Open jessekimotho opened 2 weeks ago
It should be possible to explicitely give access to a user without an invite step. Members that are added this way needs to have their "accepted" property set to true and the client that performs this API request need to have a token with GLOBAL_WRITE and ACCESS_DB scopes.
POST /all/members HTTP/1.1
Host: <your database URL>
Authorization: Bearer <token from /token endpoint (with GLOBAL_WRITE and ACCESS_DB scopes)>
Content-Type: application/json
[{
"realmId": <theRealmId>,
"email": "foo@bar.com",
"userId": "foo@bar.com",
"accepted": true,
"invite": false,
"permissions": {},
}]
The id of the realm will then be auto-generated by the server and the "accepted" property will be converted to current Date timestamp and the user "foo@bar.com" will get immediate access to the given realm.
Is this a solution that would work in your case?
The current default flow for adding a user seems to require an invite step, even when using the REST API. This requirement significantly complicates the user experience. For instance, if a user has paid for their subscription and wants immediate access to the content of a directory/dictionary app, I have to programmatically subscribe to the
db.cloud.invites
observable. Even then, I need to handle the invite acceptance on the backend, which feels like unnecessary extra steps.Moreover, the documentation is ambiguous on how to add database members without the invite step. There are hints scattered throughout the docs but no clear explanation on how this is possible. For example:
I believe this is a mainstream use case for Dexie. In my application—a subscription-based medicine directory app—users first sign in and pay a subscription fee. Afterward, they should be automatically added to the realm that provides access to the data they need. The invite step complicates this process unnecessarily.
A smoother transition from subscription payment to data access is crucial for a seamless user experience. It would be beneficial to have a clear, documented method for adding users without the invite step.