Tutorial - Management of Users and Permissions | Chino.io


The focus of this tutorial is to show how to grant access to Chino.io resources only to selected Users with the Permissions system.

We will grant access over Schemas and Documents, explaining which Permissions are granted and why.

This tutorial is available for the following programming languages: {{languages.join(", ")}}. In the setup you can change programming language.

Use Case

We are going to create two categories of Users, Doctors and Patients, that will be granted different access rights over the same resource type (Documents). In particular:

A Doctor can:

  • Create Documents that contain the results of a visit

  • Read every Document created

  • Grant Permissions to Patients to read the Documents he creates

A Patient can:

  • Read only the Documents over which the doctor has granted him the Permission

Resources used

Other than Users, we will use the following Chino.io resources:

  • Application: used to authenticate Users.

  • Repository: the main container for Schemas.

  • Schema: defines the structure, i.e. the set of fields, of Documents. Every Document created under the same Schema has the same fieldset.

  • Document: the resource where we store sensitive data.

  • Permissions: define the access rights of Users over resources.

Select language:

Register to Chino.io 

To register to our service go to console console , fill in the form, confirm the email and access.

Note: You can use Chino.io test environment for free.

Setup development environment

Install library

First thing to do is to setup an environment (optional) and install the SDK (mandatory)

(sudo) pip install git+https://github.com/chinoio/chino-python.git

Install library

First thing to do is to setup an environment (optional) and install the SDKs (mandatory)

There are two ways to install the SDKs:

If you're using Maven, then edit your project's pom.xml and add this:



If you're using Gradle, then edit your project's build.gradle and add this:

    allprojects {
        repositories {
            maven {
                url 'https://jitpack.io'

    dependencies {
        // ...
        compile 'com.github.chinoio:chino-java:1.0'

The other method is building the SDKs from source:

git clone https://github.com/chinoio/chino-java.git
    cd chino-java
    ./gradlew build

The output will be in build/

And if you want a "fat jar" with all the dependencies inside use the following commands:

git clone https://github.com/chinoio/chino-java.git
    cd chino-java
    ./gradlew build shadowJar

In order to perform network operations your Android manifest must include the following permissions:

<uses-permission android:name="android.permission.INTERNET" />
    <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />

Network operations in Android cannot be performed in the main UI Thread. You have to wrap the API calls in an AsyncTask :

  • Start the AsyncTask passing all the required parameters in an array: execute(params)

  • Perform your call inside the method doInBackground, which is executed asynchronously

  • Elaborate the results - if it can be done in the async method - and eventually return them

  • Update your local values and the UI in the method onPostExecute, which is executed on the UI thread.

{{ androidCode ? "Hide" : "Show" }} example

Create a subclass of AsyncTask:

Then, from your Activity or class trigger the task like this:

TextView mTextView = findViewById(R.id.myTextView); String[] params = { "68e0cfb0-bb2b-4cf1-b73a-f83e262f2ce8", "a311dea9-9486-4a05-8050-a53409b00aa4", "0dbe2671-7f74-4739-be1d-7a0db303f6bb" }; new ChinoAsyncTaskExample(mTextView).execute(params);

You can use Postman to try our rest API. We provide a Collection, to be imported in Postman, which allows you to easily test every call in this tutorial.

You can download Postman at this link .

SDK distribution

You can integrate the CHINO.io Swift SDK into your project using one of several methods.


To use CocoaPods, a dependency manager for Cocoa projects, you should first install it using the following command:

$ gem install cocoapods

Then navigate to the directory that contains your project and create a new file called Podfile. You can do this either with pod init, or open an existing Podfile, and then add

pod 'ChinoOSXLibrary', :git => 'https://github.com/chinoio/chino-ios.git', :tag => '1.0'

to the main loop. Your Podfile should look something like this:


target '<YOUR_PROJECT_NAME>' do
    pod 'ChinoOSXLibrary', :git => 'https://github.com/chinoio/chino-ios.git', :tag => '1.0'

Then, run the following command to install the dependency:

$ pod install

Once your project is integrated with the CHINO.io Swift SDK, you can pull SDK updates using the following command:

$ pod update

Write here your customer ID and Key

Here you can write your customerId and customerKey to have them filled out in the code. It's just for the purpose of the tutorial.

Click on the following button to add the Collection with the calls of this tutorial in Postman.
Postman will automatically set the values inserted in this page in the environment variables.

Note: if you want to add an environment in Postman, please fill the customer_id and customer_key in the box above.


First thing to do is to initialize our SDK.

We now have access to the SDK that wraps all the calls that Chino.io API offers.

Create a Repository

The next step is to create a Repository.

Repositories can be created via the API or via the console. For this first tutorial we create a Repository via the console.

We create a Repository using Postman

Note: without a Repository you can't create Schemas, and without Schemas you can't create Documents in which to store your data.

Once created we copy the (write here your repository_id) and we use it as constant in our code.

Create a Schema

The Schema represents the structure of the Document we want to store inside Chino. For this tutorial we store the following information:

  • patient_id : string (indexed) - the ID of the Patient that has been visited

  • doctor_id : string (indexed) - the ID of the Doctor that performed the visit

  • visit_type : string (indexed) - a brief description of the type of visit

  • visit : text (not indexed) - the outcome of the visit

  • date : datetime (indexed) - timestamp of when the visit was made

Note: you can search for Documents with the indexed fields.

Note: this is the Schema over which we are going to grant Permissions.

We call this schema base_vist

Once created, copy the schema_id

Create an Application

We need an Application to let our Users login to Chino.io. For this tutorial we create a confidential Application with the password login method.

Note: if you don't know what an Application is or what is used for, check the tutorial on Authentication .

Once created, copy here your app_id:

and your app_secret:

Create a UserSchema

We create a UserSchema which defines the following attributes of the Users:

  • name: string (indexed) - the first name of the User

  • last_name: string (indexed) - the last name of the User

  • date_birth: date (indexed) - the date of birth

  • role: text (not indexed) - the role (patient or doctor)

Once created, copy here your user_schema_id:

Create Users

Now we can create the Users for this tutorial: a Doctor and a Patient. We create them under the same UserSchema and differentiate them only by the attribute role:

Give permissions

We defined that the Doctor needs to create new Documents and read, update and delete those already present in the Schema. He also needs to authorize his Patients to read the Documents he decides to.

Note: learn more about the Permissions system in the Chino.io docs .

Create a Document (Doctor)

We now log in as the doctor and create a new Document with the visit of the patient. We also grant the read permission to the Patient over the new Document, so that he can log in and read it.

Doctor login:

Document creation:

The HTTP header must contain the access_token of the Doctor.

Grant read Permission:

Note: The Permission request targets the Patient and the new Document only.

Read the Document (Patient)

We now try to log in as the Patient and read the Document created by the Doctor.

First we need to login as a Patient and set the access_token in the HTTP header, just like we did for the Doctor.

Then, we can read the Document:


We have implemented the authentication of Users and managed Permissions.


  • Organize Documents between multiple Schemas and Repositories

  • Create different UserSchemas to register different categories of Users: useful data about doctors are not always important for patients, and vice-versa