What is Strapi
Strapi is an open-source project. Strapi is a headless CMS that is used to develop websites, mobile applications, eCommerce sites, and APIs. Headless means you can integrate any front-end technology. You can integrate Strapi with React, Vue.js, Next.js, Nuxt.js, Angular, Svelte, Sapper, and Swapper. It allows you to create an API without knowing anything about the backend or databases. The system automatically builds APIs based on content models, making it easy to view data in the CMS with Strapi.
Why Strapi
1. Strapi enables content-rich experiences to be created, managed, and exposed to any digital product, channel, and device.
2. Strapi has been designed to make your experience the easiest possible.
3. Strapi gives you the freedom to manage content through a user-friendly interface intuitively.
Traditional CMS vs Headless CMS
The traditional CMS approach to managing content puts everything into one big bucket — content, images, HTML, and CSS. This made it impossible to reuse the content because it was commingled with code, while headless CMS allows you to manage content in one place and still be able to deploy that content across any front end you choose. This is key to omnichannel strategies because it lets you integrate content into any system, software, or website just by calling the APIs the headless CMS exposes.
How Strapi is better than other Headless CMS
Strapi is an open-source product, while Contentful is a proprietary SaaS (software-as-a-service). This influences many essential things like hosting, security, performance, cost, and customization of the CMS. With an open-source solution like Strapi, you are free to choose where you want to keep your data. It means that you have complete control of your project’s security, performance, and cost. Choosing to host by yourself adds one more step to the application setup, but it can be done relatively quickly using official Strapi integrations with hosting providers. SaaS solutions like Contentful provide you with a CMS that is already hosted, which means that you can’t choose where your data is kept, and you risk having a vendor-lock-in.
When Strapi is a good choice
Strapi is an excellent tool for creating modern, fast APIs with real-time updates. It’s free to use under the MIT license with no limitation, which is very hard to find in today’s marketplace. This tool might be perfect for your needs if you are looking for a headless CMS explicitly built for Node.js with integration, LDAP support, and Swagger integrations.
Role-based permissions in Strapi
Although authentication and authorization are both security processes in Identity and Access Management (IAM), they differ. While authentication tries to identify users to make sure they’re who they say they are, authorization allows users to access specific resources/documents based on their role (who they are).
Think of authentication as when you try to login into your Facebook account. If you don’t provide the correct login credentials (email and password), you won’t be allowed access to your account even though it’s yours.
For authorization, think of owning a Facebook page. When you in the Facebook page, you are an admin since you own the page. Hence, you can post content on your page, modify content, and even approve content from members of your page that are not administrators. When members of your group who are not administrators try to approve other people’s content, they’ll find out they can’t. This is because they don’t have the right to do that; only admins have.
By default, the roles in the Strapi administration panel are Author, Editor, and Super Admin. By default, the user who creates the Strapi application is assigned the Super Admin role. You can edit any role by clicking on the edit button beside each role. By default, the user and permissions plugin roles are the public and authenticated roles. By default, registered users are assigned to the authenticated role.
Written by
Noor Ul Ain Ibrahim
Full Stack Developer