Dear all, I'm totally aware that this list is dedicated to Apache CouchDB and not to IBM Cloudant, but please consider my question as related to Apache CouchDB compatibility with its ecosystem.
As stated by Apache CouchDB documentation: "Proxy authentication is very useful in case your application already uses some external authentication service and you don’t want to duplicate users and their roles in CouchDB." Source: https://docs.couchdb.org/en/latest/api/server/authn.html#proxy-authentication Hence a reverse proxy can authenticate a user and send the username (as `X-Auth-CouchDB-UserName` HTTP header) along with a token (as `X-Auth-CouchDB-Token`) generated from this username and a general shared secret (not related with this particular user). As stated: This authentication method allows creation of a User Context Object for remotely authenticated user. This user context can be useful in a `validate_doc_update` function (for authorizations) or in an `update` function (for accounting). Among third party CouchDB hosts, IBM cloudant is one of the most famous. However the product is slightly different, especially concerning security (see: https://cloud.ibm.com/docs/Cloudant?topic=Cloudant-couchdb-and-cloudant). Whereas I am familiar with proxy authentication in Apache CouchDB, I didn't manage to setup a similar feature in Cloudant nor to find documentation about it. In particular, IBM "API keys" (composed by a key and a password) don't seem to be compatible with setting a different username as `X-Auth-CouchDB-UserName`. Does anyone succeeded in setting up (in Cloudant) a user context different from the credentials used for authentication? Or is there a doc anywhere saying that it is not possible? Or, is there a similar hosted service (esp. with free tier) but with proxy authentication enabled? Best regards, Aurélien P.S. My question was asked also on StackOverflow: https://stackoverflow.com/questions/67537968
