The community forums are in BETA and closed to the public.

Give auth_key full access to all channels

I am using PubNub in a scenario where my server application is publishing to a big and growing amount of channels, one for every user. To secure the channels, I have successfully set up PAM, where my server application grants access using the already existing authentication token in the system. So far so good.

How can I grant the server, and only the server, write permissions on all channels? According to the docs, this is possible using such a call:

pubnub.grant(auth_key: 'someprivateserverkey', ttl: 0)

However, the server responds with a 400 with following content:

@parsed_response={"status"=>400, "message"=>"Auth-only grants are reserved for future use", "service"=>"Access Manager", "error"=>true}

Koen - one way to accomplish this is to use wildcard grants. You can grant read/write/manage to foo.* and then just make sure all of your channels are prefixed with foo. and your server's auth-key will have access to all channels of the form foo.???, like, foo.this, foo.that, etc.

This wildcard grant only works one level deep at this time so you can't grant to*

Ok, not what I was hoping for but gives a work-around. Thank you.

So only the dot is interpreted as a seperator? Using a dash instead, for example (e.g. 'foo-*' for 'foo-bar') would not work?

But 'foo.*' would work for 'foo.this-is-a-channel', right?

Yes, this is correct.

Login or Signup to post a comment