Product Status, Privacy & Visibility
Every Mimeeq product has three independent controls that determine who can see and access it: Status, Privacy, and Visible in Menu. Understanding how these interact is essential when embedding products, building product lists, or working with modular configurators.
The Three Controls
Status: Active / Inactive
Status is a global on/off switch. An Inactive product is completely hidden from all end users — it won't appear in product lists, won't load in embeds, and won't be accessible through the API. Only admin panel users can see inactive products.
Use Inactive status to:
- Temporarily remove a product without deleting it
- Stage a product before launch
- Phase out a discontinued product while preserving its configuration data
- Keep seasonal products in the system between seasons
Privacy: Public / Private / Restricted
Privacy controls who can access an active product.
Public — Everyone can see and configure the product, including unauthenticated visitors, Tier 2 (partner) users, and Tier 1 (admin) users. This is the default for standard product catalogs.
Private — Only Tier 1 (admin) users can see the product. It's completely hidden from Tier 2 users and public visitors, even if they have the direct embed short code. Use this for products in development, internal-only configurations, or special one-off orders.
Restricted — Visible to Tier 1 users and to Tier 2 users whose company belongs to an authorized Company Group. Everyone else sees nothing. See Restricted Access below.
Visible in Menu
The Visible in Menu toggle (showInProductMenu in the API) controls whether the product appears in product list embeds. It does not affect direct embed access — a product with Visible in Menu turned off can still be loaded by its short code.
This distinction matters most for modular products, where component variants need to be accessible to the configurator but shouldn't appear as standalone products in your catalog.
How the Controls Interact
The three controls are evaluated in order: Status → Privacy → Visible in Menu.
| Status | Privacy | Visible in Menu | Direct embed | Product list | Who can access |
|---|---|---|---|---|---|
| Active | Public | On | ✅ Loads | ✅ Shown | Everyone |
| Active | Public | Off | ✅ Loads | ❌ Hidden | Everyone (via direct embed only) |
| Active | Private | On | ✅ Loads | ✅ Shown | Tier 1 only |
| Active | Private | Off | ✅ Loads | ❌ Hidden | Tier 1 only |
| Active | Restricted | On | ✅ Loads | ✅ Shown | Tier 1 + authorized Tier 2 |
| Active | Restricted | Off | ✅ Loads | ❌ Hidden | Tier 1 + authorized Tier 2 |
| Inactive | Any | Any | ❌ Won't load | ❌ Hidden | Admin panel only |
"Won't load" means the embed will not render a configurator. The mmq-embed element will be present in the DOM but will show nothing. No error event is fired — the product simply doesn't appear.
Effect on Embeds
When you embed a product directly using its short code, Status and Privacy determine whether it renders:
<!-- This will only render if the product is Active + accessible to the current user -->
<mmq-embed short-code="PRODUCT_CODE" template="your_template"></mmq-embed>
If the product is Inactive, Private (and the visitor isn't Tier 1), or Restricted (and the visitor isn't in an authorized group), the embed renders nothing. There's no visual error — the space where the configurator would appear is simply empty.
For product list embeds, the Visible in Menu flag adds an additional filter. Products that are Active and accessible but have Visible in Menu turned off won't appear in the list, even though they could be loaded directly.
Modular Products and Visible in Menu
Modular configurators present a unique requirement. A modular scene contains multiple component products that users can add from the component list inside the configurator. These components must be:
- Active — so the configurator can load their data
- Public (or Restricted with appropriate access) — so the user can access them
But they typically should not appear as standalone configurators in your product catalog. A chair leg or desk drawer makes no sense as its own product listing.
The solution: set component variants to Active + Public but turn off Visible in Menu. They'll be accessible within the modular configurator but won't clutter your product lists.
This pattern applies to any product that should be embeddable but not browseable — for example, products only accessible through specific landing pages, or configurations meant for guided selling flows rather than self-service browsing.
Restricted Access
Restricted privacy uses Company Groups to control which Tier 2 users can see a product.
How It Works
- Create a Company Group — In the admin panel, go to Settings → Data → Company Groups and create a group (e.g., "Premium Dealers", "European Partners")
- Add companies to the group — Assign Tier 2 company accounts to the group
- Set product privacy to Restricted — On the product, set Privacy to "Restricted" and select the authorized Company Groups
A Tier 2 user logged in under a company that belongs to an authorized group will see the product. A Tier 2 user from a company not in any authorized group will see nothing — no error, no indication the product exists.
Access Rules
- Companies can belong to multiple groups — permissions combine as a union. If a product is restricted to Group A and a company is in Group A and Group B, they can access it.
- Tier 1 users always have access to restricted products, regardless of group membership.
- Unauthenticated visitors never see restricted products.
- The same Company Groups mechanism also controls access to other features like Export 3D, which can independently be set to Public, Private, or Restricted per group.
Auth Integration
For restricted products to work on your website, you need the authentication embed set up so Tier 2 users can log in. Without authentication, restricted products behave like private products — invisible to everyone except Tier 1 admin users.
<!-- Auth component in page head -->
<mmq-auth short-code="YOUR_AUTH_CODE" locale="en"></mmq-auth>
<!-- Product embed — restricted products only render after the user logs in -->
<mmq-embed short-code="RESTRICTED_PRODUCT" template="your_template"></mmq-embed>
<script src="https://cdn.mimeeq.com/read_models/embed/app-embed.js" async></script>
You can detect auth state changes to update your UI accordingly:
document.addEventListener('mimeeq-login-success', () => {
// User logged in — restricted products will now render
// Optionally refresh product lists or show previously hidden embeds
});
document.addEventListener('mimeeq-logout', () => {
// User logged out — restricted products will disappear
});
Component Products
Products with mode: 'COMPONENT' cannot be loaded through embeds and cannot function as standalone products.
However, they can be used inside:
- Hybrid modular products
- Full modular scenes
They exist only as structural parts of other products.
This is distinct from standard (VARIANT) products. Standard products can:
- Be embedded standalone
- Appear in product lists
- Be used inside hybrid products
- Be used inside full modular scenes
The only difference between Standard and Component products is autonomy:
- Standard = standalone capable
- Component = structurally dependent
Shared Products
When a product is shared between Mimeeq accounts, the source product's Status and Privacy directly affect all downstream partners. If the source owner sets a product to Inactive or Private, the entire sharing chain breaks — the product won't load for any partner, regardless of what the partner has configured locally.
This is evaluated at runtime on every request, so changes propagate immediately. There's no cache to wait for — the moment an owner deactivates a product, all partner embeds using that product stop rendering.
The validation checks every link in the sharing chain. A product shared A → B → C requires:
- Product A must be Active and not Private
- Product B must be Active and not Private
- Product C inherits from the chain — if any upstream link fails, the product is disabled
For integrators, a shared product that suddenly stops loading is most likely caused by an upstream status or privacy change. The embed behavior is identical to a local inactive product — no error, no event, just an empty embed.
For the full sharing architecture and chain validation details, see Product Sharing.
Next Steps
- Product Sharing — How shared products resolve across accounts
- Embed Templates — How templates control embed behavior
- Authentication — Setting up user login for restricted access
- Embed Types — Different embed types and their product list behavior
- Modular Products — Working with modular configurators
For the admin setup walkthrough on restricted access, see How to Create Restricted Access to Configurators on the help site.