Server code - How to invoke schedule jobs that requires authentication

[Yaniv]

Hi,
My DB protected with user permission,
means that any access to DB table can be done only with session token.

I created few scripts, some of them are invoked by rest call and some by schedule job.
The one that invoked using rest call I have no issue since the user info taken from request, doing authentication (DatabaseUser.login(dbId, user, pass).sessionToken), getting the token and using it for any DB call.

The issue is with schedule job,
Here I cannot take the user information from request since no one invoked it (its schedule), due to that I don't have any user information and cannot get any valid token to proceed with operation.

How this can be supported?
I saw in Appery docs one note for "obtain token":
Note: Token is not required if the user added “token” to the request header (click “obtain token” on the server code Test tab).

I cannot understand how this can be used here, can you elaborate?

[Yurii Orishchuk]

Hi Yaniv,

You can use DB master key for this goal.

See more info here: http://devcenter.appery.io/documentat...

Regards.

[Yaniv]

Thanks, Its working fine.

But I have a Q:
In the server code per each script we have the following security settings:
"Database for managing user access" and "Allow only authenticated users to call this script"

In case this is selected how this is working? from where the script get the user info/token? how this getting validated?

[Yurii Orishchuk]

Hi Yaniv,

By turning on the Secure collection option, any action with collections via REST services should be done with the provided sessionToken parameter. This means that only logged-in users can read these collections:

More details about secure collections here: http://devcenter.appery.io/documentat...

Regards.

[Freddy7709766]

Hello Yaniv,

Do you have an example (JS code) to how invoke an specific column of a DB's collection?

Regards