Exposing production ready application data from your Cosmos DB containers is not trivial – you have certain security considerations (authentication and authorization) as well as protecting the integrity of your data with comprehensive data validation. You will also need to guard against raw SQL attacks and finally rate limit access to prevent runaway monthly costs.
By allowing direct container access, you will potentially have an insecure system or be spending time and resources developing the same framework over and over again to implement a production-ready system.
SlyceIO allows you to easily achieve all of this and manage the process in one place giving you peace of mind when exposing your data whilst vastly reducing the development cycle and decreasing time to market.
SlyceIO puts your data first by giving you full control over:
Abstracted public facing layer with logical containers, no direct access to the underlying physical container storage.
Token based security allows you to manage access to one or more containers – each container can have separate permissions for CRUD and querying.
Integrity and validation
Attach JSON schemas to containers to enforce data validation allowing safe ingress from multiple sources.
Support for multi-type containers via separate endpoints for each type regardless of the physical storage.
Create custom backend SQL queries callable from any client – restricting the queries an end user can perform on a container protects your data from raw SQL attacks and only exposes the data you choose.
Consume anywhere – server-side, web client, mobile.
Rate limited consistent endpoint based on your subscription – no unwanted monthly usage charges.
Aggregate access to containers from multiple Cosmos DB Accounts across your entire Azure estate.
Create abstracted logical containers which define the security, validation and permitted queries.
Most importantly – this is all managed quickly in one place.
For each container in Cosmos DB that you want to expose you can create a logical container definition in SlyceIO which is seen as a separate external resource that contains validation rules and custom queries.
Attaching a JSON schema ensures that any data inserted or updated into the system is validated. E.g. types of object, property values, acceptable partition keys.
Custom queries allow you to create predefined and tested parameterized custom executable SQL – ensuring the data being queried is safe to consume (no raw SQL requests).
Create API keys for one or more clients requiring access to the system as this defines the operations that can be performed on that resource. Once the client swaps the key for an authorization token then their access will be restricted to the specified operations defined on each container.
Scenario 1 outlines exposing containers with a simple 1-1 relationship. Each container has an associated logical container within SlyceIO which handles the security and data validation protecting your resources integrity.
Scenario 2 represents a single physical container that is used to store multiple data types. Each data type is exposed as a logical container within SlyceIO with separate endpoints. Creating a separate logical container for each type allows you to control access and validation without exposing details of the underlying physical architecture.
Start collecting bespoke customised data in minutes from websites, IOT devices, mobile applications and more.
SlyceIO has full CRUD capability including a query facility so you can use it as a fully managed document data store.
Expose data to your website, customers or applications. E.g. customer lists, pricing matrices, lookup values etc.
Create data driven APIs in a matter of minutes allowing you to concentrate on proof of concepts and developing MVPs.
We only need your email address to sign up. No payment details are required until you upgrade to one of our paid plans.
Your free trial will last 30 days allowing full use of the system limited only by the number of API calls per day, you can upgrade or cancel any time within the trial period.
API security is managed by exchanging SlyceIO API keys for encrypted fixed duration access tokens provided by the SlyceIO TOKEN endpoint.
Your document data can be accessed using any HTTP client.
Your subscription determines the number of API calls per day – any call to the API will count towards this quota.
Once the threshold has been reached you will receive a HTTP status code of 429 – your quota will be renewed the following day.
Payment is handled by Stripe which complies with the Payment Card Industry Data Security Standards (PCI DSS). Stripe stores all necessary personal information and card payment data for initial payment and repeat billing.
SlyceIO does not read or store any card payment information.
Your subscription is billed monthly in advance and will continue until cancelled.
Your subscription will be maintained allowing full use of the system until the end of your current billing period.
You can upgrade at any time using one of our paid plans. The upgrade becomes effective immediately and any remaining days will be billed at the new rate on a pro-rata basis.
For any custom requirements (e.g. specific usage requirements) please contact us.
Your data will be retained for a further 30 days after the subscription expiry date and re-subscribing within this period will enable your account with your existing data.