Restricting API Interaction Using DreamFactory Roles
One of the first things I do after generating a new REST API using DreamFactory is lock down access using a role. This is done by first creating a new service access definition within the Roles
tab. For instance, in the following screenshot I'm creating a new role which restricts the role's API access capabilities to solely the service named mysql
. Furthermore, I've only allowed GET
requests to be handled by the API; POST
, PUT
, PATCH
, and DELETE
requests will be ignored.
Written by Jason Gilmore
Related protips
Have a fresh tip? Share with Coderwall community!
Post
Post a tip
Best
#Dreamfactory
Authors
ErikJacobsen
1.788K
Related Tags
#dreamfactory
Sponsored by #native_company# — Learn More
#native_title#
#native_desc#