Message:

User/Role-based Security

Restricting access to content for specific users and application roles

Securing access to static and dynamic content residing in Backendless Hosting is one of the strongest features of the product. The hosting system is tightly integrated with the identity management function from the Backendless mBaaS product. You can establish a powerful and secure system of guarding access to your files either using the management console or the APIs.

Browse all features or select one to view

Browse all features or select one to view

Users, Roles and Files

A Backendless backend manages application’s users and may group them into roles which share some common security permissions. Application users and roles can also be referred to as ‘principals’. Files stored in the Backendless Hosting storage can be viewed as “subjects” on which application may perform various operations such as upload, download, deletion or execution (if the file is a Node.js script). A combination of a principal, subject and operation results in a triplet which is the core element of our security system. A triplet may be either granted or denied the permission to execute referenced operation on the subject by the principal.

Secure Static and Dynamic Content

Backendless console provides a uniform interface for security static and dynamic content. Restrictions for users and roles apply to operations specific to files: read (download), write (upload) and delete. The same operations have a slightly different meaning with the dynamic content driven by custom node.js code. The read operation is mapped to the GET requests, while write represents the POST requests.

Visual Permission Management

Backendless console makes it very easy to grant or reject permissions for users and roles to execute specific operations. Permissions can be assigned to individual files or directories. Changing a permission from “grant” to “reject” to “inherit” is as simple as mouse click. The entirely visual approach to security management could not get easier, yet it provides a superior level of security and data protection.

Permissions API

In addition to the visual permission management, Backendless provides a special API for assigning file/directory permissions to users and roles. The API is restricted to server-side only and can be used from custom server code deployed in Backendless. Using the API applications can grant and reject access to files and directories for users and application roles.