Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is there ReadOnly REST API key to a MongoLab database, or is it always ReadWrite

Tags:

rest

mlab

In MongoLab you generate an API key and then anyone can access your database using REST API.

Usual case is to use the REST api directly from Ajax clients.

But this gives anyone complete write access to your database, which is security hole.

Is there a way to generate an API key which will give READ ONLY access to the database

like image 209
tzador Avatar asked Jun 28 '12 17:06

tzador


1 Answers

Currently, all API keys have read and write access to the databases associated with the user's account. If you need to expose a read-only API we recommend building your own with one of the many frameworks available like Express or Sinatra.

like image 182
jared Avatar answered Oct 05 '22 04:10

jared