22
Views
2
Comments
Solved
[Data Grid Sample] How can we guarantee the security of the data access of the exposed REST?
Question
Forge component by OutSystems R&D
15
Published on 18 Nov 2020

Hi

If the GridContainer expects a REST endpoint to get the content of the table, what is the best approach to guarantee the security of the data access as we should expose this service to be accessed by javascript code, right? 


Best regards
Tiago Vital

mvp_badge
MVP
Rank: #39
Solution

Hi Tiago,

You could create some form of token based authorization to secure your endpoints, but if you're looking for something simpler, there's also the Session_GetWebAppLoginInfo action in the PlatformRuntime_API extension.

It should return a User Id if your REST service is being invoked by an authenticated user, so you can use it to ensure your REST services are only accessed by users that have logged in. Check this thread for more detail.