This section describes Fauna authentication and access control security features.
The Fauna security design makes it easy to query your databases from any network-connected context, including a web browser.
Connections to the database are secured using HTTPS. Authentication and access control are implemented using HTTP bearer tokens in the request header for each query.
Built-in and user-defined roles provide a way to allow database access to membership groups with different access permissions.
Keys are typically used by database owners or administrators to manage database structure and contents with few restrictions and by background tasks that automate various database procedures at regular intervals.
An identity or token typically represents a user but can also be used to identify any service, system, or process that needs to run queries with given privileges.
A credential document is part of the Fauna identity-based access control and is used to store a cryptographic hash of a password that can be used to authenticate an identity stored in Fauna.
- ABAC privileges and membership
Attribute-based access control is a flexible, fine-grained strategy for managing identity-based operations in Fauna. ABAC extends the default authentication and authorization mechanisms.
- External identity providers
This section describes the elements, functions, and operations required to use an identity provider (IdP) to authenticate users who can then query Fauna.
Is this article helpful?
Tell Fauna how the article can be improved:
Thank you for your feedback!