Fork me on GitHub

Does the HTTP api offer basic access control such as readonly/write based on the authenticated username?


Hi @UGC0NEP4Y - no, there is no authz/authn built-in to XT. You could potentially use some proxying HTTP API gateway product/service to do something like this though, or perhaps rely on the semantics of the underlying storage to control who can write (e.g. JDBC users, Kafka ACLs). Outside of the core team's work though, JUXT does have some concrete solutions in both authz + authn areas, that builds on top of XT, for instance although site doesn't attempt expose the full power of the XT API, so possibly isn't what you are looking for.