I deployed my canisters to the main network. I could access those canisters through the Nodejs client without using any key(Principle id). Is there a way to restrict access to the canister?
You can check the caller’s principal in your public methods using msg.caller, as described here: https://smartcontracts.org/docs/language-guide/caller-id.html
Eg:
public shared(msg) func hello() {
if (msg.caller == allowedPrincipal) {
...
A few more examples are linked here too:
https://forum.dfinity.org/t/which-is-the-best-way-to-set-admin-to-your-application/1621/2?u=ori
2 Likes
Thanks for the reply @Ori. But when we are testing canisters locally we have to fetch the identity from the root key. right? otherwise, we cannot access the canister on the local node.
Why is that?
Why is that not applying for the main network?