Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Operations for reading, replacing, or deleting a specific permission by id. Permissions are used to create ResourceTokens. Resource tokens provide access to the application resources within a database. Resource tokens:
- Provide access to specific containers, partition keys, documents, attachments, stored procedures, triggers, and UDFs.
- Are created when a user is granted permissions to a specific resource.
- Are recreated when a permission resource is acted upon on by POST, GET, or PUT call.
- Use a hash resource token specifically constructed for the user, resource, and permission.
- Are time bound with a customizable validity period. The default valid timespan is one hour. Token lifetime, however, may be explicitly specified, up to a maximum of 24 hours.
- Provide a safe alternative to giving out the master key.
- Enable clients to read, write, and delete resources in the Cosmos DB account according to the permissions they've been granted.
public abstract class CosmosPermission
type CosmosPermission = class
Public MustInherit Class CosmosPermission
The Id of the Cosmos Permission
Delete a PermissionProperties from the Azure Cosmos DB service as an asynchronous operation. This will not revoke existing ResourceTokens.
|ReadAsync(Nullable<Int32>, RequestOptions, CancellationToken)||
Reads a PermissionProperties from the Azure Cosmos service as an asynchronous operation. Each read will return a new ResourceToken with its respective expiration.
|ReplaceAsync(PermissionProperties, Nullable<Int32>, RequestOptions, CancellationToken)||
Replace a PermissionProperties from the Azure Cosmos service as an asynchronous operation. This will not revoke existing ResourceTokens.