Calling canister on main network needs no authentication

shashika · March 1, 2022, 10:38am

I deployed my canisters to the main network. I could access those canisters through the Nodejs client without using any key(Principle id). Is there a way to restrict access to the canister?

Ori · March 1, 2022, 11:19am

You can check the caller’s principal in your public methods using msg.caller, as described here: https://smartcontracts.org/docs/language-guide/caller-id.html

Eg:

public shared(msg) func hello() {
    if (msg.caller == allowedPrincipal) {
	...

A few more examples are linked here too:
https://forum.dfinity.org/t/which-is-the-best-way-to-set-admin-to-your-application/1621/2?u=ori

shashika · March 2, 2022, 4:00am

Thanks for the reply @Ori. But when we are testing canisters locally we have to fetch the identity from the root key. right? otherwise, we cannot access the canister on the local node.
Why is that?
Why is that not applying for the main network?

Topic		Replies	Views
Grab calling principal in local environment Developers	6	637	June 16, 2022
I want a function on a canister to be callable only by another canister on the IC, and not by an API call or any other canister Developers	7	416	February 22, 2022
How to limit access to a canister within a whitelist of canisters? Developers	3	235	June 12, 2023
What are some do's and dont's when making canister calls from one canister to another? Developers	1	332	November 14, 2021
Feature Request: Mechanism to figure out if a call to a canister comes from canisters belonging to the same project Developers	8	633	March 24, 2023

Calling canister on main network needs no authentication

Related Topics