In MongoLab you generate an API key and then anyone can access your database using REST API.
Usual case is to use the REST api directly from Ajax clients.
But this gives anyone complete write access to your database, which is security hole.
Is there a way to generate an API key which will give READ ONLY access to the database
Currently, all API keys have read and write access to the databases associated with the user's account. If you need to expose a read-only API we recommend building your own with one of the many frameworks available like Express or Sinatra.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With