🔮 Sanity Create is here. Writing is reinvented. Try now, no developer setup

Creating a dataset with public and private data in Sanity.io

10 replies
Last updated: Sep 6, 2020
Is that possible to create a dataset that contains public & private documents, and the client can only access the public data while in the CMS can access both public and private data? Or I can only create different datasets individually?
Sep 5, 2020, 5:27 AM
I found Spaces may help, create two datasets for public and private use.
Another question is, my public and private dataset have different schema, but Spaces seem share same schema even with different
projectId
and
dataset
.
Sep 5, 2020, 7:27 AM
A workaround is I can share the same schema in different datasets, but show a subset of documents that the current dataset needed in the navigation bar based on
process.env.SANITY_STUDIO_API_DATASET
.
Not sure it’s a good practice.
Sep 5, 2020, 7:36 AM
I’d look into IDs and paths :) https://www.sanity.io/docs/ids
Sep 5, 2020, 7:57 AM
I’d look into IDs and paths :) https://www.sanity.io/docs/ids
Sep 5, 2020, 7:57 AM
user Y
So I can create private documents by providing a custom id like
contacts.${ID}
(only through API [1]), then the client (without token) can’t access them. Am I right?
[1]

The Sanity Studio automatically generates a random UUID  for new documents (e.g. 
189bc292-e41b-42a0-91b5-bfaa33a34af2
), and does not allow you to specify an ID yourself, but you are free to use your own ID scheme for documents that you create using the HTTP API.
Sep 5, 2020, 8:21 AM
Yup!
Sep 5, 2020, 8:49 AM
It works, thanks!
Sep 5, 2020, 8:52 AM
user Y
am I right in thinking then that this would be a secure solution to build your own shop storing customer data in Sanity?
(providing all orders / customer data must be created initially via Sanity Javascript Client)

That’s exciting!

Or is it safest to keep it a private dataset and proxy the API requests using serverless functions?
Sep 5, 2020, 8:56 PM
You are right in thinking that. It’s the same way that drafts and the system documents (containing the permissions) work 🙂
Sep 6, 2020, 10:22 AM
Ahh! Thanks
user Y
– never clocked that this is why drafts only show up in authenticated requests. Amazing! Very excited to start making some lightweight shops in Sanity 🙂
Sep 6, 2020, 10:25 AM

Sanity– build remarkable experiences at scale

Sanity is a modern headless CMS that treats content as data to power your digital business. Free to get started, and pay-as-you-go on all plans.

Was this answer helpful?