Deployments: loading...

Role Based Access Control


If you haven't heard yet, hook.io is the 100% open-source platform for microservices.

hook.io is a full-featured platform that supports 12+ software programming languages, even ECMAScript 7!

With over 32 million successful deployments, one of our most requested features in the past few months has been private Services and API access keys.

Today, we are happy to announce support for Role Base Access Control and API Access keys.

Private Services!

It's now very easy to restrict public access to hook.io services.

To quickly get started, new security settings are now available when creating or editing hooks.

For more information on how this works, keep on reading.

Easy to use Role Based Permissions!

hook.io provides a very simple mechanism for creating API Access keys which are mapped to a custom list of roles. These roles represent hook.io system events, which are subject to role based permission checks.

Role checks for API access are performed by sending a valid hook_private_key HTTP parameter in client request targeting hook.io

A hook_private_key can be provided by any of the following formats: query string, json, form, multipart-form, or http header value.

Key Based API Access

Multiple API Access Keys can be created with custom roles, allowing granular role based permission access for any number of users or third-party services accessing hook.io

Third-Party Developer Support

In addition to implementing API Access Keys, all service endpoints on hook.io are now exposed as HTTP API endpoints with role based permission checks.

For example, you can now access the /logs or the /datastore for your account from a third-party service if you provide a valid hook_private_key parameter.

The best way to see this in action is to visit the new Datastore HTTP API Endpoint.

Streaming System Events

All events and role checks on hook.io are now logged at the /events endpoint.

The System Events API endpoint provides a high level of visibility into when your services on hook.io are being accessed, and which client is accessing them.

The events API endpoint is widely accessible and is capable of providing streaming responses.

Business Grade Security and Service

With this new addition of Role Based Access Control and System Events, hook.io can now safely protect services which must remain private.

This new seamlessly functionality provide secure services to third-party applications, allowing a whole new class of applications to be developed!

To try out this new functionality, create a free account at hook.io and then visit /keys

We hope to hear about the services you build soon!