Security and Permissions¶
Real-Time Database events account for permissions assigned to users and roles. For instance, if a user/role does not have the
Find permission for a data table and the app with the logged in user registers the
Object Created event listener, the app will not receive any of the created objects due to the security restriction.
Security enforcement for the Real-Time Database is available only in the Cloud9, Cloud99 plans in Backendless Cloud and in Managed Backedless and Backendless Pro versions of the product.
The security model (set of roles and permissions) for the Real-Time Database is the same as for the rest of the application. In other words, security configuration is done once and applies to both traditional APIs as well as the Real-Time Database. For more information on Backendless Security see the following sections:
The most important topic of all is: Data Security