Skip to main content

VTEX Headless CMS previews are now private by default

· 2 min read

Following the next successful push to your store's repository default branch, the VTEX Headless CMS preview available at https://gatsby-preview-vtex-sites--<your-account-here> will require users to authenticate to VTEX.

In order to access the preview, users will need to have access to the domain of that specific account. This can be done either through the build environment variable GATSBY_STORE_ID in the vtex.env file, or the api.storeId entry exported by the store.config.js configuration file.

What has changed?

Previously, CMS previews were published to public URLs by default. Now, they are private by default, requiring authentication to VTEX.

Why did we make these changes?

CMS previews may contain sales promotions and product launches that are not yet available to the general public. This change aims to prevent unauthorized access to such content while also making the platform more secure.

What needs to be done?

Every CMS preview is now private by default. However, to be able to log in and view the private previews, you must install the vtex.faststore-auth app in your account. To do this, run the following command:

vtex install vtex.faststore-auth

If, for any reason, you need your CMS previews to be accessed by the public or third-party solutions, you may disable authentication by adding USE_CMS_PREVIEW_AUTH=false to your repository's vtex.env file.