So, I have a node backend that connects to the database via the sdk and right now it uses the master key to access/modify it as stated in the documentation. But of course that is a big security risk so I’m looking for alternatives but haven’t found one yet.
Hopefully you guys have a solution?
I’ve looked at roles, which would work fine but I’m not able to find how to “log-in” with the backend and it seems a bit overkill to log in each time I want to make an API call. (I would still be curious to see how that works if you guys have it working!)
What I was hoping to find was kind of api key that I can use to identify the backend and that can easily be revoked/renewed if compromised but that doesn’t seem to be possible right now?
Let me know!