Simon B. StøvringFeb 8

RE: https://mastodon.social/@pfandrade/116035886020550720

So can we actually use CloudKit's public database to store user-specific and/or sensitive data without it being widely available? So it's more like a traditional database an app can build functionality on?

Can anyone confirm this?

If that's the case, I've totally misunderstood the public database for years. I have always considered it suitable only for sample data and other data meant to be broadly accessible without auth.

Show threadDanijela VrzanFeb 8
@simonbs Not that I know of, anyone can see it, it's publicly readable, even people without iCloud can read it. You can only limit writing. So I wouldn't recommend storing sensitive data. You can use it for other data. I store about 3 million records my users can read from. Nothing sensitive, just regular data anyone has access to.
Show threadSimon B. StøvringFeb 8

@dvrzan This is also my understanding but then I started looking into the security roles. Have you played around with those?

If the "_world" and “_icloud" users don't have a role for a record (for example, the PushToken role), I don't think the world can see it, only the creator of the record and anyone authorizing with a server-to-server key.

Show threadkeval
@simonbs @dvrzan What happened when you queried it?
Feb 9 at 4:06amWeb