Limiting Access to Ceramic Node

Curious if there is a way to limit which projects are able to access a specific Ceramic Node. Ideally being able to limit it to which apps can actually write data to the specific node.


What you can do is configure CORS restrictions to allow only specific domains to hit your node from the browser. Should be easy to configure in your Ceramic daemon config. Just be aware of the limitations of CORS restrictions (they can be bypassed and omitted outside of a web browser). Cross-Origin Resource Sharing (CORS) - HTTP | MDN

So you can’t fully protect your Ceramic node without your own auth method on top, for example API keys, or signed requests. You might consider something like API gateway or some other proxy-like service for your auth.

1 Like