Access Manager v3 API for PubNub Dart SDK
Access Manager allows you to enforce security controls for client access to resources within the PubNub Platform. With Access Manager v3, your servers can grant their clients tokens with embedded permissions that provide access to individual PubNub resources:
- For a limited period of time.
- Through resource lists or patterns (regular expressions).
- In a single API request, even if permission levels differ (
read
tochannel1
andwrite
tochannel2
).
You can add the authorizedUuid
parameter to the grant request to restrict the token usage to one client with a given userId
. Once specified, only this authorizedUuid
will be able to use the token to make API requests for the specified resources, according to permissions given in the grant request.
User ID / UUID
User ID is also referred to as UUID
/uuid
in some APIs and server responses but holds the value of the userId
parameter you set during initialization.
Grant Token
Requires Access Manager add-on
This method requires that the Access Manager add-on is enabled for your key in the Admin Portal. Read the support page on enabling add-on features on your keys.
The grantToken()
method generates a time-limited authorization token with an embedded access control list. The token defines time to live (ttl
), authorizedUUID
, and a set of permissions giving access to one or more resources:
channel
channelGroup
uuid
(other users' object metadata, such as their names or avatars)
Only this authorizedUUID
will be able to use the token with the defined permissions. The authorized client will send the token to PubNub with each request until the token's ttl
expires. Any unauthorized request or a request made with an invalid token will return a 403
with a respective error message.
Permissions
The grant request allows your server to securely grant your clients access to the resources within the PubNub Platform. There is a limited set of operations the clients can perform on every resource:
Resource | Permissions |
---|---|
channel | read , write , get , manage , update , join , delete |
channelGroup | read , manage |
uuid | get , update , delete |
For permissions and API operations mapping, refer to Manage Permissions with Access Manager v3.