CANONIC Documentation
Login to Canonic
Getting Started
Concepts
Projects
Frontend Builder
Datasources
Workflows
Profile
Self Hosted
Recipes
Frontend Builder
Linking to other tablesCreating an array of fieldsetsInviting CollaboratorsRead-only access tokensAdding defaults to fieldsUsing GraphQL to fetch your dataMigrating fieldsAdvanced CMS SearchTesting a Node Iterating Through DataUsing Canonic Datasource Tables in Workflow NodesUsing External Libraries in Code EditorFetching and Filtering Data in SQLInserting and Updating Data in SQLAccessing Environment VariablesExecuting Database Queries in WorkflowsInsert and Update Data in Google SheetsInserting and Updating Data in SQLPerforming Conditional Logic in WorkflowsMaking External API Calls in Workflows
Guides
Misc
Docs
/
Concepts
/
Projects
/
Settings
/
Access Tokens

Access Tokens

THIS PAGE
Default Permissions
Types of permissions
Creating Access Tokens
Revoking Access Tokens
Using Access Tokens

By default all the APIs that you create (or created by canonic) are public. That means anyone who knows the API endpoints can easily read your data. We reccommend creating auth tokens and changing the default permissions of your project to ensure that your APIs are secure.

Screenshot

Default Permissions

By default the APIs are public. To change the default permissions of your API

  1. Open the project that you want to edit
  2. Click on the settings icon on the left hand side to open the project settings
  3. Click on the Access Tokens tab on the left navigation.
  4. Change the default permissions by editing the default permissions field

Screenshot

Types of permissions

Type Description
CREATE Allows creation of entries & data
UPDATE Allows updating entries
READ Allows reading single or multiple entries
DELETE Allows deletion of entries

Creating Access Tokens

We recommend disabling all public access for your APIs and creating an authentication token with the permissions needed.

Example: When creating a website, you might want to create a READ only access token to allow your website to only read the data.

To create an access token:

  1. Open the Access Tokens page (Inside project settings).
  2. Click on the + Create a New Token to open the creation popup.
  3. Add a name and the permissions for that token and hit create.
  4. An authentication token will be generated ready for consumption.

Screenshot

Revoking Access Tokens

You can revoke access tokens by simply clicking on the delete icon next to the token to revoke the token. The token will be immediately revoked.

All applications using that token will no longer have access to any of your APIs.

Using Access Tokens

You can use access tokens by passing them in the header of each of your requests when accessing your APIs. The token will be validated and will only be able to access those APIs for which it has permissions.

Sample Curl Request

curl 'https://netflix-api.canonic.dev/movies'
  --request GET
  --header "Content-type: application/json"
  --header "authorization TOKEN_HERE"
Did you find what you were looking for?
👍
👎
What went wrong?
Need more help?We have a thriving Discordcommunity that can help you with all things Canonic. →
PREVIOUS
Access Tokens
NEXT
Environment Variables