Expand my Community achievements bar.

Get ready! An upgraded Experience League Community experience is coming in January.
Learn more

Hide taxonomy for Admin users

Avatar

Level 2
Level 2
12/26/25 11:23:45 AM

I am trying to hide a taxonomy path (for example, /content/dam/test and /content/site/test_page) from all users, including administrators. I was able to successfully hide it for all non-admin users by configuring ACLs in repo-init scripts. However, admins are still able to see the taxonomy path. How can I prevent admins from seeing it as well?

Views

350

Replies

4
Sign in to like this content

Total Likes

Translate
Translate
4 Replies

Avatar

Community Advisor
Community Advisor
12/26/25 12:32:46 PM

Hi @agyawa,

This might not be possible. Or in other words, what you can see could be expected result. Please check official documentation about built in users/groups.

Even if you set a 'deny-everyone' on a node, the administrators can still access the node

Link to documentation: https://experienceleague.adobe.com/en/docs/experience-manager-65/content/security/security#built-in-...

Views

336

Replies

2
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
12/26/25 12:45:38 PM
In response to lukasz-m

Hi @lukasz-m . Thanks for confirming. 
Will it be possible to make use of granite:rendercondition in the page path, to make it invisible from UI. 
I know it can be used to hide buttons, toolbar actions. 

Views

330

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
12/26/25 1:30:23 PM
In response to agyawa

Hi @agyawa,

I do not think using granite:rendercondition is the way to go. Main reason is that granite:rendercondition is designed to conditionally hide GUI elements, not necessarily content paths. It also might not be possible to use it against content paths.

I am not sure what exactly is your case, but in my opinion the cleanest solution will be to create custom group (custom-administrators) that will be similar to administrators group, except the paths you would like to restrict. And use it instead of OOTB administrators. This will give you full control on permission level.

Views

320

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
12/30/25 6:49:56 AM

Hi @agyawa ,

You can't hide content from the built-in administrators group in AEM - they have unrestricted access by design.

  1. Don't use admin accounts for day-to-day work - Create custom user groups with limited permissions instead of giving people admin access
  2. Remove users from administrators group - Only keep true system admins in that group, create separate groups like "content-admins" or "dam-managers" with specific ACLs
  3. Use a service account pattern - If you need programmatic access, use service users with specific permissions rather than admin credentials

The administrators group has implicit full access to the repository - ACL restrictions don't apply to them. This is by design for system maintenance and disaster recovery.

Re-evaluate who actually needs admin access. Most users (even power users) should have custom permission groups with deny ACLs applied, not full admin rights.

 

 
Hrishikesh Kagane

Views

153

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Auto unlock page when user closes the page

Views

42

Likes

0

Replies

1
Dispatcher Redirect rules for landing the safe page.

Views

346

Likes

0

Replies

3
Permission for Pages and Components

Views

290

Likes

0

Replies

2
Numerical Selector for Json request is getting 404 Error from Dispatcher Filters

Views

559

Like

1

Replies

4
How to create permissions for groups that do not yet exist in AEM?

Views

339

Like

1

Replies

2