Skip to content

Applying Security Keys

Security Key values can be any value, but it's recommended that a documentId is used.
Create a template to generate 'Security Key' documents eg:

{
    "formColor": "#d8d8d8",
    "systemHeader": {
        "systemType": "template",
        "templateId": "54d96f610bc006eb84369a8b",
        "summaryDescription": "Security Key Template",
        "summaryName": "Security Key Template",
    },

    "appTags": [
        "myApplication",
        "accountKey"
    ],
    "summaryNameRule": "{{{keyName}}}",
    "attachKeys": [
    ],
    "components": [
        {
            "name": "keyName",
            "label": "Key Name",
            "componentName": "sc-text-box",
            "mandatory": true
        },
        {
            "name": "description",
            "mandatory": false,
            "label": "Description",
            "fullWidth": true,
            "componentName": "sc-note-box",
            "detail": ""
        },
        {
            "name": "appTags",
            "componentName": "sc-static-value",
            "visible": false,
            "value": [
                "myApplication",
                "accountKey"
            ]
        }
    ]
}

It's recommended that you set up a table (sc-datatables) to show keys generated by this template.

Account Access Keys:

Once a document has been generated, use the 'documentId' of this document as the security key for a template and account.

The order of applying keys is important. Do not apply keys to a template or document BEFORE applying the key to your account.

Naturally if the template or document has a key and your account doesn't, you will not be denied access (and can't remove the key preventing access!).

Edit the account's accessControl document and add a new array named "accessKeys" to the root level eg: 

 "accessKeys": [
        {
            "keyId": "6fdb2050-a1ab-11e6-9c83-2156af0e1155",
            "name": "Administrator",
            "rights": [
                "Read",
                "Update",
                "Create",
                "Delete"
            ]
        }
]
  • accessKeys[0].keyId = the key documentId
  • accessKeys[0].name = the systemHeader.summaryName of the key document
  • accessKeys[0].rights = the CRUD rights you would grant the user for access to the document

CRUD Stands for:
* C - Create - A user with Create rights can create new documents using the template * R - Read - A user with Read rights can read the document, but not make any changes * U - Update - A user with Update rights can update the document, but not create new documents * D - Delete - A user with Delete rights can delete documents.

App developers should have full CRUD access to all documents and templates (at least while developing the application).

Apply Keys to Templates / Documents

Keys are applied to the 'keyId' array in the systemHeader eg: 

  "systemHeader": {
        "serverDate": "2017-08-29T06:35:25.436Z",
        "summaryName": "TEST TEMPLATE",
        "systemType": "template",
        "excludeGeneralSearch": false,
        "keyIds": [
            "6fdb2050-a1ab-11e6-9c83-2156af0e1155"
        ],
        "currentVersion": true,
        "versionId": "b99c25a0-b62a-11e8-8d6a-9d2b9d2d5455",
        "createdDate": "2018-09-12T01:25:25.370Z",
        "createdBy": "5435d78338968437030106d3",
        "templateId": "fdd6f700-b220-11e6-a7b4-dd2765dac7fd",
        "summaryDescription": "TEST TEMPLATE",
        "createdWith": "fdd6f700-b220-11e6-a7b4-dd2765dac7fd",
        "serverUpdatedDate": "2018-09-12T01:25:25.464Z",
        "serverCreatedDate": "2018-09-12T01:25:25.464Z",
        "previousVersionId": "750aa0c0-ab34-11e8-8e76-df00c8fa7010"
    },

Automatically Apply Keys

The system can automatically apply keys by setting the 'attachKeys' array at the root level on the template (or account's accountControl document) eg:

"attachKeys": [
        "452dda8d6803fa98058b1234",
        "452dda8d6803fa98058b1235"
    ],

The documents created by the template will have the attachKeys array copied to the systemHeader.keyIds field on the saved document.

If the attachKeys array is on an account, the keys will also be copied to the systemHeader.keyIds field on the saved document.

Attach keys are only attached on the save of a new document. This is to avoid overriding any changes to keys after the initial save.

Note: keys from attachKeys are added to a new document at the very start of the save process. On the client, this is before the PreSaveClient Rule (the first preSave event). For server side creation of new documents, it occurs before any server side rulesets eg. PreSaveServer.

Default Attach Keys

The defaultAttachKeys will be attached to all documents at the point when the attachKeys are attached from the account or template. This allows the system to be configured so no documents are created with open access. This can be configured in the serverConfiguration section of the configuration document eg:

"defaultAttachKeys" : [
    "d2a29b3f-811b-4150-adda-c458921e1453"
]

Applying Keys to Documents with No Template

By default, users are allowed to insert a document without a template. To restrict this behavior, the noTemplateAccessKeys setting can be configured. Only users with access keys that match the configured noTemplateAccessKeys can insert a document without a template if this setting is defined. The noTemplateAccessKeys setting can be configured in the serverConfiguration section of the configuration document, as shown below:

"noTemplateAccessKeys" : [
    "c3cb113d-d25e-47de-82a7-5667dab308dc" 
]

This configuration allows specific users to bypass the template requirement by providing their access keys.