Closed
Description
The idea behind this feature is to have a key that only has access to cloud code functions.
Why? So that you can protect all other routes from being publicly available and to force all users actions through cloud code which gives the developer more control over what is and isn't allowed.
I know CLPs can have a similar effect but I would prefer if an outside user didn't even get that close to the database. Client side Javascript is just too insecure and the files API allows people to just upload whatever they want unrestricted.
Metadata
Metadata
Assignees
Labels
No labels