Is it possible to set ACLs on all users so that only administrators can query for users (without dis : Progress Kinvey

Redirect Notice

As of April 12th, you must go to Progress SupportLink to create new support cases or to access existing cases. Please, bookmark the SupportLink URL and use the new portal to contact the support team.

How can we help you today?

Start a new topic

Is it possible to set ACLs on all users so that only administrators can query for users (without dis

Gal

started a topic about 10 years ago

I would like users of my app to be unable to query the Users collection. At the same time, I want to allow administrators to query the collection.

1 Comment

Gal

said about 10 years ago

Yes. You can set the users collection permissions to [private](http://devcenter.kinvey.com/rest/guides/security#collectionpermissions) (which means that unless the ACLs explicitly permit them to do so, all users can only query for their own data), and then [grant specific read or write permissions](http://devcenter.kinvey.com/rest/guides/security#entityanduserpermissions) to a group of administrators.