Allow read-only APIs
Closed this issue · 3 comments
By default, with the API key users get full write access. This is fine if you want a read-write API, but if you're looking to use Airtable as a CMS/DB, you'll likely want something read-only.
Hey Ross, any plans to keep working on this? It would be very useful in my current project.
Hi! Thanks for pinging about this.
I ended up using Are.na's API for my original use for this project, so it got dropped for a bit. I'm also not actively using this project anywhere right now, so I can't promise it'll work perfectly. (Added a note about this in the README).
That said, I still think there's some cool opportunities here: Airtable's structure and UI make it seem like a solid lightweight CMS.
I just pushed some commits adding support for a READ_ONLY
flag. You can use it like so:
now rosszurowski/micro-airtable-api \
-e AIRTABLE_BASE_ID=asdf123 \
-e AIRTABLE_API_KEY=xyz123 \
-e READ_ONLY=true
You can also restrict specific actions with the more fine-grained ALLOWED_METHODS
flag. (READ_ONLY
is a shortcut for this lower-level option). So to allow creating and reading but not updating or deleting, you could pass:
now rosszurowski/micro-airtable-api -e ALLOWED_METHODS=GET,POST
Hopefully these new options support your use-case. I'm also open to reviewing PRs or supporting a fork if you want to take what's here and run with it.
Perfect, thank you!