Back-end customization
All elements of Strapi's back end, like routes, policies, middlewares, controllers, services, models, requests, responses, and webhooks, can be customized.
All elements of Strapi's back end, like routes, policies, middlewares, controllers, services, models, requests, responses, and webhooks, can be customized.
Controllers bundle actions that handle business logic for each route within Strapi’s MVC pattern. This documentation demonstrates generating controllers, extending core ones with createCoreController, and delegating heavy logic to services.
Learn how to authenticate use custom services and controllers using our FoodAdvisor example
Send email from your server or externals providers.
Middlewares alter the request or response flow at application or API levels. This documentation distinguishes global versus route middlewares and illustrates custom implementations with generation patterns.
Existing plugins can be overriden by placing code in /src/extensions or using global register/bootstrap hooks. Instructions in this documentation cover reshaping plugin content-type schemas or server logic — altough upstream updates may break extensions.
Strapi policies are functions that execute specific logic on each request before it reaches the controller. Policies can be customized according to your needs.
In Strapi 5, REST API input is validated by default in controllers, instead of accepting invalid data and sanitizing it silently.
Strapi routes handle requests to your content and are auto-generated for your content-types. Routes can be customized according to your needs.
Strapi's Server API for plugins allows a Strapi plugin to customize the back end part (i.e. the server) of your application.
Strapi services are a set of reusable functions, useful to simplify controllers logic.