Using resource tokens
Resource tokens are tokens associated with permission resources and establish connections between a user and the permissions of that user for resources stored in DocumentDB (collections, documents, and stored procedures).
Creating resource tokens
Imagine a scenario where a multi-tenant web application needs access to your database. For each tenant, a separate collection inside the database is created. The web application only needs access to the specific collection for the tenant. We can solve this by creating a resource token only for the new collection.
The following steps are performed to achieve this goal:
- Create a tenant-specific collection.
- Create a resource token for that collection.
- Have the web application use the resource token to gain access to the collection.
Creating a collection
The following C# code snippet creates a collection for a tenant called Contoso:
// Check if collection already exists DocumentCollection tenantCollection = client.CreateDocumentCollectionQuery...
