Capability

Security

Liferay DXP is built with security in mind. A variety of standards based authentication methods and integrations can be used to ensure secure access to a site and its resources. Robust role-based access control with permissions gives you fine grained control over what authenticated and unauthenticated users can access, share, or edit. Liferay DXP’s web services also have a multi-layered and configurable approach to security and authorization.

Feature
Deployment Approach
Capability
Postal Address API Basics
Official Documentation
Postal Address API Basics Liferay DXP/Portal 7.4+ Use Liferay's REST APIs to manage postal addresses. Add Postal Address to Account Then, follow these steps: Download and unzip Postal Address...
Published Date: May 9, 2024 6:59 PM
Roles API Basics
Official Documentation
Roles API Basics You can create and manage roles from the Application menu, but you can also use Liferay's REST APIs. Call these services to manage roles. Associate a User to a Regular Role Then,...
Published Date: May 9, 2024 6:59 PM
Consuming APIs
Official Documentation
Consuming APIs APIs, or Application Programming Interfaces, serve as the bridge between different software applications, allowing them to communicate and exchange data. By consuming external APIs,...
Published Date: May 9, 2024 6:51 PM
API Query Parameters
Official Documentation
API Query Parameters Whether you consume REST APIs or GraphQL APIs, different query parameters are available to help you filter the responses. Fields Parameter Use this parameter to specify and...
Published Date: May 9, 2024 6:51 PM
Batch Engine API Basics - Importing Data
Official Documentation
Batch Engine API Basics - Importing Data Liferay's Headless Batch Engine provides REST APIs to import and export data. Call these services to import data to Liferay. Importing Data Then follow...
Published Date: May 9, 2024 6:51 PM
Batch Engine API Basics - Exporting Data
Official Documentation
Batch Engine API Basics - Exporting Data Liferay's Headless Batch Engine provides REST APIs to import and export data. Call these services to export data from Liferay. Exporting Data Then,...
Published Date: May 9, 2024 6:51 PM
Consuming GraphQL APIs
Official Documentation
Consuming GraphQL APIs Liferay DXP contains GraphQL APIs for most of its applications. The GraphQL APIs are available at http://[host]:[port]/o/graphql. Here's how to consume them in three steps: ...
Published Date: May 9, 2024 6:51 PM
Configuring JSON Web Services
Official Documentation
Configuring JSON Web Services Liferay’s services are exposed as JSON web services out-of-the-box. This is enabled by default. You can access these services via the API page at...
Published Date: Nov 16, 2024 3:32 PM
Data Migration Center
Official Documentation
Data Migration Center Liferay DXP 2023.Q4+/Portal GA102+ [Beta Feature](../../../../security-and-administration/administration/configuring-liferay/feature-flags.md#beta-feature-flags) Currently,...
Published Date: May 9, 2024 6:51 PM
Using External Reference Codes
Official Documentation
Using External Reference Codes Liferay DXP/Portal 7.4+ Many of Liferay's headless API endpoints support an external reference code (ERC). The ERC field is useful in wide range of scenarios. For...
Published Date: May 9, 2024 6:51 PM
Sample API Tutorials
Official Documentation
Sample API Tutorials Follow the links below for sample API tutorials that include example requests and example code. Building Applications (Objects) Custom Objects API Basics Custom Objects...
Published Date: May 9, 2024 6:51 PM
Making Unauthenticated Requests
Official Documentation
Making Unauthenticated Requests By default, Liferay DXP restricts API access for the sake of security, requiring authentication to get a valid response. However, in certain cases it may make sense...
Published Date: May 9, 2024 6:51 PM
Consuming REST Services
Official Documentation
Consuming REST Services Liferay DXP contains REST services for most of its applications. These services are fully OpenAPI compliant. Here, learn how to consume them. This takes only three steps: ...
Published Date: May 9, 2024 6:51 PM
JSON Web Tokens (JWTs)
Official Documentation
JSON Web Tokens (JWTs) JSON Web Tokens (JWTs) represent encoded data. They are compact, self-contained, and secure. There are two primary types of JSON Web Tokens: Encrypted JWT: ensures the...
Published Date: Feb 25, 2025 12:39 PM
Authorizing Account Access with OAuth2
Official Documentation
Authorizing Account Access with OAuth2 Once you have an application registered, you can start authorizing users. To do that, you must construct the URL to the authorization server (Liferay DXP)....
Published Date: Nov 22, 2024 10:48 PM
Producing and Implementing APIs with REST Builder
Official Documentation
Producing and Implementing APIs with REST Builder With REST Builder, you can define the API you want to build, and REST Builder provides the framework and endpoints for you. Deploy an Example REST...
Published Date: May 9, 2024 6:51 PM
Configuring the JWT Bearer Flow
Official Documentation
Configuring the JWT Bearer Flow To use JWT Bearer as a grant type in Liferay, you must create an OAuth 2 client with the Client Authentication Method set to Client Secret Basic or Post. The client...
Published Date: Feb 25, 2025 12:39 PM
OAuth 2 Scopes
Official Documentation
OAuth 2 Scopes In OAuth 2.0, applications are granted access to limited subsets of user data. These are called scopes (not to be confused with Liferay scopes). You can create them in two ways: ...
Published Date: Nov 22, 2024 10:48 PM
Using OAuth2 to Authorize Users
Official Documentation
Using OAuth2 to Authorize Users You can create applications that access Liferay's headless REST APIs using the OAuth 2.0 authorization protocol. The provided sample React app demonstrates three...
Published Date: Nov 22, 2024 10:48 PM
JSON Web Token Assertions
Official Documentation
JSON Web Token Assertions An assertion helps in sharing identity and security information across different domains. There are two uses for assertions: Authorization grants Client authentication...
Published Date: Feb 25, 2025 12:39 PM