Skip to main content
Back to Help Center
Database & Permissions

Understanding Permissions

Learn about row-level and column-level permissions to secure your app's data.

Why Permissions Matter

When building apps with database access, you need to control what data the AI can see and modify. Permissions let you:

  • Protect sensitive information
  • Limit AI actions to specific data
  • Create secure multi-user apps

Permission Types

Row-Level Permissions

Row-level permissions control which records the AI can access. Think of rows as individual items in your data.

Example: In a customer database, you might want the AI to only see customers from a specific region:

{
  "filter": {
    "region": "North America"
  }
}

With this filter, the AI only sees customers where region equals "North America".

Column-Level Permissions

Column-level permissions control which fields the AI can access. Think of columns as the properties of each record.

Example: In a customer database, you might hide sensitive financial data:

Visible columns:

  • name
  • email
  • region
  • last_contact

Hidden columns:

  • credit_card
  • annual_revenue
  • internal_notes

Setting Up Permissions

Step 1: Enable Database

  1. Open your app settings
  2. Navigate to the Database tab
  3. Enable database access

Step 2: Create Collections

Collections are like tables in your database:

  1. Click Add Collection
  2. Name your collection (e.g., "customers")
  3. Define the schema (fields and types)

Step 3: Configure Row Filters

  1. Select a collection
  2. Click Row Permissions
  3. Define filter conditions

Filter operators:

  • equals: Exact match
  • contains: Partial text match
  • greaterThan: Numeric comparison
  • in: Match any value in a list

Step 4: Configure Column Access

  1. Select a collection
  2. Click Column Permissions
  3. Check/uncheck columns the AI can access

Common Patterns

User-Specific Data

Limit the AI to the current user's data:

{
  "filter": {
    "user_id": "{{current_user_id}}"
  }
}

Read-Only Access

Allow reading but prevent modifications:

{
  "read": true,
  "write": false,
  "delete": false
}

Hiding Sensitive Columns

Hide PII and financial data:

{
  "hidden_columns": [
    "ssn",
    "credit_card",
    "bank_account",
    "salary"
  ]
}

Testing Permissions

Always test your permissions:

  1. Create test data with various permission scenarios
  2. Ask the AI to retrieve filtered and unfiltered data
  3. Verify hidden columns aren't revealed
  4. Test write/delete operations if enabled

Best Practices

  1. Start restrictive: Give minimal access, then expand as needed
  2. Document your filters: Keep notes on why each filter exists
  3. Regular audits: Review permissions periodically
  4. Test edge cases: What happens with empty filters? Null values?
Last updated: 2026-01-21