Hello All,
I am really stomped with this one. I want to be able to hide certain fields from an API end point. I know i can return a single field but in this case i want to be able to return all the fields except the ones in red. Is there an option to hide/show fields in results returned? So at the end i will only have _id & title field!
That’s what privacy rules are for, but then you need to create a token for a given user for the rule to apply.
Thanks for the reply. I created a field on the user level called Token and then added this rule with the same value on Token user field.
But i still get the same results
{
"status": "success",
"response": {
"makes": [
{
"title_text": "Acura",
"Created Date": 1476721090113,
"Created By": "1443188052765x412874856498092400",
"Modified Date": 1476721090113,
"_id": "1476721090112x806119007524102900",
"_type": "custom.veh_makes"
},
{
"title_text": "Nissan",
"Created Date": 1476721097538,
"Created By": "1443188052765x412874856498092400",
"Modified Date": 1476721097538,
"_id": "1476721097538x468088481575250640",
"_type": "custom.veh_makes"
},
{
"title_text": "Toyota",
"Created Date": 1476721104642,
"Created By": "1443188052765x412874856498092400",
"Modified Date": 1476721104642,
"_id": "1476721104642x848820356186479400",
"_type": "custom.veh_makes"
}
]
}
}
Can you guide me in the right direction. Thanks
Are you sure the user in the context of your call is a the user whose token is 112233…? That is defined by the key.
I don’t know what you mean
https://bubble.io/reference#API.authentication explains the different way to authentication.
When you say “Current user’s token…”, this is referring to the current user of the call, which is determined by the token you’re using.
I see what you mean (I hope i understood it right). But what i am trying to do is create an app that serves vehicle makes, models to not only users but to servers and other 3rd party websites that need to use my database. Something like an API on subscription, will that work with the below?
From what i understand (from the below documentation) is that the user has to pass his email and password as parameters to login. Is that correct? Will they need to call one API to login and another to fetch data or can they do it in one API call?
- Create sign up / login api workflows. This is useful for building an alternative front-end to your Bubble app, such as a native app that you develop. When an API workflow contains a sign up or a login action, a user ID, a token and an expiration (in seconds) are returned with the response of the call. Subsequent calls to your app's API, with a header "Authorization: Bearer API_TOKEN" will runs all calls and workflows in the context of the user associated with the token. This user will be the 'Current user' you can access in your actions, etc. Privacy rules will apply to this user as they would if the user was logging in the Bubble app and using it in her own browser. This token should be kept safely wherever you're using it.
Yes, that’s correct.
At the end of the day, you need a way to authenticate who is calling your API (or you don’t, in which case they can make calls without a key, up to you), In general it’s better to have the use a key.
Hmm got it. I can make it work like that. I guess that if there is a way to enable the user to create there own API tokens (to be made available under the API settings tab) then we can have another way of tracking these unique API back to the user who called them.
But that’s a discussion for another time. I guess the issue is whether the user will be able to surrender his password to be used as a parameter in the API call is what’s going to create an issue.
Thanks for input it’s been great. I believe I speak for everyone here by saying we believe in bubble, it’s mission and vision and the awesome support.
from where can we select this option to view selected fields
Please help me with this Need Help with Backend Workflow