How to retrieve objects not with all fields

For example, if I have a simple model:
User: login(String), email(String), password(String)
If I send a GET request, I’d get only login and email.
But I want this: if I send a GET request, I would get only login field. In other words, how I can hide email field and get it if only that authenticated user send a request

You can use props parameter for this, which is references object properties which should be returned with every object. For example, objects in the result GET<application-id>/<REST-api-key>/data/Users?props=login,email will contain only the “login” and “email” properties, or leave just login if non-authenticated user send request.


Ok, but it’s all about security. After reverse-engeering anyone can send another GET request and get an email.

You are absolutely, correct, it is all about security. For this very reason, we provide a mechanism where you can restrict access to your data, users, files, etc by applying a security policy. You can restrict access to specific roles (built in or custom). Please see the documentation for more info:

Sorry, but my english skills don’t allow me to find the correct paragraph of this article.
By what mechanism I can restrict access not for all DB, but only for 1 field

You can restrict access to a specific field using custom business logic. Here’s an example of how to do it using our new Codeless feature:

Thanks! Already though about custom BL. And am I right, that there is no other way to do it?


Yes, you’re right - that’s the only way.

Regards, Olga</img></img>

One more question. I did all steps from the video and it didn’t help


Even if I do simple operation like this</img>

I have the same error</img>



Hi timuructus

Yes, we able to reproduce it, we will fix asap

Regards, Vlad

We just fixed it, check this out and let us know if the problem is gone

Thanks a lot! Best support team I’ve ever seen. Problem is completely gone

what if i want to retrieve just the email … i have to put url as = ‘’ ??

Yes, you use this request - GET<application-id>/<REST-api-key>/data/Users?props=login