The use case is as a follow:
endpoint gets a request with a token A
(not a fauna token) backend goes to fauna with their own private fauna key and gets the fauna user token for token A
.
This allows us to have more control over auth, however I do not need the backend to have the ability to query all
fauna user tokens, since it should only get one by ID.
How would the permissions look like for the private fauna key?
Hi @Santiago,
I’m not sure I quite understand the question. Are you saying you want your backend to only be able to query for a specific user token? Because if not and you want it to be able to authenticate any and all users, it’s going to necessarily require the ability to read all tokens because it can’t know ahead of time which token it’s checking.
Or are you asking how you would only query for a single token at a time? Because that would be handled in how you construct your indexes and queries, not so much the permissions per se.
If you have some sample code showing what you’re trying to accomplish that would help shed some light on it.