://api.example.com/sites/management/api/v1/settings

Request Body

{
  "siteSecurityPolicy": {
    "level": "service",
    "appliesTo": "named"
  }
}

200OK - Change Who Can Create Components and Themes

Change restricted operations to allow non site administrators to create components and themes.

Request

PATCH https://api.example.com/sites/management/api/v1/settings

Request Body

{
  "siteAdminOnlyOperations": {
    "themeCreation": false,
    "componentCreation": false
  }
}

200OK - Deactivate Sites When They Expire

Automatically take a site offline when the site expires.

Request

PATCH https://api.example.com/sites/management/api/v1/settings

Request Body

{
  "expiration": {
    "action": "deactivate"
  }
}
Introduced in release 20.3.1.

200OK - Deletes Sites When They Expire

Automatically take a site offline when the site expires and delete the site ten days after the site expires.

Request

PATCH https://api.example.com/sites/management/api/v1/settings

Request Body

{
  "expiration": {
    "action": "delete",
    "deleteAfter": 10
  }
}
Introduced in release 20.3.1.

Client Error Response Examples

This operation responds with following client error (4xx) responses with exception details in the response body. For a full list of response HTTP status codes and example bodies, consult the Response section of this operation.

400Bad Request - Invalid Security Scope

The site security scope named cannot be used with a security level of everyone. A site security scope of all must be used when using a security level of everyone.

Error Code

OCE-SITEMGMT-009018

Resolution - Edit Site Security Scope

Change the security scope to the suggested required scope value.

Exception Detail Fields

This error type includes the following fields/values in the response:

Field NameDescription
levelSpecified site security level. Valid values are:
  • service - Only service users
  • cloud - Only cloud users who can sign in to your domain
  • everyone - Anyone without signing in
specifiedScopeSpecified site security scope. Valid values are:
  • named - Only named users within a specified level can access
  • all - All users within a specified level can access
requiredScopeRequired site security scope. Valid values are:
  • named - Only named users within a specified level can access
  • all - All users within a specified level can access

For detailed information about this exception detail type, consult the InvalidSecurityScopeExceptionDetail schema in the definitions section of the swagger document.

Example Response Body
{
  "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
  "title": "Invalid Security Scope",
  "status": "400",
  "detail": "Site security scope '{specifiedScope}' is not valid with a site security level of '{level}'. Use a security scope of '{requiredScope}'.",
  "o:errorCode": "OCE-SITEMGMT-009018",
  "level": "service",
  "specifiedScope": "named",
  "requiredScope": "all"
}

409Conflict - Starter Edition Governance Not Supported

Starter edition will only allow you to create one site.

Error Code

OCE-SITEMGMT-009119

Resolution - Upgrade to Premium

Upgrade to Premium to access site factory governance.

Example Response Body
{
  "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
  "title": "Starter Edition Governance Not Supported",
  "status": "409",
  "detail": "Site governance is not supported in Starter Edition.",
  "o:errorCode": "OCE-SITEMGMT-009119"
}

Introduced in release 21.6.1.

Request

Supported Media Types
Body ()

Only properties that are being updated should be provided in the request. To remove a property, include it in the request with a value of null. Properties that cannot be updated are ignored.

Root Schema : schema
Type: object
Show Source

  • Allow your service users to create sites. When you enable the ability to create sites, you allow all users to create templates and sites. If you disable site creation, users can still see and work with templates and other folders in the hierarchy. Users can also still work with an existing site if the site is shared with them. They can view, edit, and manage the site, depending on their role. When you enable sites functionality, users have the ability to publish any content they have access to, including confidential information. You might want to limit your users to creating only secured sites, so that users have to sign in before they can see the site content. For even more security, you can limit site creation to administrators.

    Introduced in release 20.1.2.
  • expiration

    Site expiration settings such as whether sites are automatically taken offline and deleted when the site expires.

    Introduced in release 20.3.1.

  • Enable governance for sites to simplify and accelerate site delivery for business users, who are not site administrators, while giving site administrators an easy way to control and track sites from a centralized location.

    Introduced in release 20.1.2.
  • links

    HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.

  • prerender

    Prerender service settings such as whether the prerender service is enabled.

    Introduced in release 20.1.2.
  • siteAdminOnlyOperations

    Restrict site, template, theme and component creation to site administrators.

    Introduced in release 20.1.2.
  • siteSecurityPolicy

    Specify the minimum security allowed for online sites.

    Introduced in release 20.1.2.
Example:
{
    "governanceEnabled":false
}
Nested Schema : expiration
Type: object

Site expiration settings such as whether sites are automatically taken offline and deleted when the site expires.

Introduced in release 20.3.1.
Show Source

  • What action to take when the site expires. This can be do nothing. If the site is online the site will remain online. The deactivate action takes the site offline after the site expires. The delete action takes the site offline after the site expires and also deletes the site. The site is deleted using the days after to determine how long after expiration before the site is deleted.

