Assign an access mode to any document at write time. VividEcho enforces visibility and modification rules on every subsequent read and write — no middleware to wire up, no permission checks to write. Access is decided per record, at the moment you create or update it, using the x-access header.
Every document carries one of four access levels, each controlling who can read it and who can change or delete it.
| Access level | Who can read it | Who can change or delete it |
|---|---|---|
private | Only the user who created it | Only the user who created it |
public | Any signed-in user | Any signed-in user |
readonly | Any signed-in user | Only the user who created it |
readanonymous | Anyone, including signed-out visitors | Only the user who created it |
private is the safe default for personal data. readonly suits shared reference data that everyone signed in should see but only the author should edit. readanonymous extends that same read access to signed-out visitors, but only has an effect on applications running in B2C mode with anonymous access allowed. public is fully shared in both directions, so it's worth using deliberately.
Setting x-access is optional. If you leave it off, VividEcho applies a sensible default: brand-new records are created as private, and updating an existing record without specifying an access level simply preserves whatever access level it already had, rather than resetting it.