Is it possible to use security roles with server-to-server authentication in CloudKit? I would like only my server code to be able to create records in the public database.
Asked
Active
Viewed 196 times
1 Answers
0
You can use the system role 'Authenticated' and set its permission to "write/read" on the record type you want to lock down. Your server to server key will still be able to create records of this type.
Max Gunther
- 296
- 2
- 5
-
Interesting. I can't test this right now since S2S auth seems to be broken for me ATM, but why does Authenticated need write permissions for an S2S key to be able to *create* records? I don't actually want regular users to be able to write to these records. – phu Feb 13 '16 at 17:10
-
1Or were you just saying that S2S keys will be able to create records no matter the permissions? Either way, in my testing I can't get CloudKit to accept my "create record" request unless I give `create` permissions to `Authenticated`. – phu Feb 14 '16 at 06:08