[{"data":1,"prerenderedAt":430},["ShallowReactive",2],{"footer-primary":3,"footer-secondary":93,"footer-description":119,"directus-academy-access-control":121,"directus-academy-access-control-next":165,"sales-reps":178},{"items":4},[5,29,49,69],{"id":6,"title":7,"url":8,"page":8,"children":9},"522e608a-77b0-4333-820d-d4f44be2ade1","Solutions",null,[10,15,20,25],{"id":11,"title":12,"url":8,"page":13},"fcafe85a-a798-4710-9e7a-776fe413aae5","Headless CMS",{"permalink":14},"/solutions/headless-cms",{"id":16,"title":17,"url":8,"page":18},"79972923-93cf-4777-9e32-5c9b0315fc10","Backend-as-a-Service",{"permalink":19},"/solutions/backend-as-a-service",{"id":21,"title":22,"url":8,"page":23},"0fa8d0c1-7b64-4f6f-939d-d7fdb99fc407","Product Information",{"permalink":24},"/solutions/product-information-management",{"id":26,"title":27,"url":28,"page":8},"63946d54-6052-4780-8ff4-91f5a9931dcc","100+ Things to Build","https://directus.io/blog/100-tools-apps-and-platforms-you-can-build-with-directus",{"id":30,"title":31,"url":8,"page":8,"children":32},"8ab4f9b1-f3e2-44d6-919b-011d91fe072f","Resources",[33,37,41,45],{"id":34,"title":35,"url":36,"page":8},"f951fb84-8777-4b84-9e91-996fe9d25483","Documentation","https://docs.directus.io",{"id":38,"title":39,"url":40,"page":8},"366febc7-a538-4c08-a326-e6204957f1e3","Guides","https://docs.directus.io/guides/",{"id":42,"title":43,"url":44,"page":8},"aeb9128e-1c5f-417f-863c-2449416433cd","Community","https://directus.chat",{"id":46,"title":47,"url":48,"page":8},"da1c2ed8-0a77-49b0-a903-49c56cb07de5","Release Notes","https://github.com/directus/directus/releases",{"id":50,"title":51,"url":8,"page":8,"children":52},"d61fae8c-7502-494a-822f-19ecff3d0256","Support",[53,57,61,65],{"id":54,"title":55,"url":56,"page":8},"8c43c781-7ebd-475f-a931-747e293c0a88","Issue Tracker","https://github.com/directus/directus/issues",{"id":58,"title":59,"url":60,"page":8},"d77bb78e-cf7b-4e01-932a-514414ba49d3","Feature Requests","https://github.com/directus/directus/discussions?discussions_q=is:open+sort:top",{"id":62,"title":63,"url":64,"page":8},"4346be2b-2c53-476e-b53b-becacec626a6","Community Chat","https://discord.com/channels/725371605378924594/741317677397704757",{"id":66,"title":67,"url":68,"page":8},"26c115d2-49f7-4edc-935e-d37d427fb89d","Cloud Dashboard","https://directus.cloud",{"id":70,"title":71,"url":8,"page":8,"children":72},"49141403-4f20-44ac-8453-25ace1265812","Organization",[73,78,84,88],{"id":74,"title":75,"url":76,"page":77},"1f36ea92-8a5e-47c8-914c-9822a8b9538a","About","/about",{"permalink":76},{"id":79,"title":80,"url":81,"page":82},"b84bf525-5471-4b14-a93c-225f6c386005","Careers","#",{"permalink":83},"/careers",{"id":85,"title":86,"url":87,"page":8},"86aabc3a-433d-434b-9efa-ad1d34be0a34","Brand Assets","https://drive.google.com/drive/folders/1lBOTba4RaA5ikqOn8Ewo4RYzD0XcymG9?usp=sharing",{"id":89,"title":90,"url":8,"page":91},"8d2fa1e3-198e-4405-81e1-2ceb858bc237","Contact",{"permalink":92},"/contact",{"items":94},[95,101,107,113],{"id":96,"title":97,"url":8,"page":98,"children":100},"8a1b7bfa-429d-4ffc-a650-2a5fdcf356da","Cloud Policies",{"permalink":99},"/cloud-policies",[],{"id":102,"title":103,"url":81,"page":104,"children":106},"bea848ef-828f-4306-8017-6b00ec5d4a0c","License",{"permalink":105},"/bsl",[],{"id":108,"title":109,"url":81,"page":110,"children":112},"4e914f47-4bee-42b7-b445-3119ee4196ef","Terms",{"permalink":111},"/terms",[],{"id":114,"title":115,"url":81,"page":116,"children":118},"ea69eda6-d317-4981-8421-fcabb1826bfd","Privacy",{"permalink":117},"/privacy",[],{"description":120},"\u003Cp>A composable backend to build your Headless CMS, BaaS, and more. \u003C/p>",{"id":122,"slug":123,"vimeo_id":124,"description":125,"tile":126,"length":127,"resources":8,"people":8,"episode_number":128,"published":129,"title":130,"video_transcript_html":131,"video_transcript_text":132,"content":8,"status":133,"episode_people":134,"recommendations":146,"season":147,"seo":164},"04ffd615-6d1d-45de-9c1b-2ff9206fe343","access-control","1007702200","This video explains Directus' access control system, covering user management, authentication, roles, permissions, and policies for secure and flexible data management.","8191a290-8378-460f-b6f9-7230fea84937",4,2,"2024-09-09","Access Control","\u003Cp>Speaker 0: Access control is a critical part of managing data. What different users in their various roles and responsibilities should be able to create, read, update, delete and share. Directus auth along with Directus' access control provide a complete solution for user management. From initial registration, through to interacting with data held in your project. In side of a directors project, you will have 1 or more users.