Forum | Appery.io

I have a service that needs to update the user's password - with normal rights - the update fails (that's good).

So - I realize I need to use the DB-Master key - I'm including my user-update-service - and have included the correct parameter - however .... do I really need to include the actual Master key in this service as a constant (I assume not).... is there a bracketed variable that I can use like for the database id we use {database_id} ... what's the right construct for the master-key ? I've tried {master_key} (perhaps that would be consistent with the {database_id} .... but that's not correct...

What's the right construct? there is one (i'm sure lol...) ??

Picture of the UI where I am using it (Service succeeds with the 'hard coded' db master key - but I'd sure prefer not to use it....)..

Hi Bruce,

Why not using a Generic Security Context service in your case? -- http://devcenter.appery.io/documentat...

Hi Illya,

Thanks much for the pointer.... Looking at that right now. Appreciate the help....

Bruce

Illya

just to follow up - as I'm sure you know - this worked perfectly. Thanks!

Thanks for update here, Bruce! You're welcome

I am having this exact same issue, but I am not clear on how Bruce implemented the Generic Security Context (GSC) in order to utilize the Master Key without hardcoding it into the header of the service and / or exposing it in an unsafe manner. Can you provide a little more detail on how I can use the GSC to accomplish this. I am trying to do the same thing Bruce was, update a username and password for a user that is different from the one logged in.

Thanks

Hello Pete,

You can use secure proxy for that: https://devcenter.appery.io/documenta...