Del via


Permission Class

Definition

Operations for reading, replacing, or deleting a specific permission by id. Permissions are used to create ResourceTokens. Resource tokens provide access to the application resources within a database. Resource tokens:

  • Provide access to specific containers, partition keys, documents, attachments, stored procedures, triggers, and UDFs.
  • Are created when a user is granted permissions to a specific resource.
  • Are recreated when a permission resource is acted upon on by POST, GET, or PUT call.
  • Use a hash resource token specifically constructed for the user, resource, and permission.
  • Are time bound with a customizable validity period. The default valid timespan is one hour. Token lifetime, however, may be explicitly specified, up to a maximum of 24 hours.
  • Provide a safe alternative to giving out the master key.
  • Enable clients to read, write, and delete resources in the Cosmos DB account according to the permissions they've been granted.
public abstract class Permission
type Permission = class
Public MustInherit Class Permission
Inheritance
Permission

Constructors

Permission()

Properties

Id

The Id of the Cosmos Permission

Methods

DeleteAsync(RequestOptions, CancellationToken)

Delete a PermissionProperties from the Azure Cosmos DB service as an asynchronous operation. This will not revoke existing ResourceTokens.

ReadAsync(Nullable<Int32>, RequestOptions, CancellationToken)

Reads a PermissionProperties from the Azure Cosmos service as an asynchronous operation. Each read will return a new ResourceToken with its respective expiration.

ReplaceAsync(PermissionProperties, Nullable<Int32>, RequestOptions, CancellationToken)

Replace a PermissionProperties from the Azure Cosmos service as an asynchronous operation. This will not revoke existing ResourceTokens.

Applies to