Server roles do not have read access to read or write Keys or Tokens. The CurrentToken function gives you a Ref, but you will need different permissions to be able to read it.
I was under impression that my server might be able to authorise my users and call FaunaDB in order to create a token for user. For now, I had to hack around with admin key, which I donβt really like
Yes. You can provide your UDF with a custom Role, by setting the role field. You can do this in the Dashboard UI by selecting the custom Role from the drop down, or directly in FQL
CreateRole({
name: "RoleToUpdateTokens",
privileges: [
{
resource: Tokens(),
actions: {
read: true
}
}
// plus whatever else that you need
],
membership: []
})
The server role is just one role that is provided out of the box. But you may of course provide keys with other custom roles to your server applications.
I meant, if I could update server role, so that it was semantically correct for me that my server can mess with tokens. Seems not, and using other roles instead is not much of a headache.
I ended up assigning all the functions Admin role, so that they could do whatever they need, and granted my users access to only the functions they should be allowed to touch