Administrators manage SlashDB users by accessing the User Definitions screen from the main menu Configure > Users.
Typically APIs require some level of authentication and authorization. SlashDB comes with a robust security mechanism, which allows to create individual accounts with varying level of access. It supports authentication with a username and password or with an API key.
Let's watch how an admin creates a new user account for john.tutorial:
At first, the newly created account does not have access to any data. Later the admin adds a mapping between SlashDB account john.tutorial and an actual database login. From then on, john.tutorial's requests will run against the database using database login "chinook", under the permissions as configured for that user in the database server.
User Definitions list
The User Definitions page provides a list all of users/accounts already setup in SlashDB.
The list is accessible from the main Menu Configure > Users or direct URL
/userdef. It is available only admin and users with Administrative privilege to view list of Users.
It can be searched using search field above the list or sorted by clicking on headers of the columns.
On the list you can find button to edit user details, User ID, Full Name and link to JSON representation.
admin - this is an account with administrative privileges and access to all system features. However, it does not have automatic authorization to data, which has to be configured with a database mapping.
public - acts like a regular account, but does not require any authentication. Just like a regular account it has to be configured with the mapping to access data.
Adding a new user
Click the button (visible to admin and users with Administrative Privilege to create new users). The modal of empty User Confguration will appear.
Hover your mouse cursor over the icon to learn more about the field's purpose and configuration tips.
Fill out the User ID field to give the account a unique name, also it's worth to set Full Name, E-mail for better describing the account.
Authentication & Authorization
Set Password for the account to be used in GUI and Basic Authentication.
The API Key identifies the user, so it has to be unique. The Random button generates a random sequence of characters for the API Key but it also can be set manually. The API key is a preferred way to authenticate into SlashDB programmatically. If API key is not set then this method of authentication is disabled for that user.
View is a list of users that should be allowed to see details of this user configuration and Edit is list of users allowed to modify it.
To give a user permissions to a databases, click the button to configure Database Mappings. Select a Database ID from the drop-down list, then enter login and password for that database. These are actual database server credentials under which this SlashDB user will be operating. If a database doesn't require or does not support logins (such as SQLite databases), add the mapping but leave the db user and db password fields blank.
To find out more on security in SlashDB see this section.
This section determines if user is available to view configuration lists of Database Definitions, User Definitions, Query Definitions or if he's allowed to add new databases, users or queries.
For regular users and applications leave those unchecked. For power users and secondary admins select the appropriate permissions.
User Configuration of account admin does not show this part because admin has unlimited access.