Blog
How to Build a Game Skill for Amazon Alexa Using Codeless
In a previous article (Developing a Custom Skill for an Alexa Game), we showed you how to build a custom Alexa skill using Backendless and our Amazon Alexa Skill SDK. Now, we are going to show how to make the same game using our Codeless feature - in other words - without any coding! You…

How to Allow API Calls to Data Service from Cloud Code Only

Today we’re going to take another look at security configurations in Backendless. In this article, we will talk about how to restrict direct access to your data via API and only expose your custom API endpoints.

Improving the Security of Your File Storage

One of the final steps before you release an app is to setup proper security. Specifically, the security of your File Storage is perhaps the most important since it may contain your business logic code (Cloud Code), your public website data, your logs, and any other assets that you probably do not want anyone from…

How to Hide Select Object Properties Based on User Role

It is common for developers to build apps where users will have varying access to data and features within the app based on the user’s role. Being able to limit user access is important to data security, user management, and often, the financial success of the application. This is because user access is commonly tied…

Building Simple License Manager API Services

One of the most powerful features that Backendless has available is the capability for you to implement your own License Manager for creating and checking licenses for your product/customers. In this article, we will touch on some Backendless services such as data management and Business Logic (Cloud Code) and we will use one of the Backendless Client SDKs. Setup Backendless Login to your Backendless…

How to manage a data object’s ACL using API

In another post, we described how to adjust an object’s access control list (ACL) using Backendless Console. As we mentioned, in addition to Backendless Console, the object’s permissions can be controlled using API. In fact, for any persistent object, Backendless supports the following capabilities: Granting/rejecting permission to execute a find/save/update/delete operation on an object based…

How to manage a data object’s access control list (ACL) in Backendless Console

Every data object saved in Backendless has its own access control list (ACL). An object’s ACL includes permissions for users and roles for all data service operations. Using ACL, an application may be configured to allow users (and/or roles they belong to) to execute Data Service API calls. For example, in a shopping app, you…

How to customize session timeouts

Once a user of a Backendless-powered app logs in, a session is established. For a variety of reasons, including application security, it is best not to allow users to remain logged in indefinitely. Therefore, every session has an inactivity timeout timer that is reset with every new API call made within the session. When the…

How to restrict access to files using Backendless Console

In another post, we described how to obtain a file’s public URL using Backendless Console. Even though anyone can obtain a public URL for a file or directory, it is very easy to change the permissions to restrict file download for anonymous (not authenticated) users. To restrict access: Login to Backendless Console, select an app…

How to load data objects belonging to the logged-in user (Owner Policy)

A user on StackOverflow asked how to load only the data that belongs to the currently logged-in user. This is indeed an interesting and very common use-case. Backendless handles it beautifully and this feature certainly deserves a place among our Recipes. What you need to know before we get to the coding sample part is:…