Start a new topic

Is it possible to set ACLs on all users so that only administrators can query for users (without dis

I would like users of my app to be unable to query the Users collection. At the same time, I want to allow administrators to query the collection.
1 Comment

Yes. You can set the users collection permissions to [private](http://devcenter.kinvey.com/rest/guides/security#collectionpermissions) (which means that unless the ACLs explicitly permit them to do so, all users can only query for their own data), and then [grant specific read or write permissions](http://devcenter.kinvey.com/rest/guides/security#entityanduserpermissions) to a group of administrators.
Login or Signup to post a comment