Insites Docs Developers guide PermissionsHandling an Authorization Policy Violation

Handling an Authorization Policy Violation

Last updated on August 12, 2024.

This document discusses how to handle a violated Authorization Policy.

When an Authorization Policy is violated, the server, by default, will return the head status code. Alternatively, you can customise the 403 error page, render a page or redirect the user to a different page. On top of that, you can specify a flash alert message to display.

Prerequisites

To follow the steps in this tutorial, it is essential to have a deep understanding of the concept of Permissions. The guidelines presented here rely on the Authorization Policy created in an earlier tutorial.

Steps

Handling a violated Authorization Policy is a two-step process:

  • Step 1: Define a redirect or 403/404 page
  • Step 2: Display the alert message

Step 1: Define a redirect or 403/404 page

Define whether you want to redirect the user to another page or display one of the 403 or 404 pages. To redirect the user to a page after violation, set the key. For example, to redirect to the  page:

If, instead, you would like to render a customised 404 page, set the to :

The default behaviour is equivalent to setting to .

Step 2: Display the alert message

To generate a flash alert message, use the property:

As with all flash messages, you can access it in Liquid using the variable.

Have a suggestion for this page?

Didn't quite find what you are looking for or have feedback on how we can make the content better then we would love to hear from you. Please provide us feedback and we will get back to you shortly.