Blog

How to Restrict Access to Files Using Backendless Console

by on September 1, 2019

In another post, we described how to obtain a file’s public URL using Backendless Console. Even though anyone can obtain a public URL for a file or directory, it is very easy to change the permissions to restrict file download for anonymous (not authenticated) users.

To restrict access:

  1. Login to Backendless Console, select an app and click the Files icon.
  2. Navigate to the file or directory for which public access should be denied.
  3. Click the lock icon to switch to the Security screen.
  4. Click the Roles Permissions menu.
  5. Click the checkmark icon in the cell at the intersection of the row for NotAuthenticatedUser and the Read column until you get a red X icon as shown in the screenshot below:

Security permission changes have an immediate effect. As soon as the permission is denied, loading the file with its public URL will result in the following JSON message sent back to the browser (or the calling client):

{
  message: "User has no permissions to specified resource",
  code: 4000
}

 

Leave a Reply

Related Articles

Session Manager in Backendless Enterprise Security
The Backendless Cloud Enterprise Plan provides enterprise-level security features at an affordable price. Session Manager lets you dig into user access to your application.
Read More
Panic Mode in Backendless Enterprise Security
The Backendless Cloud Enterprise Plan provides enterprise-level security features at an affordable price. Panic Mode is a key feature that gives you peace of mind in the event that a team member’s login credentials are compromised.
Read More
Audit Log in Backendless Enterprise Security
The Backendless Cloud Enterprise Plan provides enterprise-level security features at an affordable price. Audit Logs provide a complete picture of all of the actions taken by your team members with access to your Backendless application.
Read More