Querydeck Docs
  • 👋Welcome to Query Deck
  • Getting Started
    • 😃Get Started With QueryDeck
      • Quickstart With QueryDeck
    • How It Works?
  • REST
    • Select Method
      • Joins
      • Sorting
        • Ascending/ Descending ordering
        • Dynamic Sorting
      • Filter
        • Dynamic Filtering
        • Groups
        • Exists clause
      • Pagination
        • Offset
        • Limit
    • Insert/Upsert Method
      • Nested Inserts (Joins)
      • Conflicting Columns
    • Update Method
      • Filters
    • Delete Method
    • Authentication
    • Authorization
    • Select by Id
  • GraphQL
    • Introduction to GraphQL in QueryDeck
    • Enabling GraphQL for Columns in QueryDeck
  • Testing Endpoints
Powered by GitBook
On this page
  • Overview
  • Setting up Authentication
  • Authentication Tab Fields
  1. REST

Authentication

PreviousDelete MethodNextAuthorization

Last updated 4 months ago

Overview

Authentication in QueryDeck ensures secure access to your API by using JWT (JSON Web Token) authentication. This system verifies user identity and enforces permissions based on user roles and session information.

Setting up Authentication

First set up a demo app (or with any databse of your choice), then change the menthod to select.

Now click on the security icon (shown below) present on the left toolbar

Now we get this page, which allows us to set up CORS, Authentication and Authorization

Click on the Authenticaiton tab on the top right task bar

Now click on the button to set up Authentication

Now we get a pop up (as shown below)

Authentication Tab Fields

  1. Algorithm (Dropdown) This field specifies the cryptographic algorithm used for signing and verifying JWTs.

Example Use Cases: Use HS256 for shared secret keys. Use RS256 for private/public key pairs for added security.

2. JWT Secret Key (Text)

The key used to sign and verify JWTs.

  • For HS256: Provide a shared secret string.

Where to Get the Key:

  • HS256 Secret Key: Generate a secure random string. You can use tools like OpenSSL or online generators or use your own desired key

Example:

openssl rand -base64 32

3. User Session Key (Text)

This key specifies the JWT claim used to identify the user session, this should be set to describe the chosen user session column and field.

  • Purpose: Maps the claim in the JWT to a user session.

  • Example Value:

  1. Role Session Key(text)

This will be the input field in the jwt, where you will assign the value to validate authorization. Choose an appropriate text value.

Save your chosen options

Now our auth is set up and ready to use after Authorization