Securing your data
Datastore provides two main features in order to provide controls over who can read, update or delete your data services data. They are access control lists and JSON web tokens.
- Access Control Lists
An Access Control List (ACL) is a Blueprint configurable statement the Data Service owner can use to restrict access to each of the data services HTTP endpoints. This effectively provides the power to control who can do what to your data.
- JSON Web Tokens
JSON Web Tokens (JWT) are used to provide trusted user information to the Data Service. These trusted values can be used within ACL statements to satisfy different use cases. For example only an admin can delete documents or a document can only be edited by its creator.