Apps and permissions

Most of the Weavy building blocks are backed by a corresponding app in your Weavy environment. The apps are required for permission and access control, and also for storing the content generated by users of the building block.


You can think of apps like containers for content, and the type of an app controls the type of content it can contain. For instance, you need a chat app for storing messages, a files app for storing files, and a posts app for storing posts.

Contextual apps are identified by a uid which is a string that uniquely identifies the app. Typically you can use the id of something already in your app such as a product, or page id. You can also use an URL as uid if you want.

Note that the uid cannot contain whitespace and must contain at least one non-digit.

Apps are created automatically by the building blocks when needed, but for better access control and individually assigning permissions to users you can also use the Web API to create apps ahead of time or to modify already created apps.


Controlling access to apps can be done on two levels. First you can set the access property whan creating the app. This property defines the permissions for users who are not members of the app.

  • If you want an open app where all authenticated users are allowed to create content: create an app with access=write.
  • If you want a read-only app where users can see content but cannot create anything: create an app with access=read.
  • If you want a closed app that only members can access: create an app with access=none.

Additionally, the directory property let's you reference a user directory and is used in combination with access to specify that only users in a specific directory can access the app.


By adding members to an app you can override the default access property on the app for individual users. Adding members to an app is done with the Add member endpoint in the Web API.

  • If you want to give a member permission to create content in the app: set access=write.
  • If you want to give a member permission to read content in the app: set access=read.
  • If you want to block a member from accessing the app: set access=none.

Use cases

If you have a large number of users that should have to access an app it is often convenient to set access on the app to read or write. If needed you can also define a few members with different access, for instance none to block them from accessing the app.

For maximum control over who can access an app, set access=none on the app and define members with individual access levels. You could for instance give write access to a few members, and read access to others.