\u003C/p>\u003Cp>A user conceptually is just one item in a special directors users collection, that represents a person or a service that has access to your data. Users may only be able to access your data via API or your custom application but can also be given access to data via the data studio web application. You can invite users, enable public registration or create users via API from your own application. Directus auth provides all of the required end points to manage users. From generating and refreshing access tokens, checking permissions, resetting passwords and more.\u003C/p>\u003Cp>Directus can fully manage your users or you can connect it with an existing single sign on provider to use the existing accounts to authenticate with directus. But that's all authentication, Let's talk about access control. The first concept is the permission itself. A permission is a combination of a collection, an action such as create or update, and either allow all or custom rules. By default, all actions on all collections are denied, and you can add access by creating permissions.\u003C/p>\u003Cp>Allow all is self explanatory, but for each action in each collection, custom rules can be created, which use Directus' filter syntax to specify which items can be interacted with. For example, only items created by the current user. You can also apply custom rules to limit which fields in a collection a user can access. So you might allow certain roles to edit data and others to only see it. Now given a permission is just a single action on a single collection, a user is likely to have many of them.\u003C/p>\u003Cp>And to organize them, we create access policies. And an access policy is just that, a set of permissions. For example, you might have a policy called manage own posts and use it to group the edit and delete permissions on posts created by the current user. Now roles describe a user's position within a team. For example, marketing team or editors.\u003C/p>\u003Cp>You can add roles to other roles allowing for a cascade that describes someone's full position and all that they will inherit. Now policies can be attached to either roles or users, making them a flexible organization tool for permissions. Any user's overall set of permissions are just an aggregate of all of the policies that are attached to them or their role. Now there are a lot of use case specific nuance to how access control could be configured. But just remember that a policy is a set of permissions, and policy can be attached to either a user or a role.\u003C/p>\u003Cp>Hopefully, you found this useful. Feel free to reach out with any questions, and we'll see you in the next video.\u003C/p>","Access control is a critical part of managing data. What different users in their various roles and responsibilities should be able to create, read, update, delete and share. Directus auth along with Directus' access control provide a complete solution for user management. From initial registration, through to interacting with data held in your project. In side of a directors project, you will have 1 or more users. A user conceptually is just one item in a special directors users collection, that represents a person or a service that has access to your data. Users may only be able to access your data via API or your custom application but can also be given access to data via the data studio web application. You can invite users, enable public registration or create users via API from your own application. Directus auth provides all of the required end points to manage users. From generating and refreshing access tokens, checking permissions, resetting passwords and more. Directus can fully manage your users or you can connect