Granting permissions

Explains the process of granting permissions to a signer


Granting permissions

Before proceeding with the tutorial, we need to grant permissions to the signer. By default, only the owner (creator) of a ledger has full access to it. Since we are going to create new signers, they need permissions to operate the system. Please note that this step is only required for the purposes of this tutorial. Doing so opens the ledger to anyone, which is extremely insecure and not recommended for production. You can learn more about these concepts in About Authorization and About Authentication.

Next, we will grant permissions to signers in the system by creating a new access policy. This policy should have schema access and target any record. Type minka policy create command and proceed with suggested values.

$ minka policy create
? Handle: full-access
? Record: any
? Extend an existing policy?: No
? Schema: access
? Add filter? No
? Define rules for this policy? Yes
? Enter policy values content: [{ "action": "any", "record": "any" }]
? Add custom data? No
? Set this policy inactive? No
? Signer: clearinghouse
? Signer password for clearinghouse [hidden]

✅ Policy created successfully:

Policy summary:
---------------------------------------------------------------------------
Handle: full-access
Schema: access
Record: any

Values:
#0
  - Action: any
  - Record: any

Access rules:
#0
  - Action: any
  - Signer:
    - public: <signer public key>

Status: created

Luid: $plc.-0vdAocAmYNlIA_1q
Handle: clearinghouse
Public: <signer public key>