Access and Authorization

Overview

In order to secure public access to API of your projects and services - code.store platform allows you to restrict access using the request authorization mechanism and using access key
code.store platform provides an ability to restrict access using access keys, which serve to identify each request that is sent to your services. Access keys are generated by default when a service or project is created. Also, you can create new access keys for the purpose of separating access for clients manually.
The access key is the sole mechanism for authenticating access to your project/service endpoint and must be included in each request.

Authorization

To authenticate your request just add a HEADER “x-user-authorization” to each request, where value of this header will be access key, which you can receive using cs service:info CLI command on the private environment or generate a new one using cs project:client:add command.
Below an example of authorization using curl command in your terminal:
curl \
-X POST \
-H "x-user-authorization: DEFINE_YOUR_ACCESS_KEY_HERE" \
--data 'your GraphQL query' \
https://api.code.store/{service_url_hash}/graphql
More information about service environments and project environments can be found in Environments section. Highly recommended reading before studying the material below

Service access

Each service at the beginning is deployed in demo and private environment. But, there are different way to access your service.

Demo environment access

Demo environment is always public and can be accessed by any platform user.

Private environment access

private environment - it's a private space, where developer can personally run and test his code. In order to restrict access to the development process, a developer key key was created.
After service creation, you receive a developer key for your private environment. This key must be used each time when you call your service in a private environment.
If you forget your service developer key - execute cs service:info CLI command, select required service (or just navigate to service directory) and you will find it there.
> cs service:info
version 0.0.1 0.0.1
deployed 11/17/2020, 4:05:27 PM 11/17/2020, 4:14:58 PM
developer key cff7f0fb-8856-48e7-817b-0d83c696b247
url https://api.code.store/{SERVICE_HASH}/graphql https://api.code.store/{SERVICE_HASH}/graphql

Project services access

Developer key

By default, when you create a new project - you receive a project developer key. Using this key you can access any service deployed into your project on any environment. If you forget your project developer key - execute cs project:info CLI command, select required project and you will find it there.
> cs project:info
Project ID: YOUR_PROJECT_ID
Status: ACTIVE
Services: 1
Developer Key: YOUR_PROJECT_KEY

Clients

There are cases when it is necessary to provide to the whole project or included in the project services to the client or third party person. code.store platform provides and CLI interface, which allows to manage client's access keys.
Using cs project:client CLI command you can add, list or remove client's access keys for your project and project services.
Clients access keys has a restriction: using this key client can access only production environment. staging and development environments is available only using developer key.
In the future, the code.store platform will provide the ability to bill your customers for using the API of your services.

Create a new client access key

To create a new client access key just execute cs project:client:add command, select the required project from the list and specify client's email
> cs project:client:add
Key: YOUR_CLIENT_KEY

List client's access keys

To list client access keys execute cs project:client:list command, select project form the list below and enjoy your client's list:
> cs project:client:list
Client ID Key Email
1 YOUR_CLIENT_KEY [email protected]

Revoke client access

To revoke client access you should remove client access key using cs project:client:remove command with CLIENT_ID flag.
> cs project:client:remove --CLIENT_ID 1
Client access key successfully removed!
To receive client's ID execute cs project:client:list command