Typical DF 2.x setup for application access


Please, correct me if I’m wrong. Here I’m trying to summarize typical application and access setup for Mobile|PC REST Client.

  1. Create a named service for whatever DB backend you decide. Optional, id DB is empty, create schema and (optionally) upload data. Otherwise, DB schema and data is already there.
  2. Create Access roles for components of the service, created in 1). I assume, in general case, there should be at least two roles, read-only, for guest/anonymous access. And read-write, role, for registered users access.
  3. Create one, or more application declarations (ApiKeys), for instance, to distinguish between clients on different platforms.
  4. Create User account for unregistered access (I know how it sounds, but I did not find another way to provide guest access for an application). Assign guest role for application(s) on this account.

After that, clients may request session token for guest (anonymous) user on specific application, then access this application under this anonymous account’s role.

If there are registered users for the application in question, we may initialize another session, getting more access rights for an application.

Working in this manner, I’ve managed to connect to application (initiate session), and request data using Postman REST debugger tool.


Hey @Vsevolod_Gromov just want to make sure we aren’t missing anything. But, you don’t have a question in here correct? It’s just you writing it out?



No, you aren’t. It’s not a question, all right.
I’m just trying to summarize steps needed to get mobile backed application up and running.
Like a quick start hint.

Though, the real problem I’ve got, is described here.
I’m still unable to pin it down. The DF2 framework seem too vast for me to comprehend :slight_smile:
I’m still trying to locate piece of code which is responsible for listing Components in Roles Editing.


One thing I would clarify here is that guest access can be added without creating a guest user.
See: http://wiki.dreamfactory.com/DreamFactory/Tutorials/Access_Using_API_Key

Additionally, these bits of the wiki will help to further explain how roles, api keys, and sessions work together: