RESTHeart Cloud is coming soon! Stay tuned!
RESTHeart Cloud - Root User Setup
Create your root user account with full administrative privileges. This setup gives you complete control over your RESTHeart Cloud instance.
What This Setup Does
This wizard will:
-
Create a root user with your chosen credentials
-
Set up full permissions allowing all operations on your API Service
-
Test the authentication to ensure everything works correctly
Warning
|
Security Notice: The root user has complete access to your instance. Choose strong credentials and keep them secure. |
Wizard Setup
🔧 Configuration
⚠️ Before using these examples, get an Admin JWT token from https://cloud.restheart.com
Step 1: Create Root User
cURL
curl -i -X POST [RESTHEART-URL]/users?wm=upsert \
-H "Authorization: Bearer [JWT]" \
-H "Content-Type: application/json" \
-d '{"_id": "root", "password": "[YOUR-PASSWORD]", "roles": ["root"]}'
HTTPie
http POST [RESTHEART-URL]/users?wm=upsert \
Authorization:"Bearer [JWT]" \
_id=root \
password=[YOUR-PASSWORD] \
roles:='["root"]'
JavaScript
fetch('[RESTHEART-URL]/users?wm=upsert', {
method: 'POST',
body: JSON.stringify({ "_id": "root", "password": "[YOUR-PASSWORD]", "roles": ["root"] }),
headers: {
'Authorization': 'Bearer [JWT]',
'Content-Type': 'application/json'
}
})
.then(response => {
if (response.ok) {
console.log('Root user created successfully');
} else {
console.error('Failed to create root user:', response.status);
}
})
.catch(error => console.error('Error:', error));
Step 2: Set Up Root Permissions
The admin permission (/_acl/rootCanDoEverything
) grants full access to all endpoints and operations. This permission uses:
-
Predicate:
path-prefix('/')
- Matches all paths -
Roles:
["root"]
- Applied to users with the root role -
Priority:
0
- High priority permission -
MongoDB Options: Enables all management operations
cURL
curl -i -X POST [RESTHEART-URL]/acl?wm=upsert \
-H "Authorization: Bearer [JWT]" \
-H "Content-Type: application/json" \
-d '{"_id": "rootCanDoEverything", "predicate": "path-prefix('/')", "roles": ["root"], "priority": 0, "mongoOptions": {"allowManagementRequests": true}}'
HTTPie
http POST [RESTHEART-URL]/acl?wm=upsert \
Authorization:"Bearer [JWT]" \
_id=rootCanDoEverything \
predicate="path-prefix('/')" \
roles:='["root"]' \
priority:=0 \
mongo:='{"allowManagementRequests": true}'
JavaScript
fetch('[RESTHEART-URL]/acl?wm=upsert', {
method: 'POST',
body: JSON.stringify({"_id": "rootCanDoEverything", "predicate": "path-prefix('/')", "roles": ["root"], "priority": 0, "mongoOptions": {"allowManagementRequests": true}}),
headers: {
'Authorization': 'Bearer [JWT]',
'Content-Type': 'application/json'
}
})
.then(response => {
if (response.ok) {
console.log('Root permissions configured successfully');
} else {
console.error('Failed to configure root permissions:', response.status);
}
})
.catch(error => console.error('Error:', error));
Next Steps
Once your root user is set up, you can:
-
Create additional users with specific roles and permissions
-
Set up collections for your application data
-
Configure roles and permissions for different user types