Skip to main content
Warning This document has not been updated for a while now. It may be out of date.
Last updated: 6 Dec 2021

content-store: Access-limited content items

Some content can be marked as access-limited. This content can only be retrieved from the content store with the right authorisation. Authentication details can be provided with a GET request to identify an authenticated user:

  curl -header "X-Govuk-Authenticated-User: f17150b0-7540-0131-f036-0050560123202" \<base_path>

If the supplied identifier is in the list of authorised users, the content item will be returned. If not, a 403 (Forbidden) response will be returned.

Note: the access-limiting behaviour should only be active on the draft stack.

2nd line access

To help debug an issue for the user where the document has access limited permissions, you can change your organisation temporarily to match the user's organisation in Signon.