It seems like it’s impossible to grant access to the current token modification. I want to be able to let my users refresh their token and mark the old one as the used one. Is there a common path on this road? Is creating a separate “token” collection for this purpose is the only way?
This looks related to your earlier question: Server role has insufficient privileges
You can provide permission to Tokens and Keys in a custom Role.
CreateRole({
name: "RoleToUpdateTokens",
privileges: [
{
resource: Tokens(),
actions: {
read: true,
write: true,
create: true,
delete: true,
history_read: true,
history_write: true
}
}
],
membership: []
})
Thank you!
But I don’t want user to be able to mess up with tokens directly. I want him to be able to only call UDF that does exactly what I want. Otherwise, user may manually make his token live forever or delete all the tokens etc.
This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.