Skip to content

Permissions API

Every data object in Backendless has its own access control list (ACL) - a matrix of operations and principals (application's users or roles). An intersection of an operation and a principal contains a permission which determines whether the principal has the right to execute the operation. These permission could be either grant or deny. Backendless console provides an easy to understand way to see and manage these permissions. For example, the screenshot below demonstrates an ACL matrix for an object. Notice the intersection of a column for the Create operation and the AuthenticatedUser role. The cell contains a green checkmark icon representing that the permission is granted:

permission-matrix

In addition to managing the ACL permissions with Backendless Console there is also Permissions API:

Method

PUT

URI

/<application-id>/<REST-api-key>/data/<table-name>/permissions/<permission type>/<object-id>

where:

Argument                Description
<application-id> the ID of your application generated upon its creation. You can obtain the value in the Manage > App Settings section of the Backendless Console.
<REST-api-key> REST API key of your application. You can obtain the value in the Manage > App Settings section of the Backendless Console.
<table-name> name of a table containing a data object, for which you want to specify the permission.
<permission type> type of the permission, that is either grant or deny.
<object-id> object ID of the data object for which the permission is updated.

Sample Request Body:

To set permissions for a user

{  
    "permission": "FIND" | "REMOVE" | "UPDATE",  
    "user": userid  
}

To set permissions for all users, use the value of "*"for userid.

To set permissions for a role

{  
    "permission": "FIND" | "REMOVE" | "UPDATE",  
    "role": rolename  
}

To set permissions for all user roles, specify the "*" value for rolename.

Sample Response Body

void or error