Hey there!
I’ve just found Squidex while looking for a headless CMS to power my website, and I’m really liking it so far! One important thing to me is to be able to preview how posts will look on my website, and I’m glad to see that this has been integrated already.
I did have an idea for making authentication easier to implement for this specific case. I could be mis-understanding something, so let me know if this is irrelevant!
As far as I understand, in order for the website to view the unpublished content, it still must authenticate, which means my user must login to my website frontend before the preview URL could work.
That isn’t that big of a deal for me to implement, but since my website has absolutely no need to have users log in, other than for previewing, it would be nice if there was a way to include a preview token that could be used to access unpublished data without requiring a login.
This would help simplify my frontend because I wouldn’t need to implement an OIDC workflow, and I wouldn’t need to ask my user to login to my website, when they’ve already logged into Squidex.
This preview token could be short lived, or one-time use maybe, and it could be generated every time the user opens the edit page. When my website frontend needs to render a preview page, then, it can use the preview token that could be delivered in the query string, to make the API request and get the data without needing any other authentication workflow.