it with an existing single sign on provider to use the existing accounts to authenticate with directus. But that's all authentication, Let's talk about access control. The first concept is the permission itself. A permission is a combination of a collection, an action such as create or update, and either allow all or custom rules. By default, all actions on all collections are denied, and you can add access by creating permissions. Allow all is self explanatory, but for each action in each collection, custom rules can be created, which use Directus' filter syntax to specify which items can be interacted with. For example, only items created by the current user. You can also apply custom rules to limit which fields in a collection a user can access. So you might allow certain roles to edit data and others to only see it. Now given a permission is just a single action on a single collection, a user is likely to have many of them. And to organize them, we create access policies. And an access policy is just that, a set of permissions. For example, you might have a policy called manage own posts and use it to group the edit and delete permissions on posts created by the current user. Now roles describe a user's position within a team. For example, marketing team or editors. You can add roles to other roles allowing for a cascade that describes someone's full position and all that they will inherit. Now policies can be attached to either roles or users, making them a flexible organization tool for permissions. Any user's overall set of permissions are just an aggregate of all of the policies that are attached to them or their role. Now there are a lot of use case specific nuance to how access control could be configured. But just remember that a policy is a set of permissions, and policy can be attached to either a user or a role. Hopefully, you found this useful. Feel free to reach out with any questions, and we'll see you in the next video.","published",[135],{"people_id":136},{"id":137,"first_name":138,"last_name":139,"avatar":140,"bio":141,"links":142},"82b3f7e5-637b-4890-93b2-378b497d5dc6","Kevin","Lewis","a662f91b-1ee9-4277-8c9d-3ac1878e44ad","Director of Developer Experience at Directus",[143],{"url":144,"service":145},"https://directus.io/team/kevin-lewis","website",[],{"id":148,"number":149,"year":150,"episodes":151,"show":161},"7915da85-0e6a-40d5-a43b-fe0514ec2b6c",1,"2024",[152,153,122,154,155,156,157,158,159,160],"96b44cbc-1b14-4bea-87cd-0c4cb34d261d","637aafa2-b323-4ad0-adf0-ba52328bb798","4cc18530-ba2a-44f3-bb2e-2bfe4ad024d5","43612e4c-1bd9-411e-bd73-9c835a9b51e0","6e6965e7-13cc-4f86-b512-f567d66cfbe9","20666ca0-00e3-4d71-985b-f7c4abbe3bd1","8ad4795b-963c-4ebd-8921-38ea2dda9f44","4d3c062f-0f30-41b7-83e9-3d2ed34a86f4","c7ab64da-f34d-42c9-8a1a-03e6026cc7e5",{"title":162,"tile":163},"Directus Academy","bd5e0d7c-fd4f-4225-af71-dedb154be371",{"title":8,"meta_description":8},{"id":154,"slug":166,"season":148,"vimeo_id":167,"description":168,"tile":169,"length":127,"resources":8,"people":8,"episode_number":170,"published":129,"title":171,"video_transcript_html":172,"video_transcript_text":173,"content":8,"seo":174,"status":133,"episode_people":175,"recommendations":177},"directus-connect","1007702290","This video introduces Directus Connect — automatic REST and GraphQL APIs for your database and asset storage, highlighting key features such as resource-based URLs, query parameters, and the Directus JavaScript SDK.","246ec429-2758-4590-93c5-b802fe5be579",3,"Directus Connect","\u003Cp>Speaker 0: Part of the Directus data engine is Directus Connect. Automatic REST and GraphQL APIs for your database and asset storage. The REST API has predictable resource based URLs, relies on standard HTTP status codes, and uses JSON for input and output. To explain resource based URLs, let's use an example. Your project has a collection called posts.\u003C/p>\u003Cp>The primary key is an auto incrementing number called id. Other fields include status, title, date published, and content. For this example, some of the available resource based endpoints include listing all posts, getting a single post by ID, creating a post while passing a payload, and so on. The URL path for working with items are dynamic based on the resources in your project, but they all follow a standard format. Most directives API endpoints can utilize a number of powerful query parameters to alter the data that is returned.