[ckan-dev] Blocking read access on API for anonymous users

Ian Ward ian at excess.org
Tue Feb 13 17:52:45 UTC 2018


If what you want is the whole site locked down until you log in you
can try overriding the site_read auth function with IAuthFunctions.
That one *should* be called for accessing any pages.

On Tue, Feb 6, 2018 at 5:47 PM, Chun Chow <chchow at lbl.gov> wrote:
> Hi everyone,
>
> I keep seeing these references to disallowing API read access for anonymous users, i.e. always requiring an API key when accessing through the API.
>
> For example, "Depending on the authorization settings of the CKAN instance, a user may need to authenticate themselves for all operations including read. However, by default, CKAN allows anonymous read access and this setup is assumed for the API usage examples.”
>
> However, I can’t find which config option to change to implement this. Can y’all point me to where that is?
>
> Many thanks,
> Chun Ho
> _______________________________________________
> ckan-dev mailing list
> ckan-dev at lists.okfn.org
> https://lists.okfn.org/mailman/listinfo/ckan-dev
> Unsubscribe: https://lists.okfn.org/mailman/options/ckan-dev



More information about the ckan-dev mailing list