API Tokens in Custom Filters

Dev Support
1

Hi!

I’m new to 8base so apologies if this is barking up the wrong tree. Some background info first: I would like to use 8base to create a multi-tenanted app that supports API Tokens for each Customer, so they can create their own consuming applications. I’d like consuming applications to be scoped to each Customer’s data. I have found one possible way to do this using one Role per API Token per Customer with the Permissions within each Role to restrict visibility appropriately. Obviously this isn’t the best scaling strategy.

What I’m really wondering is if there is an equivalent of __loggedInUserId for API Tokens? My testing shows that the requesting API Tokens don’t seem to be available in the context of filters.

If this existed then I could add a relationship to an API Token for each record in my Customers table and use one role to filter data by the requesting API Token value with something like:

"customer": {
    "apiToken": {
        "id": {
            "equals": "__requestingApiToken"
        }
    }

I appreciate any pointers in the right direction!

2

Hey Ben!

Was this concern handled in the private messages you had sent?

I think you’re approaching it the right way currently. I’m discussing with the team whether we can add that new variable to the custom filter currently!

That said, based on your scenario I would encourage using 1 custom role per customer, then adding that role to one or multiple API tokens. If you are using a Customers table that has a relationship to ApiTokens you’d then be able to create custom filters on the role that are specific to the API Token being used.

11%20PM
Screen Shot 2020-04-17 at 12.21.11 PM.png2310×1450 284 KB

For example, if the identifier value for a customer were customer-0001, you could then use that as the top-level record from which all customer scoped data is related. If a customer were to have Invoices. You’d create in the CUSTOMER_0001_ROLE a custom filter of.

// For Invoices Read
{
  "customer": {
    "identifier": {
      "equals": "customer-0001"
    }
  }
}