Redirect Notice

As of April 12th, you must go to Progress SupportLink to create new support cases or to access existing cases. Please, bookmark the SupportLink URL and use the new portal to contact the support team.

You will be automatically redirected to SupportLink in 10 seconds.

How can we help you today?

Start a new topic
Discussions Kinvey Forums REST API

Create Admin User

HI,I want to create admin user.I want only admin to register other users.For that reason I make permission of User Database "Read only" .I want only one user "admin" who knows master secret to change User Database.But when I make request with Master Secret to "Read only" User Database nothing happens.In the Kinvey documentation states that with master secret one can modify all Databases regardless their permissions.Can Anyone help me?

4 CommentsSorted by Oldest First
Ivan,

We do not support using the master secret within an app to connect to the backend database for security reasons. Please check the following link:
http://devcenter.kinvey.com/java/guides/security#Gotchas

Thanks,
Pranav
Kinvey Support

 

Thx. But help me how to realize my idea. I want only admin to register other user. Not from kinvey.com but in my app Register form. For registration of any users needed appCredentials .I can hide AppSecret and give it to  admin ,but when ordinary user login they need this appCredentials and can see AppSecret?

Ivan,

I would like to understand your usecase/app flow in little more detail:


  • Wouldn’t the regular users see the “Signup” screen of your app?
  • Would the signup screen only be visible to the “admin” account (assuming you would create this account through the kinvey console and then using it log in into the app).
  • Once admin is logged in, when you try creating a new user with the available APIs (what SDK are you using?) is it throwing any error? 


Thanks,

Pranav

Kinvey Support

Hi,when I am at home page in my app(HTML,Javascript on Windows,SPA) I see login form.When admin log in he sees register form and can register new user.When regular user log in he doesn't see register form,but he have accsess to app and can see AppCredentials and can create new user via Postman or other way.Reason that regular user  doesn't see register form doesn't stop him to create new user.I want only admin to create new user via register form.If  I make User Collection Read Only nobody can't register new user including admin.If  admin can register user with Master Secret(only he knows it) via register form(regardless User Collection is ReadOnly) it will be good,but You said that is impossible.

Login or Signup to post a comment
More topics in REST API
See all 120 topics