    Valid values are:

    • nothing - Site is left online and is not deleted
    • deactivate - Site is taken offline when the site expires
    • delete - Site is taken offline when the site expires and deleted after a configurable number of days after expiration

    Introduced in release 20.3.1.
  • Minimum Value: 3
    Maximum Value: 90

    Number of days to wait after a site expires before deleting the site. This setting is only used if the action selected is to delete expired sites. This setting can still be set if site deletion is disabled; the setting value will just be ignored.

    Introduced in release 20.3.1.
Nested Schema : links
Type: array

HATEOS link to related resources and actions or actions on this resource. Must include at least a 'self' link that contains a link to the canonical representation of the resource.

Show Source
Nested Schema : prerender
Type: object

Prerender service settings such as whether the prerender service is enabled.

Introduced in release 20.1.2.
Show Source

  • Enable or disable the Prerender Service.

    Introduced in release 20.1.2.

  • Comma-separated list of user-agent product names that, if detected, will cause the client (crawlers and bots) to be redirected to the pre-render generated cached site content. Oracle Content Management has a built in list of crawlers and bots with is combined with this custom user-agent product names.

    Introduced in release 20.1.2.
Nested Schema : siteAdminOnlyOperations
Type: object

Restrict site, template, theme and component creation to site administrators.

Introduced in release 20.1.2.
Show Source
Nested Schema : siteSecurityPolicy
Type: object

Specify the minimum security allowed for online sites.

Introduced in release 20.1.2.
Show Source

  • Define which types of users may access a site. Can include all users or be restricted to named users only.

    Valid values are:

    • named - Only named users within a specified level can access
    • all - All users within a specified level can access

  • Maximum open security level that can be set on a site.

    Valid values are:

    • service - Only service users
    • cloud - Only cloud users who can sign in to your domain
    • everyone - Anyone without signing in

Nested Schema : items
Match All
Show Source
  • Link
Back to Top

Response

Supported Media Types

200 Response

OK
Headers
Body ()
Root Schema : schema
Match All
Show Source
Nested Schema : SitesManagementSettings

Sites Management settings.

Introduced in release 20.1.2.
Match All
Show Source
Nested Schema : SingularResource
Type: object

All singular resources include the properties of the singular resource definition. A singular resource includes a list of links that provide relationships to other resources, or in the case of the self link the resource itself.

Show Source
  • links
Nested Schema : SitesManagementSettings-allOf[1]
Type: object
Show Source

  • Allow your service users to create sites. When you enable the ability to create sites, you allow all users to create templates and sites. If you disable site creation, users can still see and work with templates and other folders in the hierarchy. Users can also still work with an existing site if the site is shared with them. They can view, edit, and manage the site, depending on their role. When you enable sites functionality, users have the ability to publish any content they have access to, including confidential information. You might want to limit your users to creating only secured sites, so that users have to sign in before they can see the site content. For even more security, you can limit site creation to administrators.

    Introduced in release 20.1.2.
  • expiration

    Site expiration settings such as whether sites are automatically taken offline and deleted when the site expires.

    Introduced in release 20.3.1.

  • Enable governance for sites to simplify and accelerate site delivery for business users, who are not site administrators, while giving site administrators an easy way to control and track sites from a centralized location.

    Introduced in release 20.1.2.
  • prerender

    Prerender service settings such as whether the prerender service is enabled.

    Introduced in release 20.1.2.
  • siteAdminOnlyOperations

    Restrict site, template, theme and component creation to site administrators.

    Introduced in release 20.1.2.
  • siteSecurityPolicy

    Specify the minimum security allowed for online sites.

    Introduced in release 20.1.2.
Nested Schema : expiration

Site expiration settings such as whether sites are automatically taken offline and deleted when the site expires.

Introduced in release 20.3.1.
Match All
Show Source
  • SiteExpirationSettings

    Site expiration related settings, such as enabling or disabling automatic site deactivation and deletion. Site expiration only takes affect if site governance is enabled.

    Introduced in release 20.3.1.
Nested Schema : prerender

Prerender service settings such as whether the prerender service is enabled.

Introduced in release 20.1.2.
Match All
Show Source
  • PrerenderSettings

    Search engine optimization related settings, such as enabling or disabling the pre-render service and configuring crawler and bot user-agents.

    Introduced in release 20.1.2.
Nested Schema : siteAdminOnlyOperations

Restrict site, template, theme and component creation to site administrators.

Introduced in release 20.1.2.
Match All
Show Source
Nested Schema : siteSecurityPolicy

Specify the minimum security allowed for online sites.

Introduced in release 20.1.2.
Match All
Show Source
  • SecurityPolicy

    The security policy specifies the minimum level of security level a site will be allowed to have. The site will be created with this minimum level, and the site manager/owner can then set a more restrictive security level on the site if they wish. The manager/owner cannot select a security level that is less secure than the values specified on the sites security policy.

Nested Schema : SiteExpirationSettings
Type: object

Site expiration related settings, such as enabling or disabling automatic site deactivation and deletion. Site expiration only takes affect if site governance is enabled.

Introduced in release 20.3.1.
Show Source

  • What action to take when the site expires. This can be do nothing. If the site is online the site will remain online. The deactivate action takes the site offline after the site expires. The delete action takes the site offline after the site expires and also deletes the site. The site is deleted using the days after to determine how long after expiration before the site is deleted.

