Secure Filters

Data Access Token

Secure filters are a property of the identity config. They secure your user's data in a multi-tenant environment. You must define filters for each data set the user has access to.

For example, say you have a data set with an ID of das_1, and you want to only show users their own data from this data set, you might specify a secureFilters value of:

{
  // The secureFilters key of the identity config.
  secureFilters: {
    // The ID of the data set the secure filter applies too
    "das_1": [{
      // The ID of the field in the data set which the secure filter applies too
      field: "User ID",
      // The operator used in the permission check.
      op: "=",
      // The value to check against.
      value: 1
    }]
  }
  // ... The rest of the identity config
}

These secure filters will be signed and sent to the Vizzly query engine by the Vizzly react embed, where they will be validated using your organization's public key and ensure that each user only ever has access to their own data.

And / OR Logic

To have finer controls over the secure filters, you can use our nested list structure.

OR

[
  << filter one >>,
  << filter two >>
]

can be described as where "filter one" OR "filter two" match

AND

[
  [
    << filter one >>,
    << filter two >>
  ]
]

can be described as where "filter one" AND "filter two" match

OR & AND

[
  [
     <<filter one>>,
     <<filter two>>,
  ],
  [
     <<filter three>>,
     <<filter four>>,
  ],
]

can be described as where "filter one and filter two" OR "filter three and filter four"

Operators

Greater than

Valid on fields with data type of number and date.
{
  "field": "field_id_example_1",
  "op": ">",
  "value": number | ISO formatted date string
}

Less than

Valid on fields with data type of number and date.
{
  "field": "field_id_example_1",
  "op": "<",
  "value": number | ISO formatted date string
}

Equal to

Valid on fields with data type of number, date, boolean and text.
{
  "field": "field_id_example_1",
  "op": "=",
  "value": any
}

Not equal to

Valid on fields with data type of number, date, boolean and text.
{
  "field": "field_id_example_1",
  "op": "!=",
  "value": any
}

Greater than or equal to

Valid on fields with data type of number and date.
{
  "field": "field_id_example_1",
  "op": ">=",
  "value": number | ISO formatted date string
}

Less than or equal to

Valid on fields with data type of number and date.
{
  "field": "field_id_example_1",
  "op": "<=",
  "value": number | ISO formatted date string
}

Is one of

Valid on fields with data type of number, date, boolean and text.
{
  "field": "field_id_example_1",
  "op": "is_one_of",
  "value": Array<string | number>
}

Is not one of

Valid on fields with data type of number, date, boolean and text.
{
  "field": "field_id_example_1",
  "op": "is_not_one_of",
  "value": Array<string | number>
}

Starts with

Valid on fields with data type of text.
{
  "field": "field_id_example_1",
  "op": "starts_with",
  "value": string
}

Ends with

Valid on fields with data type of text.
{
  "field": "field_id_example_1",
  "op": "ends_with",
  "value": string
}

Contains text

Valid on fields with data type of text.
{
  "field": "field_id_example_1",
  "op": "contains_substring",
  "value": string
}

Does not contain text

Valid on fields with data type of text.
{
  "field": "field_id_example_1",
  "op": "does_not_contain_substring",
  "value": string
}

Contains

Valid on fields with data type of array.
{
  "field": "field_id_example_1",
  "op": "array_contains",
  "value": string | number
}