Permissions

CubeStack provides granular control over who can access your data and what they can do with it.

Access Levels

Public Access

When enabled on a cube, anyone can read records without authentication. Only columns marked as Public are returned.

API Key Access

API keys grant full read and write access to all columns in a project. Use API keys for server-to-server communication.

Column-Level Permissions

Each column has a Public toggle that controls whether it appears in unauthenticated API responses. This lets you expose only the data you want to be public.

Best Practices

Never expose API keys in client-side code
Use public access for read-only frontend consumption
Keep sensitive columns (emails, internal IDs) private
Rotate API keys periodically

Getting Started

Core Concepts

Permissions

Permissions

Access Levels

Public Access

API Key Access

Column-Level Permissions

Best Practices

Getting Started

Core Concepts

​Permissions

​Access Levels

​Public Access

​API Key Access

​Column-Level Permissions

​Best Practices

Permissions

Access Levels

Public Access

API Key Access

Column-Level Permissions

Best Practices