SapphireDb logo SapphireDb

General - Authentication/Authorization

SapphireDb has mechanisms to identity users and to control what the user is allowed to do.
Make sure to setup the server before trying to use this options: Server setup


SapphireDb includes auth attributes that can be used to control which user can do what.
Every auth-attribute can be used in three ways.
  1. Without attributes: Authentication required
  2. Policies: A comma separated string of policy-names. All policies have to succeed. Check out Policies for more details
  3. Function name: You can optionally pass the name of a function in the class that has to return a boolean. The function will get executed to check if the user is allowed for the action.
Multiple attributes: You can define multiple Attributes for each model. Only one of the attributes defined condition has to succeed.
Heredity: If you define AuthAttributes for a base class all sub classes will inherit this attributes until custom attributes of the same type are defined in the subclasses.

Model attributes

The model attributes can be used on model classes to control which user can do what. Available model attributes: [QueryAuth], [CreateAuth], [UpdateAuth] and [RemoveAuth].

Action attribute

The [ActionAuth]-attribute can be used on action handler classes or actions to control which user can do what.

Server options

You can also control the permissions for some actions using the server side configuration. Check out this section for more details: Server - Configuration

Authenticate client

You can authenticate the client using any method you like.
After obtaining a token you want to use for authentication pass it to sapphiredb by calling: this.db.setAuthToken(AuthToken)

This website uses Google Analytics. If you want to disable it just unselect the option: