Is there a recommended way to use Convex on "admin mode"
I have setup an "apiKey" in the args for mutations, query and actions that i want to protect, but it seems a bit hacky. Wondering if there is another recommended approach? Something similar to the firebase or supabase admin client would be really nice IMO
7 Replies
Can you say more about the use case?
building an admin dashboard for example
or bypassing authorization checks
Hmm, I'd probably use whatever Auth solution you have and attach a special role to the admin credentials.
(Clerk, Convex Auth, Auth0...)
and for internal functions that I would like to trigger from within an app?
For example: I have a hono api that queries data or performs mutations, here is where I use the
apiKey
approach, but feels odd passing this on the body payloadYou can authenticate HTTP actions: https://docs.convex.dev/functions/http-actions#authentication
HTTP Actions | Convex Developer Hub
HTTP actions allow you to build an HTTP API right in Convex!
ok that could work, I do lose type-safety tho D:
In what sense do you lose type safety?