FQL v4 will be decommissioned on June 30, 2025. Ensure that you complete your migration from FQL v4 to FQL v10 by that date. Fauna accounts created after August 21, 2024 must use FQL v10. These accounts will not be able to run FQL v4 queries or access the v4 Dashboard. For more details, see the v4 EOL announcement and migration guide. Contact support@fauna.com with any questions. |
CreateAccessProvider
This reference topic applies to FQL v4. Go to this page for the latest FQL v10 reference topics. |
CreateAccessProvider( param_object )
create_access_provider( param_object )
CreateAccessProvider( param_object )
CreateAccessProvider( param_object )
CreateAccessProvider( param_object )
CreateAccessProvider( param_object )
Description
CreateAccessProvider
creates a new AccessProvider document, based on the
settings in param_object
, which can be used to control access to the
current database via a third-party identity provider (IdP) , such as
Auth0.
Parameters
Parameter | Type | Definition and Requirements |
---|---|---|
|
Object |
The |
param_object
Field Name | Field Type | Definition and Requirements | ||
---|---|---|---|---|
|
String |
A unique name for the AccessProvider. Cannot be |
||
|
String |
An HTTPS URL for the IdP that you are using to grant access to Fauna. This is typically an account-/app-specific URL that your IdP provides.
|
||
|
String |
A valid HTTPS URI, which should serve the JSON Web Key that signs the JWT tokens from your IdP. |
||
|
Array of Role References or Role-predicate objects. |
Optional - Defines the roles that should be evaluated to determine access for a provided JWT token. When The usual use of
Per overlapping roles, any role that grants access means that the query involving a JWT token is processed, even if another Role might deny access. A Role-predicate object specifies a Role to potentially evaluate, whose evaluation is determined by the specified predicate function:
The The |
||
|
Object |
Optional - Contains user-defined metadata for the AccessProvider. It is provided for the developer to store AccessProvider-relevant information. |
||
|
Timestamp |
Optional - A timestamp that indicates the time-to-live for a document,
which is when the document is removed from the collection and can’t be
queried. The document history can continue to be accessed using
the |
Returns
An object containing the metadata about the results of CreateAccessProvider
operations.
Field Name | Field Type | Definition and Requirements |
---|---|---|
|
Reference |
The reference is an automatically-generated, unique identifier within the database to the AccessProvider that was created. |
|
Long |
The timestamp, with microsecond resolution, associated with the creation of the AccessProvider. |
|
String |
The name for this AccessProvider. |
|
String |
The |
|
String |
The |
|
String |
A database-specific HTTP URI. Queries that should be authenticated using a JWT token should use this URI, instead of the default https://db.fauna.com/ successful login. Every AccessProvider for the current database shares the same |
Examples
{
ref: AccessProvider("Auth0-myapp"),
ts: 1604524688650000,
name: 'Auth0-myapp',
issuer: 'https://myapp.auth0.com/',
jwks_uri: 'https://myapp.auth0.com/.well-known/jwks.json',
audience: 'https://db.fauna.com/db/yxuihtdghybyy'
}
{'ref': Ref(id=Auth0-myapp, collection=Ref(id=access_providers)), 'ts': 1611103252110000, 'name': 'Auth0-myapp', 'issuer': 'https://myapp.auth0.com/', 'jwks_uri': 'https://myapp.auth0.com/.well-known/jwks.json', 'audience': 'https://db.fauna.com/db/yx96yn6haydyy'}
map[audience:https://db.fauna.com/db/yomix74weybyy issuer:https://myapp.auth0.com/ jwks_uri:https://myapp.auth0.com/.well-known/jwks.json name:Auth0-myapp ref:{Auth0-myapp 0xc0002001e0 0xc0002001e0 <nil>} ts:1617403014570000]
ObjectV(ref: RefV(id = "Auth0-myapp", collection = RefV(id = "access_providers")),ts: LongV(1617402892320000),name: StringV(Auth0-myapp),issuer: StringV(https://myapp.auth0.com/),jwks_uri: StringV(https://myapp.auth0.com/.well-known/jwks.json),audience: StringV(https://db.fauna.com/db/yomixsrzaydyy))
{ref: ref(id = "Auth0-myapp", collection = ref(id = "access_providers")), ts: 1611185449060000, name: "Auth0-myapp", issuer: "https://myapp.auth0.com/", jwks_uri: "https://myapp.auth0.com/.well-known/jwks.json", audience: "https://db.fauna.com/db/yoynh5om6ybyy"}
{
ref: AccessProvider("Auth0-myapp"),
ts: 1624449336520000,
name: 'Auth0-myapp',
issuer: 'https://myapp.auth0.com/',
jwks_uri: 'https://myapp.auth0.com/.well-known/jwks.json',
audience: 'https://db.fauna.com/db/yoa3xz8xoybyy'
}
Is this article helpful?
Tell Fauna how the article can be improved:
Visit Fauna's forums
or email docs@fauna.com
Thank you for your feedback!