Security

While Sheet2DB does not mandate authentication for using our API, we provide the option to enhance security. We offer two methods for authenticating your API requests: JWT Bearer tokens and Basic authentication. Additionally, you can exercise fine-grained control over access permissions, enabling you to specify the types of operations permitted on each database.

Permissions

To safeguard your APIs, it's advisable to grant the minimum necessary permissions required for your application to function effectively. For instance, if your intention is to use the API for data collection through a form, consider assigning only the Update permission. By doing so, even if someone discovers your endpoint, they won't have the capability to view your data.

Following are different permissions we support

Read : Allows you to send GET requests to eligible endpoints exlcluding search endpoints
Search: Allows you to send GET requests to search endpoints
Update: Allows you to send POST and PATCH requests to all eligible endpoints
DELETE: Allows you to send DELETE requests to all eligible endpoints

Accessing an unauthorized endpoint will result in a 403 Forbidden error."

Authentication

Sheet2DB Support 2 types for Authentication methods to safeguard access to your spreadsheet.

Basic Authentication
JWT Authentication

Basic Authentication

With Basic Authentication (opens in a new tab), you use username and password to authenticate your HTTP requests. You can enter username and password of your choice.

JWT Authentication

Using JWT Authentication (opens in a new tab), we provide you the flexibility to sign a token with your preferred encryption key. You may securely share the verification key with us to confirm that the token was indeed signed by you, ensuring access to your database.

Supported Algorithms

HS256
RS256

Quick Start Sheet Selection