What it means & why it matters
A headless CMS is a database with an authoring UI and an API. SessDev provisions the workspace, defines the content models your editorial team will use, and wires the build so that publishing in the CMS results in a fresh page on your domain. That is engineering infrastructure.
What it is not: a content team. The CMS does not write your posts, choose your topics, edit your drafts, translate your copy, schedule your campaigns, or distribute your articles to social. Those are editorial functions and they belong to your team or an agency you already have.
SessDev treats CMS setup as a build-time deliverable: the workspace, the schema and the publish pipeline are signed off once, then handed over. Schema evolution after launch is a separate, scoped change — it does not silently expand the engagement.
What SessDev includes
- Vendor workspace provisioning under the client's or partner's account (Sanity, Hygraph or equivalent).
- Content schema definition: post, author, category, tag, media reference, and the fields the editorial team needs to operate on day one.
- Draft-preview routes wired with secret tokens so editors can review unpublished content on the live domain without exposing drafts publicly.
- Publish webhooks → site rebuild / on-demand revalidation, so a published post appears on the live site without a manual deploy.
- Asset upload pipeline bound to the media infrastructure layer (CDN, image transforms, responsive sizes).
- Editor / admin role definition inside the CMS, using the vendor's native permissions; SSO only if the vendor supports it natively.
- Server-only API token bindings: read tokens scoped to the build, never exposed to the browser.
- 1 recorded walkthrough for the editorial team covering create / preview / publish / unpublish.
- 1 end-to-end validation pass: create draft → preview → publish → revalidate → live URL renders correctly.
What is excluded
- Writing posts, articles, landing-page copy or any editorial content.
- Editorial calendar, topic research, brand-voice definition, content audits.
- Per-post SEO optimization, keyword targeting, meta description authoring, internal-linking strategy.
- Translation of posts or any copy into additional languages.
- Bulk migration from WordPress, Drupal, Ghost or other systems. Only a small finite import provided by the client is in scope.
- Stock-image selection, photography direction, illustration commissioning.
- Ongoing training sessions for editorial staff beyond the single handoff walkthrough.
- Comment systems (Disqus, native comments) and comment moderation.
- Newsletter integrations (Mailchimp, Substack, ConvertKit) beyond the standard publish webhook.
- Auto-posting to LinkedIn, X, Facebook or any social-media distribution.
- Vendor-side content backups are the CMS vendor's responsibility; SessDev does not replicate them.
Risks if this is mis-configured
Vendor lock-in
Your schema and content live in the vendor's database. Switching vendors later costs proportionally to your content volume. SessDev recommends vendors with documented export paths, but the structural risk is inherent to the headless-CMS model.
Schema creep
Every new editorial idea wants a new field. Without a governance policy, the schema rots within months, editors slow down, and migrations become risky. Schema additions after launch should be scoped, not improvised.
Preview-token leakage
If preview tokens are committed to the repo, exposed in client bundles, or shared in unsecured channels, drafts become publicly readable. This is how unannounced product launches and embargoed announcements leak.
Stale cache / missing revalidation
If the publish webhook breaks or the revalidation endpoint changes path, editors publish in the CMS but nothing appears on the live site. Editors lose trust in the pipeline within one incident.
API token leakage
CMS API tokens with write scope must never reach the browser. A single client-side token leak gives the world write access to your content.
Vendor bill shock
Free-tier ceilings (API calls, asset bandwidth, document count) are hit silently as traffic grows. Production gets throttled or billed at on-demand rates with no warning. Care plans monitor vendor quotas; without them, the first signal is a 429 in production.
Compliance drift
If you later add comments, contact forms or user-generated content on top of the CMS, you inherit GDPR/PII obligations the original build did not scope. Each addition needs its own legal review — it does not piggyback on the CMS scope.
Use case — Partner
Your agency owns the editorial team and the content strategy. SessDev ships the CMS workspace, the schema and the publish pipeline so your editors can ship from day one without engineering in the loop. Recommended pairing: SessDev Care retainer to absorb schema migrations as your editorial program grows, monitor vendor quotas, and patch revalidation regressions before editors notice.
Apply as a partnerUse case — One-Shot
You receive the CMS workspace and schema as part of the buyout. After handoff you need a writer (in-house or freelance) and a content owner — SessDev does not write your blog. If you do not have either, add a Care plan at quote time so schema changes and vendor-quota issues do not block your editorial team mid-launch.
Request a one-shot quoteRelated scope items
- content_injectionThe CMS is what enables editors to inject content themselves; without it, every copy change is a deploy.
- technical_seoPosts inherit canonical, hreflang and JSON-LD wiring from the technical SEO layer.
- media_infrastructureImages uploaded through the CMS flow through the media pipeline (CDN, transforms, responsive sizes).
- legal_pages_setupLegal pages can be authored through the CMS once the schema is in place, but the legal text itself is still client-supplied.
- multilingual_archThe schema can be multilingual, but translation of the actual content is excluded.
- analytics_integrationAnalytics tells you which posts win traffic; the CMS does not include reporting on its own.
Frequently asked questions
- Does SessDev write posts for the blog?
- No. SessDev provisions the CMS, defines the schema and wires the publish pipeline. Writing, editing and translating posts are owned by the client or the partner agency.
- Which CMS do you set up?
- Sanity or Hygraph by default, or another equivalent headless CMS when the project justifies it. The final choice is confirmed during discovery before implementation begins.
- Who owns the CMS workspace and pays the vendor bill?
- The client (or partner agency) owns the workspace and pays the vendor directly. SessDev does not resell CMS subscriptions or sit between you and the vendor's billing.
- Can you migrate my old WordPress / Ghost / Drupal blog?
- Only a small finite import provided by the client (in the agreed format) is in scope. Bulk migration of legacy posts, redirect maps and image rehosting is excluded and quoted separately if needed.
- Is multilingual content included?
- The schema can be modeled as multilingual, but translation of the actual posts is excluded. The client supplies translated copy per locale, or contracts translation separately.
Legal reference
Read the binding scope clause — item #3, v2.0.0
