Scopes and Access Privileges

Buckets are managed in the three scopes: the application scope, group scope, and user scope.

  • Application Scope

    Buckets in this scope belong to the application. These buckets are suitable for data shared by all the users of the application, such as the highest score of a game and default setting values.

  • Group Scope

    Buckets in this scope belong to a group. These buckets are suitable for data shared by group members, such as data on a bulletin board.

  • User Scope

    Buckets in this scope belong to a user. These buckets are suitable for data privately owned by a user, such as a user's personal data and setting information.

You can create multiple buckets per user or group instance in each scope. Each bucket can store multiple objects.

In the below example, each user has two buckets, PhotoData and ViewSettings. Suppose you need to display all the images owned by Bob James. You can get the data of Tokyo Sta. and Maldives by calling the API which lists objects in the PhotoData bucket of the user Bob James.

Buckets and Access Privileges

Access to buckets in each scope is determined by the access privileges of the logged-in user.

In the below example, the logged-in user Bob can access the following data:

  • Buckets in Bob's user scope

  • Buckets of Sales division that Bob belongs to

  • Buckets in the application scope

Kii Cloud returns an error if Bob attempts to access buckets other than the above.

Buckets and objects have their own ACL (Access Control List) which is a whitelist containing users who can access them. You can change the access rule by updating the ACL.


Learn More...

See Customizing Access Permissions for more information about customizing access privileges.