This is an overview of how permissions will work. These are currently in development.
How it works
Users share tokens with apps that they trust. These tokens include the scope of data that the apps have access to. Users can revoke access to these tokens at any time.Flow
- Application initiates login / auth flow, which redirects users to a Basic SSO page
- User can select how much access they want to give
- The scope is defined into a self-verifiable token (JWT) that is sent to the application
The token is cryptographically signed and is verifiable (i.e., it cannot be forged, and developers can independently verify that it came from the respective users)
- The application then uses this token to make requests to the user’s datastore.
The application simply includes the token as an auth header in its API requests
Scope
Usually, an application will specify what it wants to request. At minimum, this is set toprofile
to return general profile info.
Scope can be extended to include access to the database, which is organized in the following hierarchy: database > table > row > field
.
For example, an application might request the following scope:
profile
database_id.table_id
= readdatabase_id.table_id.row_id
= read, write