github/datasette
1
0
Fork 0
mirror of https://github.com/simonw/datasette.git synced 2025-12-10 16:51:24 +01:00
Code Issues Projects Releases Packages Wiki Activity

Note in docs about new /-/create-token features, refs #1947

Browse source
This commit is contained in:
Simon Willison 2022-12-13 21:07:03 -08:00
commit 6e5ab9e7b3
1 changed files with 2 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/authentication.rst
View file

@ -405,6 +405,8 @@ Datasette includes a default mechanism for generating API tokens that can be use
Authenticated users can create new API tokens using a form on the ``/-/create-token`` page.
Tokens created in this way can be further restricted to only allow access to specific actions, or to limit those actions to specific databases, tables or queries.
Created tokens can then be passed in the ``Authorization: Bearer $token`` header of HTTP requests to Datasette.
A token created by a user will include that user's ``"id"`` in the token payload, so any permissions granted to that user based on their ID can be made available to the token as well.