Skip to content

Permissions API

Every data object in Backendless has its own access control list (ACL) - a matrix of operations and principals (application's users or roles). An intersection of an operation and a principal contains a permission which determines whether the principal has the right to execute the operation. These permission could be either grant or deny. Backendless console provides an easy to understand way to see and manage these permissions. For example, the screenshot below demonstrates an ACL matrix for an object. Notice the intersection of a column for the Create operation and the AuthenticatedUser role. The cell contains a green checkmark icon representing that the permission is granted:

permission-matrix

In addition to managing the ACL permissions with Backendless Console there is also Permissions API:

Method

PUT

Endpoint URI

The xxxx.backendless.app is a subdomain assigned to your application. For more information see the Client-side Setup section of this documentation.

https://xxxx.backendless.app/api/data/<table-name>/permissions/<permission type>/<object-id>

where:

Argument                Description
<table-name> name of a table containing a data object, for which you want to specify the permission.
<permission type> type of the permission, that is either grant or deny.
<object-id> object ID of the data object for which the permission is updated.

Sample Request Body:

To set permissions for a user

{  
    "permission": "FIND" | "REMOVE" | "UPDATE",  
    "user": userid  
}

To set permissions for all users, use the value of "*"for userid.

To set permissions for a role

{  
    "permission": "FIND" | "REMOVE" | "UPDATE",  
    "role": rolename  
}

To set permissions for all user roles, specify the "*" value for rolename.

Sample Response Body

void or error