Step 2: Deploy your Site
This assumes that you have already created and designed your site as desired.
Apply your authentication policy to your Sites repository. To do so, add an
auth.json
file to thesites-config
folder, and enter the policy name from your CaC resource. The file should look like this:{ "policyName" : "my-example-policy" }
Push commit to deploy!
What if I want to edit my policy?
Authentication policies are immutable, which means they cannot be changed. If you want to make a change you’ll have to make a new policy and re-deploy. While this may be inconvenient in the case where you have made a typo or want to change a password, the benefit is that all deploys (including previous ones) are secured by the policy connected to the deploy at the time and do not run the risk of a changed policy leaking your private site.
At what Site level does the policy apply?
Security is set per deploy. Therefore as long as your deploy is connected to an authentication policy, it will be entirely protected on the staging, preview, and production URLs.