Under Security you can design a multi-layered access control system for your solution.
Security is an important and integral part of the Appfarm Platform. The platform features mechanisms for protecting your apps against common security threats such as the OWASP Top Ten.
While many aspects of security are in place by default, many are also configurable and require adherence to standard security practices in your apps and services.
Users and access control in Appfarm Create are handled as follows:
- A user is a person with access to your solution and/or your apps.
- Both developers with access to Appfarm Create and client users are considered users. Client users are end-users that only have access to the apps you've made.
- A user exists across all environments, so a user created in Test also exists in Production.
- Users can be managed in Appfarm Create, or via an app or service using dedicated action nodes.
Additionally, service accounts are available for non-human and unauthenticated users. Service accounts are assigned roles in the same way as users.
In general, you should carefully define which permissions each role has and what users have those roles. This includes what data they can access and data operations they can run, as well as which apps and services they have access to. Additionally, you should keep data security in mind when creating your apps. Use filters to limit the data read into data sources and conditions to show and hide functionality.