AWS Lambda
Last updated
Last updated
There are many cases when you need to perform administrative tasks within your <form.io> project, but do not wish to expose the permissions necessary for updates to the users of your application. The most common example of this is for Subscription based applications. Let’s suppose that you wish to allow your users to sign up for subscriptions within your application, and based on them paying the fee, their account should be promoted in some way. Either by assigning a role to that user, or by assigning a value within a resource they do not have permission to update. Since the user is logged into their account when the subscription is made, you need a way to perform an administrative update to the project (give them more access), but cannot expose that API to the user who is logged into the app.
For this example, provides a very robust way to create a Proxy method that the application uses to perform the validation of the request (like through your payment processor) and then subsequently perform administrative API requests into the <form.io> project. There is a lot of documents on the web that provide detail on how to configure and utilize AWS Lambda, so below is some example Node.js code that can be placed within your Lambda function which will perform an administrative update to a record based on a user based authenticated request.
Example Lambda Code to Update a User via Admin privileges from a users JWT Token
After you have the Lambda function created, you now just need to hook that up to the AWS API Gateway to create a progressive API proxy into your <form.io> account.
There are many applications for this capability, but this illustrates an example on how AWS Lambda can be used as an API Proxy into <form.io>.