RESTHeart - RESTHeart Cloud

What This Setup Does
Wizard Setup
- Step 1: Create Root User
- Step 2: Set Up Root Permissions
Next Steps

RESTHeart Cloud - Root User Setup

Create your root user account with full administrative privileges. This setup gives you complete control over your RESTHeart Cloud instance.

Tip	Looking for more? After setting up your root user, learn how to manage users and configure permissions for your application.

What This Setup Does

This wizard will:

Create a root user with your chosen credentials
Set up full permissions allowing all operations on your API Service
Test the authentication to ensure everything works correctly

Warning

Security Notice: The root user has complete access to your instance. Choose strong credentials and keep them secure.

Wizard Setup

🔧 Configuration

Client Type

Instance URL

Admin JWT

Root user password to set

⚠️ Before using these examples, get an Admin JWT token from https://cloud.restheart.com

Values are saved in your browser

Step 1: Create Root User

cURL

curl -i -X POST [RESTHEART-URL]/users?wm=upsert \
  -H "Authorization: Bearer [JWT]" \
  -H "Content-Type: application/json" \
  -d '{"_id": "root", "password": "[YOUR-PASSWORD]", "roles": ["root"]}'

HTTPie

http POST [RESTHEART-URL]/users?wm=upsert \
  Authorization:"Bearer [JWT]" \
  _id=root \
  password=[YOUR-PASSWORD] \
  roles:='["root"]'

JavaScript

fetch('[RESTHEART-URL]/users?wm=upsert', {
  method: 'POST',
  body: JSON.stringify({ "_id": "root", "password": "[YOUR-PASSWORD]", "roles": ["root"] }),
  headers: {
    'Authorization': 'Bearer [JWT]',
    'Content-Type': 'application/json'
  }
})
.then(response => {
  if (response.ok) {
    console.log('Root user created successfully');
  } else {
    console.error('Failed to create root user:', response.status);
  }
})
.catch(error => console.error('Error:', error));

Step 2: Set Up Root Permissions

The admin permission (/_acl/rootCanDoEverything) grants full access to all endpoints and operations. This permission uses:

Predicate: path-prefix('/') - Matches all paths
Roles: ["root"] - Applied to users with the root role
Priority: 0 - High priority permission
MongoDB Options: Enables all management operations

cURL

curl -i -X POST [RESTHEART-URL]/acl?wm=upsert \
  -H "Authorization: Bearer [JWT]" \
  -H "Content-Type: application/json" \
  -d '{"_id": "rootCanDoEverything", "predicate": "path-prefix('/')", "roles": ["root"], "priority": 0, "mongo": {"allowManagementRequests": true, "allowWriteMode": true}}'

HTTPie

http POST [RESTHEART-URL]/acl?wm=upsert \
  Authorization:"Bearer [JWT]" \
  _id=rootCanDoEverything \
  predicate="path-prefix('/')" \
  roles:='["root"]' \
  priority:=0 \
  mongo:='{"allowManagementRequests": true, "allowWriteMode": true}'

JavaScript

fetch('[RESTHEART-URL]/acl?wm=upsert', {
  method: 'POST',
  body: JSON.stringify({"_id": "rootCanDoEverything", "predicate": "path-prefix('/')", "roles": ["root"], "priority": 0, "mongo": {"allowManagementRequests": true, "allowWriteMode": true}}),
  headers: {
    'Authorization': 'Bearer [JWT]',
    'Content-Type': 'application/json'
  }
})
.then(response => {
  if (response.ok) {
    console.log('Root permissions configured successfully');
  } else {
    console.error('Failed to configure root permissions:', response.status);
  }
})
.catch(error => console.error('Error:', error));

Next Steps

Once your root user is set up, you can:

Create additional users with specific roles and permissions
Set up collections for your application data
Configure roles and permissions for different user types