`AccessProvider.create()`

Create an AccessProvider.

Signature

AccessProvider.create(data: {*: Any}): AccessProvider

Description

The create() method creates an AccessProvider document based on the data object settings. The provider document controls access to the current database by a third-party identity provider (IdP), such as Auth0.

After an AccessProvider document is created and your IdP is configured, callers can authenticate using the IdP service, then access Fauna resources as configured by the document.

Parameters

Parameter	Type	Required	Description
data	Object		Object describing the access provider.

Parameter

Type

Required

Description

data

Object

Object describing the access provider.

data fields

Name Type Required Description

Name	Type	Required	Description
name	String	Yes	Unique access provider name.
issuer	String		Unique IdP HTTPS URL that you are using to grant access to Fauna. This value is typically an account or application URL supplied by your IdP. Use an exact copy of your IdP `issuer` URL, including a trailing slash if it exists.
jwks_uri	String		Valid HTTPS URI, which serves the JSON Web Key (JWK) that signs the JSON Web Token (JWT) from the IdP.
roles	Array		Roles array or Role-predicate Roles to evaluate to validate JWT token access. No privileges are defined if `roles` is omitted and queries with JWT tokens from the `issuer` cannot be processed. If a predicate is provided, the predicate must be in long form syntax.
data	Object		User-defined `AccessProvider` metadata to store supplemental information.

name

String

Yes

Unique access provider name.

issuer

String

Unique IdP HTTPS URL that you are using to grant access to Fauna. This value is typically an account or application URL supplied by your IdP. Use an exact copy of your IdP issuer URL, including a trailing slash if it exists.

jwks_uri

String

Valid HTTPS URI, which serves the JSON Web Key (JWK) that signs the JSON Web Token (JWT) from the IdP.

roles

Array

Roles array or Role-predicate Roles to evaluate to validate JWT token access. No privileges are defined if roles is omitted and queries with JWT tokens from the issuer cannot be processed. If a predicate is provided, the predicate must be in long form syntax.

data

Object

User-defined AccessProvider metadata to store supplemental information.

Return value

An object with metadata for the results of the create() call.

Type	Description
AccessProvider	New access provider. See AccessProvider document definition

Type

Description

AccessProvider

New access provider.
See AccessProvider document definition

Examples

AccessProvider.create({
  name: "anAccessProvider",
  issuer: "https://fauna.auth0.com",
  jwks_uri: "https://fauna.auth0.com/.well-known/jwks.json",
  roles: [
    "mgmtTeam",
    {
      role: "mgmtTeam",
      predicate: "_ => true"
    }
  ],
  data: {
    custom: "some data"
  }
})

{
  name: "anAccessProvider",
  coll: AccessProvider,
  ts: Time("2023-07-28T03:46:30.150Z"),
  audience: "https://db.fauna.com/db/ywtfhw4poyynr",
  data: {
    custom: "some data"
  },
  roles: [
    "mgmtTeam",
    {
      role: "mgmtTeam",
      predicate: "_ => true"
    }
  ],
  jwks_uri: "https://fauna.auth0.com/.well-known/jwks.json",
  issuer: "https://fauna.auth0.com"
}

Is this article helpful?

Tell Fauna how the article can be improved:
Visit Fauna's forums or email docs@fauna.com

Thank you for your feedback!

AccessProvider.create()

Signature

Description

Parameters

data fields

Return value

Examples

Keyboard shortcuts

While reading

While searching

URL fragments

`AccessProvider.create()`