| outline |
|
||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| title | ALLOW_ANONYMOUS Annotation | ||||||||||||||||||||||||||||
| titleTemplate | NpgsqlRest | ||||||||||||||||||||||||||||
| description | Allow unauthenticated access to specific PostgreSQL REST API endpoints. Override global authorization requirements. | ||||||||||||||||||||||||||||
| head |
|
::: info Also known as
anonymous, allow_anon, anon (with or without @ prefix)
:::
Allow unauthenticated access to the endpoint, overriding the global RequiresAuthorization setting.
@allow_anonymous
create function get_public_info()
returns json
language sql
begin atomic;
select '{"version": "1.0"}'::json;
end;
comment on function get_public_info() is
'HTTP GET
@allow_anonymous';Equivalent as a SQL file endpoint (sql/get-public-info.sql):
-- HTTP GET
-- @allow_anonymous
select '{"version": "1.0"}'::json;comment on function health_check() is
'HTTP GET
@anon';-- Anyone can read
comment on function get_products() is
'HTTP GET
@allow_anonymous';
-- Only authenticated users can create
comment on function create_product(text, numeric) is
'HTTP POST
@authorize';- Overrides the global
RequiresAuthorization: truesetting - Allows requests without authentication tokens
- Useful for public APIs, health checks, and login endpoints
- Authentication Guide — auth methods, claims, and login flows
- Authentication configuration - Configure authentication providers
- NpgsqlRest Options configuration - Configure RequiresAuthorization setting
- Comment Annotations Guide - How annotations work
- Configuration Guide - How configuration works