optimistic-gold•3y ago
How can I protect my named key value store with a bearer token?
I created a named KV store but am discovering that it's publicly accessible.
I want to have the authentication be based on my apify token via the authentication header. Is that possible?
5 Replies
optimistic-goldOP•3y ago
i can see that is true also for the session store. 🤔
basically anyone just need to know the id and can access.
optimistic-goldOP•3y ago
And for the dataset as well... How is that possible?
For reference, I'm requesting the data in incognito mode:
The ID is serve like a token, no? Nobody can guess the ID.
optimistic-goldOP•3y ago
Mhh... Okay, I'd ideally like to protect that access anyways.
the id is in here right now. 😅
uninterested-red•3y ago
That's not possible at the moment. There are some internal discussions about adding token to dataset/key-value store reads, but there are no plans to implement this in the near future. Basically what Honza said - id acts like a token in this case and it's impossible to guess.