Step 3: Create a Site in the Yext Platform

Next, navigate to your Site repo. For simplicity, we will assume that you are deploying a site that is already ready for deployment, whether it is from your own GitHub account or a Yext-owned repository.

As indicated earlier in the guide, you must ensure that your site is configured for the new Pages architecture in order for authentication to work. Refer to our guide to upgrade your site configuration.

book
Note
If you are using PagesJS version 1.0.0 or higher, refer to the Site-Level Authentication section of the Authentication reference doc for how to associate your auth policy to your site.

When you are ready to proceed, add a new file to your sites-config/ folder called auth.json. This will associate your site with an existing authentication policy in your account. The file should look like this:

{
  "policyName" : "example-yextAuth-policy"
}

The policy name should be identical to the policy name you created in step 1.

What if I want to edit my policy?

Authentication policies are immutable, which means they cannot be changed. If you want to make a change you’ll have to make a new policy and re-deploy. While this may be inconvenient in the case where you have made a typo or want to change a password, the benefit is that all deploys (including previous ones) are secured by the policy connected to the deploy at the time and do not run the risk of a changed policy leaking your private site.

At what Site level does the policy apply?

Security is set per deploy. Therefore as long as your deploy is connected to an authentication policy, it will be entirely protected on the staging, preview, and production URLs.