Segmenting content in Dato

We’re building a Dato driven platform for various client businesses to create marketing sites driven by Dato and rendered on the front end by a React application. The idea is that each business will have an admin that is not necessarily a technical user that can create and edit content for that business. What’s the best way to approach this so that admins from various client businesses can manage their own content without risking making changes to other admins’ content? Would it be better to associate them each with a separate instance of Dato and use the API to make sure all the model and field definitions are in sync?

hello @jon

you can safely use a single project if that’s better for you. Of course if you can it’s cheaper on you and easier to maintain, so I encourage you to try this way.

In this case you can attach roles to both API tokens and collaborators so that a specific role can only access the content that it has created. Meaning that a group of collaborators and API tokens will be able to see and edit only their own content.

Let me know if you have more questions and if you want to trial an Advanced plan for a month please let me know over support@datocms.com your project and I can enable that for you.

Hello @mat_jack1,

Firstly, kudos to all the effort and innovation from DatoCMS and your top notch staff.

Regarding the approach above, based on this post, I’ve followed its guidance and run into a show-stopper at one of the very last steps. Uploaded Media Content.

From what I can tell, there appears to be no way to adjust Media privileges similarly to how data models can be segmented. Paid customers wouldn’t be content with all of their media files being shared amongst unrelated paying customers, so I’m really hoping there is a workaround for this issue i’m not aware of.

Can visibility to media that only you or your shared role has created, be integrated into the DatoCMS ‘Roles’?

@ryan1 you are right about media content, I didn’t think about that. We would like to add more granular permissions for that area, but they are not there yet :frowning:

Maybe get in touch via support again and we can think about a custom pricing that might better suit your project?