Access Mode

The Access Mode allows to set which users will have permissions to run read and/or write operations in the database. It is initially set when creating a project in the Studio, and can later be changed via our API or Typescript SDK. The only user that can change the Access Mode is the database owner.

Changing the Access Mode does not affect Access Policies. Access Policies always have priority over the Access Mode.

The Access Mode value can be one of the following:

  • PRIVATE: Only the owner can operate on the database

  • PUBLIC: Everyone can operate on the database

  • PUBLIC_READ: Read operations can be performed by any address. Write operations can only be performed by the owner

Public-Read Access

The Public-Read Access combines elements of both Public and Private Access to create a balanced access level. Here, only the address owner possesses the permissions to write, create, and delete entities as well as add delegate addresses to the list. All other addresses, while not having these permissions, can still read all the content. This creates an environment where information is accessible to all, but the ability to alter this information remains with the address owner. This can be useful in situations where information sharing is important, but maintaining the integrity and control of the content is equally paramount.

Private Access

Private Access is highly restricted and secure. The exclusive permission to run any operations like writing, reading, creating, or deleting entities, is reserved for the address owner alone. This results in a high level of privacy as all data is accessible only to the address owner. This ensures that sensitive and confidential information remains secure and confidential.

Public Access

This access level allows everyone who has knowledge of the URL endpoint of this app to perform various operations. Actions include writing, reading, creating, and deleting entities. The sole requirement to perform these operations is a valid wallet address. This public nature of the data makes all the content accessible to all users, encouraging collaboration and transparency. However, control is still maintained by the database's address owner who is the only one capable of modifying the delegate address list. This balance of openness and control makes public access an attractive choice for certain applications.


curl -XPOST "https://{DEPLOYMENT_ID}" \
-H 'Authorization: Bearer {Owner's JWT token}' \
-H "Content-type: application/json" \
-d '{ "access_mode": "PUBLIC" }'

curl -XGET "https://{DEPLOYMENT_ID}" \
-H 'Authorization: Bearer {Owner's JWT token}' \
-H "Content-type: application/json"

Last updated