    Valid values are:

    • nothing - Site is left online and is not deleted
    • deactivate - Site is taken offline when the site expires
    • delete - Site is taken offline when the site expires and deleted after a configurable number of days after expiration

    Introduced in release 20.3.1.
  • Minimum Value: 3
    Maximum Value: 90

    Number of days to wait after a site expires before deleting the site. This setting is only used if the action selected is to delete expired sites. This setting can still be set if site deletion is disabled; the setting value will just be ignored.

    Introduced in release 20.3.1.
Nested Schema : PrerenderSettings
Type: object

Search engine optimization related settings, such as enabling or disabling the pre-render service and configuring crawler and bot user-agents.

Introduced in release 20.1.2.
Show Source

  • Enable or disable the Prerender Service.

    Introduced in release 20.1.2.

  • Comma-separated list of user-agent product names that, if detected, will cause the client (crawlers and bots) to be redirected to the pre-render generated cached site content. Oracle Content Management has a built in list of crawlers and bots with is combined with this custom user-agent product names.

    Introduced in release 20.1.2.
Nested Schema : SiteAdminOnlyOperations
Type: object

Defines the operations restricted to Site Administrators.

Introduced in release 20.1.2.
Show Source
Nested Schema : SecurityPolicy
Type: object

The security policy specifies the minimum level of security level a site will be allowed to have. The site will be created with this minimum level, and the site manager/owner can then set a more restrictive security level on the site if they wish. The manager/owner cannot select a security level that is less secure than the values specified on the sites security policy.

Show Source

  • Define which types of users may access a site. Can include all users or be restricted to named users only.

    Valid values are:

    • named - Only named users within a specified level can access
    • all - All users within a specified level can access

  • Maximum open security level that can be set on a site.

    Valid values are:

    • service - Only service users
    • cloud - Only cloud users who can sign in to your domain
    • everyone - Anyone without signing in

Example Response ()
{
    "allowSiteCreation":false,
    "governanceEnabled":false,
    "siteSecurityPolicy":{
        "level":"service",
        "appliesTo":"named"
    },
    "siteAdminOnlyOperations":{
        "siteCreation":false,
        "templateCreation":false,
        "themeCreation":false,
        "componentCreation":false
    },
    "prerender":{
        "enabled":false,
        "userAgents":"AdsBot-Google,AdsBot-Google-Mobile-Apps,AppEngine-Google"
    },
    "expiration":{
        "action":"nothing",
        "deleteAfter":30
    }
}

400 Response

Bad Request
Body ()
Root Schema : schema
Match All
Show Source
Nested Schema : InvalidSecurityScopeExceptionDetail
Match All
Show Source
Nested Schema : ExceptionDetail
Type: object

In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.

Show Source
Nested Schema : InvalidSecurityScopeExceptionDetail-allOf[1]
Type: object
Show Source

  • Specified site security level.

    Valid values are:

    • service - Only service users
    • cloud - Only cloud users who can sign in to your domain
    • everyone - Anyone without signing in

  • Required site security scope.

    Valid values are:

    • named - Only named users within a specified level can access
    • all - All users within a specified level can access

  • Specified site security scope.

    Valid values are:

    • named - Only named users within a specified level can access
    • all - All users within a specified level can access

Nested Schema : o:errorDetails
Type: array

Multiple errors can be organized in a hierarchical structure.

Show Source
Nested Schema : items
Match All
Show Source
  • ExceptionDetail

    In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.

Example Response (Invalid Security Scope)
{
    "type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
    "title":"Invalid Security Scope",
    "status":"400",
    "detail":"Site security scope '{specifiedScope}' is not valid with a site security level of '{level}'. Use a security scope of '{requiredScope}'.",
    "o:errorCode":"OCE-SITEMGMT-009018",
    "level":"service",
    "specifiedScope":"named",
    "requiredScope":"all"
}

401 Response

Unauthorized

403 Response

Forbidden

406 Response

Not Acceptable

409 Response

Conflict
Body ()
Root Schema : schema
Match All
Show Source
Nested Schema : StarterEditionGovernanceNotSupportedExceptionDetail
Introduced in release 21.6.1.
Match All
Show Source
  • ExceptionDetail

    In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.

Nested Schema : ExceptionDetail
Type: object

In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.

Show Source
Nested Schema : o:errorDetails
Type: array

Multiple errors can be organized in a hierarchical structure.

Show Source
Nested Schema : items
Match All
Show Source
  • ExceptionDetail

    In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.

Example Response (Starter Edition Governance Not Supported)
{
    "type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
    "title":"Starter Edition Governance Not Supported",
    "status":"409",
    "detail":"Site governance is not supported in Starter Edition.",
    "o:errorCode":"OCE-SITEMGMT-009119"
}

413 Response

Payload Too Large

415 Response

Unsupported Media Type

416 Response

Range Not Satisfiable

429 Response

Too Many Requests

500 Response

Internal Server Error

501 Response

Not Implemented

502 Response

Bad Gateway

503 Response

Service Unavailable

504 Response

Gateway Timeout
Back to Top