parse platform - Back4App security permissions by the default selected as public

Question

I found this setup on Back4App dashboard (Security tab in the class).

As you see Class Level Permissions view says that all Public checkers are selected.

Does it mean that anyone can access my class from the NET even without authentication?

Also I see that I can search through role, user or pointer. Which means this view only for adding some permission for selected items which I have not added yet.

But I am curious to know if this is some setting I need to adjust by myself and all classes are public open by default.

I know there are some articles about security set-up.

question from:https://stackoverflow.com/questions/66054413/back4app-security-permissions-by-the-default-selected-as-public

Answer 1

Yes, by default, they are currently set as public, but I highly recommend you to set them according to your needs, in order to avoid that you'll not let any sensitive data as public or allow that data can be read/update by someone that shouldn't have access for it.

As you tagged Back4App, I'd like to share some security guides created from them, here they are:

• https://www.back4app.com/docs/security/parse-security
• https://blog.back4app.com/parse-server-security/

You can also check the Security session of the open-source documentation: http://docs.parseplatform.org/js/guide/#security

I hope these links might help you. :)