\u003C/p>\u003Cp>They include specifying which fields are returned, including relational fields. Filtering the returned items using the filter rules syntax, including logical operators and dynamic variables such as current user, sorting, paginating, and limiting the number of returned items, and applying aggregate functions either on the whole data set or on groups of data. Having a standard rest and graph ql API means that you can integrate a directus backend into any application in any language or framework by making an HTTP request. If you're building in a javascript the official directory's javascript sdk provides an improved developer experience. It's type safe, separated into several modules that provide granular control over which features include and then prune those that aren't at build time.\u003C/p>\u003Cp>And does not require any external libraries. You can check out the directory's API reference. Every single operation that you can make is shown both with the rest example, the graphql example and the directivesdk example side by side. Using directives over API uses the same access control as the data studio. The permissions are the same, so you don't have to set anything up again or worry that your application will receive or be able to use data in ways it shouldn't be allowed to.\u003C/p>\u003Cp>You can log in and use an access token which performs requests as your user or you can use a static token which is generated in your user profile and does not expire. If you make a request without an access token, it will use the configured public permissions, which are used when a user is unauthenticated. So this is a little bit about the APIs and the SDK. We have a load of tutorials inside of our documentation on Directus TV and on our YouTube channel in order to understand how to actually use the APIs and SDK to build real world projects. If you have any questions, feel free to reach out, and we'll see you in the next video.\u003C/p>","Part of the Directus data engine is Directus Connect. Automatic REST and GraphQL APIs for your database and asset storage. The REST API has predictable resource based URLs, relies on standard HTTP status codes, and uses JSON for input and output. To explain resource based URLs, let's use an example. Your project has a collection called posts. The primary key is an auto incrementing number called id. Other fields include status, title, date published, and content. For this example, some of the available resource based endpoints include listing all posts, getting a single post by ID, creating a post while passing a payload, and so on. The URL path for working with items are dynamic based on the resources in your project, but they all follow a standard format. Most directives API endpoints can utilize a number of powerful query parameters to alter the data that is returned. They include specifying which fields are returned, including relational fields. Filtering the returned items using the filter rules syntax, including logical operators and dynamic variables such as current user, sorting, paginating, and limiting the number of returned items, and applying aggregate functions either on the whole data set or on groups of data. Having a standard rest and graph ql API means that you can integrate a directus backend into any application in any language or framework by making an HTTP request. If you're building in a javascript the official directory's javascript sdk provides an improved developer experience. It's type safe, separated into several modules that provide granular control over which features include and then prune those that aren't at build time. And does not require any external libraries. You can check out the directory's API reference. Every single operation that you can make is shown both with the rest example, the graphql example and the directivesdk example side by side. Using directives over API uses the same access control as the data studio. The permissions are the same, so you don't