Access and Authorization
Overview
In order to secure public access to API of your projects and services - code.store platform allows you to restrict access using the request authorization mechanism and using access key
code.store platform provides an ability to restrict access using access keys, which serve to identify each request that is sent to your services. Access keys are generated by default when a service or project is created. Also, you can create new access keys for the purpose of separating access for clients manually.
Authorization
To authenticate your request just add a HEADER “x-user-authorization” to each request, where value of this header will be access key, which you can receive using cs service:info CLI command on the private environment or generate a new one using cs project:client:add command.
Below an example of authorization using curl command in your terminal:
curl \
-X POST \
-H "x-user-authorization: DEFINE_YOUR_ACCESS_KEY_HERE" \
--data 'your GraphQL query' \
https://api.code.store/{service_url_hash}/graphqlService access
Each service at the beginning is deployed in demo and private environment. But, there are different way to access your service.
Demo environment access
Demo environment is always public and can be accessed by any platform user.
Private environment access
private environment - it's a private space, where developer can personally run and test his code. In order to restrict access to the development process, a developer key key was created.
After service creation, you receive a developer key for your private environment. This key must be used each time when you call your service in a private environment.
If you forget your service developer key - execute cs service:info CLI command, select required service (or just navigate to service directory) and you will find it there.
> cs service:info
version 0.0.1 0.0.1
deployed 11/17/2020, 4:05:27 PM 11/17/2020, 4:14:58 PM
developer key cff7f0fb-8856-48e7-817b-0d83c696b247
url https://api.code.store/{SERVICE_HASH}/graphql https://api.code.store/{SERVICE_HASH}/graphql Project services access
Developer key
By default, when you create a new project - you receive a project developer key. Using this key you can access any service deployed into your project on any environment. If you forget your project developer key - execute cs project:info CLI command, select required project and you will find it there.
> cs project:info
Project ID: YOUR_PROJECT_ID
Status: ACTIVE
Services: 1
Developer Key: YOUR_PROJECT_KEY
Author: [email protected]Clients
There are cases when it is necessary to provide to the whole project or included in the project services to the client or third party person. code.store platform provides and CLI interface, which allows to manage client's access keys.
Using cs project:client CLI command you can add, list or remove client's access keys for your project and project services.
Clients access keys has a restriction: using this key client can access only production environment. staging and development environments is available only using developer key.
Create a new client access key
To create a new client access key just execute cs project:client:add command, select the required project from the list and specify client's email
> cs project:client:add
Email: [email protected]
Key: YOUR_CLIENT_KEYList client's access keys
To list client access keys execute cs project:client:list command, select project form the list below and enjoy your client's list:
> cs project:client:list
Client ID Key Email
1 YOUR_CLIENT_KEY [email protected]Revoke client access
To revoke client access you should remove client access key using cs project:client:remove command with CLIENT_ID flag.
> cs project:client:remove --CLIENT_ID 1
Client access key successfully removed!Last updated
Was this helpful?