Querydeck Docs
  • 👋Welcome to Query Deck
  • Getting Started
    • 😃Get Started With QueryDeck
      • Quickstart With QueryDeck
    • How It Works?
  • REST
    • Select Method
      • Joins
      • Sorting
        • Ascending/ Descending ordering
        • Dynamic Sorting
      • Filter
        • Dynamic Filtering
        • Groups
        • Exists clause
      • Pagination
        • Offset
        • Limit
    • Insert/Upsert Method
      • Nested Inserts (Joins)
      • Conflicting Columns
    • Update Method
      • Filters
    • Delete Method
    • Authentication
    • Authorization
    • Select by Id
  • GraphQL
    • Introduction to GraphQL in QueryDeck
    • Enabling GraphQL for Columns in QueryDeck
  • Testing Endpoints
Powered by GitBook
On this page
  • Overview
  • Setting up Authorization
  • Testing Authorization
  • Getting the JWT
  1. REST

Authorization

PreviousAuthenticationNextSelect by Id

Last updated 3 months ago

Overview

Authorization in QueryDeck governs access control by defining roles and permissions for database actions. It ensures that users can only perform actions they are allowed to, based on their assigned roles.

Setting up Authorization

First set up a demo app (or with any databse of your choice), then change the menthod to select.

Now click on the security icon (shown below) present on the left toolbar

(note: make sure you already have existing authentication)

Now we get this page, which allows us to set up CORS, Authentication and Authorization

Click on the Roles & Authorization tab on the top right task bar

Now click on the button to create a role

Now we get this pop up form

Enter Role name as desired, this is like a nickname to refer to your role

Role value is the variable you chose to assign to it, this will be used in jwt to access your role

Select desired role type from the dropdown (admin/custom). Admin grants complete access, whereas in custom you can choose how much access to give the user.

Now click on the "add" button, to add the role

The role for authentication has been set up successfully

Testing Authorization

Getting the JWT

Scroll down to the debugger

Now in the "Header" section in the decoded column, change the algorithm (alg) according to ur Authentication settings in the security tab (In this case, the default value matches our algorithm, so we leave it as is)

Next change the payload, delete the "sub" and "name" parameters, leave the "iat" as is, this is the valid time period parameter

Now add your user session key(email) and role session key(role_id) as additional parameters, and set their value to the desired value (here user email) and the role id set in authorization respectively

Next we change the secret key in the verify signature.

(on click reveals password)

now copy the JWT string

Also goto the api you want to test on and enable authentication on the left hand side pane

Then copy the endpoint URL from the section on the right

Now open postman and past the url and change the method to GET

Click on the Headers tab

Add a key for authorization and paste the jwt from jwt.io

Now click on the send button to place the request

As you can see, we have obtained teh required response

If we change the jwt in the header to some other value, we recieve an error response

We have successfully created and tested Authentication and Authorization

Note:

  • session columns won't show up until we enable auth

  • if session columns are selected then auth can't be disabled

Goto

https://jwt.io/