Blog
How to Build a Game Skill for Amazon Alexa Using Codeless
In a previous article (Developing a Custom Skill for an Alexa Game), we showed you how to build a custom Alexa skill using Backendless and our Amazon Alexa Skill SDK. Now, we are going to show how to make the same game using our Codeless feature - in other words - without any coding! You…

How to secure access to a data table for a security role

In another post, we described how to restrict access to all data for “guest” users. The Backendless security model lets you control access to data tables, or more generally “asset containers”, at the role and operation levels. That means an application developer can set up security restrictions for API operations on a specific data table…

How to define user roles – an essential block to securing your app data

In a Backendless backend, you can restrict access to API operations and/or application data. A restriction may apply either to specific users or to roles. When a restriction applies to a role, it automatically applies to the users in that role. For example, suppose you have two roles in a job-searching application – employer and…

How to block access to all data for guest users

Your application can use the Backendless API to access data, run searches, and store, update and delete objects in the database. When users authenticate themselves with the backend, all subsequent API calls are executed on the behalf of the logged-in user. However, if an API call is made without an authenticated user in the session,…

How to assign roles to users using Backendless Console

In another post, we wrote about how to create developer-defined security roles and how to secure data table access for a security role. Ultimately when a client application makes API requests, the security evolves around users, since it is a user who authenticates themselves against the system. A user may have roles assigned to him…

How to lockout a user account upon unsuccessful logins

It has happened to a lot of people, especially with the online banking applications – you try logging in a couple of times and get your password wrong. Then the screen changes saying the account is locked out and you need to try again in XX minutes. This kind of security functionality is easy to…

How to load data objects belonging to the logged-in user (Owner Policy)

A user on StackOverflow asked how to load only the data that belongs to the currently logged-in user. This is indeed an interesting and very common use-case. Backendless handles it beautifully and this feature certainly deserves a place among our Recipes. What you need to know before we get to the coding sample part is:…

How to restrict access to files using Backendless Console

In another post, we described how to obtain a file’s public URL using Backendless Console. Even though anyone can obtain a public URL for a file or directory, it is very easy to change the permissions to restrict file download for anonymous (not authenticated) users. To restrict access: Login to Backendless Console, select an app…

How to manage a data object’s access control list (ACL) in Backendless Console

Every data object saved in Backendless has its own access control list (ACL). An object’s ACL includes permissions for users and roles for all data service operations. Using ACL, an application may be configured to allow users (and/or roles they belong to) to execute Data Service API calls. For example, in a shopping app, you…

How to manage a data object’s ACL using API

In another post, we described how to adjust an object’s access control list (ACL) using Backendless Console. As we mentioned, in addition to Backendless Console, the object’s permissions can be controlled using API. In fact, for any persistent object, Backendless supports the following capabilities: Granting/rejecting permission to execute a find/save/update/delete operation on an object based…