have to set anything up again or worry that your application will receive or be able to use data in ways it shouldn't be allowed to. You can log in and use an access token which performs requests as your user or you can use a static token which is generated in your user profile and does not expire. If you make a request without an access token, it will use the configured public permissions, which are used when a user is unauthenticated. So this is a little bit about the APIs and the SDK. We have a load of tutorials inside of our documentation on Directus TV and on our YouTube channel in order to understand how to actually use the APIs and SDK to build real world projects. If you have any questions, feel free to reach out, and we'll see you in the next video.","25b805c7-a2c2-4d36-9476-12c890c65746",[176],"51785675-45e0-419d-aa67-42bfc8f90cd7",[],{"reps":179},[180,236],{"name":181,"sdr":8,"link":182,"countries":183,"states":185},"John Daniels","https://meet.directus.io/meetings/john2144/john-contact-form-meeting",[184],"United States",[186,187,188,189,190,191,192,193,194,195,196,197,198,199,200,201,202,203,204,205,206,207,208,209,210,211,212,213,214,215,216,217,218,219,220,221,222,223,224,225,226,227,228,229,230,231,232,233,234,235],"Michigan","Indiana","Ohio","West Virginia","Kentucky","Virginia","Tennessee","North Carolina","South Carolina","Georgia","Florida","Alabama","Mississippi","New York","MI","IN","OH","WV","KY","VA","TN","NC","SC","GA","FL","AL","MS","NY","Connecticut","CT","Delaware","DE","Maine","ME","Maryland","MD","Massachusetts","MA","New Hampshire","NH","New Jersey","NJ","Pennsylvania","PA","Rhode Island","RI","Vermont","VT","Washington DC","DC",{"name":237,"link":238,"countries":239},"Michelle Riber","https://meetings.hubspot.com/mriber",[240,241,242,243,244,245,246,247,248,249,250,251,252,253,254,255,256,257,258,259,260,261,262,263,264,265,266,267,268,269,270,271,272,273,274,275,276,277,278,279,280,281,282,283,284,285,286,287,288,289,290,291,292,293,294,295,296,297,298,299,300,301,302,303,304,305,306,307,308,309,310,311,312,313,314,315,316,317,318,319,320,321,322,323,324,325,326,327,328,329,330,331,332,333,334,335,336,337,338,339,340,341,342,343,344,345,346,347,348,349,350,351,352,353,354,355,356,357,358,359,360,361,362,363,364,365,366,367,368,369,370,371,372,373,374,375,376,377,378,379,380,381,382,383,384,385,386,387,388,389,390,391,392,393,394,395,396,397,398,399,400,401,402,403,404,405,406,407,408,409,410,411,412,413,414,415,416,417,418,419,420,421,422,423,424,425,426,427,217,428,429],"Albania","ALB","Algeria","DZA","Andorra","AND","Angola","AGO","Austria","AUT","Belgium","BEL","Benin","BEN","Bosnia and Herzegovina","BIH","Botswana","BWA","Bulgaria","BGR","Burkina Faso","BFA","Burundi","BDI","Cameroon","CMR","Cape Verde","CPV","Central African Republic","CAF","Chad","TCD","Comoros","COM","Côte d'Ivoire","CIV","Croatia","HRV","Czech Republic","CZE","Democratic Republic of Congo","COD","Denmark","DNK","Djibouti","DJI","Egypt","EGY","Equatorial Guinea","GNQ","Eritrea","ERI","Estonia","EST","Eswatini","SWZ","Ethiopia","ETH","Finland","FIN","France","FRA","Gabon","GAB","Gambia","GMB","Ghana","GHA","Greece","GRC","Guinea","GIN","Guinea-Bissau","GNB","Hungary","HUN","Iceland","ISL","Ireland","IRL","Italy","ITA","Kenya","KEN","Latvia","LVA","Lesotho","LSO","Liberia","LBR","Libya","LBY","Liechtenstein","LIE","Lithuania","LTU","Luxembourg","LUX","Madagascar","MDG","Malawi","MWI","Mali","MLI","Malta","MLT","Mauritania","MRT","Mauritius","MUS","Moldova","MDA","Monaco","MCO","Montenegro","MNE","Morocco","MAR","Mozambique","MOZ","Namibia","NAM","Niger","NER","Nigeria","NGA","North Macedonia","MKD","Norway","NOR","Poland","POL","Portugal","PRT","Republic of Congo","COG","Romania","ROU","Rwanda","RWA","San Marino","SMR","São Tomé and Príncipe","STP","Senegal","SEN","Serbia","SRB","Seychelles","SYC","Sierra Leone","SLE","Slovakia","SVK","Slovenia","SVN","Somalia","SOM","South Africa","ZAF","South Sudan","SSD","Spain","ESP","Sudan","SDN","Sweden","SWE","Tanzania","TZA","Togo","TGO","Tunisia","TUN","Uganda","UGA","United Kingdom","GBR","Vatican City","VAT","Zambia","ZMB","Zimbabwe","ZWE","UK","Germany","Netherlands","Switzerland","CH","NL",1773850429435]