Adobe Experience Manager Sites & More

BrianKasingli · 6/13/24

AEM Multi-tenant Website: Restrict cq:tags for User Groups

by SourcedCode.com (Brian Ka Sing Li)

Overview

Of most common multi-tenant websites, user groups are used to determine what AEM content authors can make changes to. The most popular requirement for a multi-tenant website is the ability to only edit tags for a specific brand. In this case, the way you can achieve this is by permissions. In this blog, we will ensure that all “WKND Members” will be able to create, read, update, and delete nodes under /content/cq:tags/wknd-shared, while these members will not be able to read any other tags listed under /content/cq:tags/*.

Click here to learn more: https://sourcedcode.com/blog/aem/aem-multi-tenant-website-restrict-cqtags-for-user-groups

kautuk_sahni · 8/20/25

@BrianKasingli Thanks, Brian, for sharing this clear and practical walkthrough with the community. Multi-tenant setups in AEM often bring a lot of complexity around permissions, and your step-by-step approach makes the concept much easier to grasp.

One question that comes to mind: in scenarios where a brand later needs to expand and access multiple tag namespaces (e.g., /content/cq:tags/wknd-shared and /content/cq:tags/wknd-events), would you recommend managing this with additional ACE entries per namespace, or is there a more scalable approach (like leveraging nested groups or patterns) to handle growth without overcomplicating permissions? Curious to hear your thoughts

Adobe Experience Manager Sites & More

AEM Multi-tenant Website: Restrict cq:tags for User Groups

AEM Multi-tenant Website: Restrict cq:tags for User Groups

Overview

Learn

Documentation

Events

Community

Support

Resources

Adobe account

Adobe