Working with SurrealDB over HTTP via Postman

SurrealDB provides a RESTful HTTP API for interacting with the database.

In this tutorial, you will learn how to query SurrealDB endpoints via the Postman collection. SurrealDB supports requests via HTTP & Rest with which you can handle different queries from creating simple tables to having Graph relationships between complex tables.

Check out the HTTP & Rest integration documentation for a detailed list of all the endpoints supported.

Prerequisites

This tutorial assumes that you have the following:

• A Postman account to fork the SurrealDB collection
• SurrealDB installed - If you do not, see the installation guide specific to your machine.

Getting Started.

Before forking the Collection from Postman, ensure that you have your SurrealDB instance running locally because by default the collection endpoint is set to localhost:8000 or http://127.0.0.1:8000

To do so run the Start command in your terminal:

surreal start --user root --pass root

The above command starts SurrealDB with authentication and specifies that the user and password are root. Note that this is just for demonstration purposes. You can replace root in both instances with any other value.

After running locally, head over to Postman and create a fork for your workspace. You should see all the endpoints listed. You can also check the endpoints in the documentation.

Using the INFO Statement

You can get information about your workspace by using the INFO statement. However, you need the right permissions in order to see the output. See the documentation for the INFO statement.

It is also important to note that the namespace and database values for the Postman collection are set to test by default.

You can see the JSON output using the INFO statement in the body of the request

INFO FOR ROOT / DB / NS

Below is the output of querying for the info of the Namespace you can get this output by running

INFO FOR NS

[
    {
        "result": {
            "accesses": {},
            "databases": {
                "test": "DEFINE DATABASE test"
            },
            "users": {}
        },
        "status": "OK",
        "time": "190.166µs"
    }
]

Defining a Record User

To define a record user, first navigate to the POST /sql endpoint and in the header of the request add the following fields:

Accept:application/json
NS:{{namespace}}
DB:{{database}}

You can also define a system user with other credentials such as Root or Database user. For this tutorial, we will be using only record users.

Note

The Namespace and Database fields are set to the value test by default. You can change this in the collection settings.

In the request body, define the record access method human with a session of 24 hours:

DEFINE ACCESS human ON DATABASE TYPE RECORD
    SIGNUP ( CREATE user SET email = $email, pass = crypto::argon2::generate($pass) )
    SIGNIN ( SELECT * FROM user WHERE email = $email AND crypto::argon2::compare(pass, $pass) )
    DURATION FOR SESSION 24h
;

The code above allows a user to sign up as a record user with their email and password. Then hash the password with the crypto::argon2::generate function

The sign in logic gets all the users where the emails match and uses the crypto::argon2::compare function to check the hash value to the unhashed.

Now when you get the info of the Database using INFO for DB you can see the access method human in the following output:

[
    {
        "result": null,
        "status": "OK",
        "time": "102.458µs"
    },
    {
        "result": {
            "accesses": {
                "human": "DEFINE ACCESS human ON DATABASE TYPE RECORD SIGNUP (CREATE user SET email = $email, pass = crypto::argon2::generate($pass)) SIGNIN (SELECT * FROM user WHERE email = $email AND crypto::argon2::compare(pass, $pass)) DURATION FOR TOKEN 1h, FOR SESSION 1d"
            },
            "analyzers": {},
            "functions": {},
            "models": {},
            "params": {},
            "tables": {},
            "users": {}
        },
        "status": "OK",
        "time": "78.084µs"
    }
]

Signing Up a New Scope user

After defining the signup and signin logic head over to the POST /signup endpoint to signup and in the header of the request add the following fields:

Accept:application/json
namespace:test
database:test
access:human

In the body of the request add the following information:

{
    "ns": "test",
    "db": "test",
    "ac": "human",
    "email": "test@surreal.com",
    "pass":"1234567886"
}

The result will be a JSON object:

{
    "code": 200,
    "details": "Authentication succeeded",
    "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3MDcxNDY2NTgsIm5iZiI6MTcwNzE0NjY1OCwiZXhwIjoxNzA3MjMzMDU4LCJpc3MiOiJTdXJyZWFsREIiLCJOUyI6InRlc3QiLCJEQiI6InRlc3QiLCJBQyI6Imh1bWFuIiwiSUQiOiJ1c2VyOnc2ZzBsNmh5eHpjZzlubTY2dGVjIn0.8Gud51cocThB8DMKD1zovtGiVgf5L1dAS6-pjWb6Lm6a7-4Spp7xXjD7JrHHdtJVNX1O0d8GdjZwRGTsP_NM9A"
}

Signing in a record user

Now that we have defined a User we can now log in. To do so, head to the POST /signin and using the same credentials. In the body of the request, add the same information you used to sign up:

{
    "ns": "test",
    "db": "test",
    "ac": "human",
    "email": "test3@surreal.com",
    "pass":"1234567886"
}

This should return a similar JSON object indicating successful authentication and providing a new token.

{
    "code": 200,
    "details": "Authentication succeeded",
    "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpYXQiOjE3MDcxNDY2NTgsIm5iZiI6MTcwNzE0NjY1OCwiZXhwIjoxNzA3MjMzMDU4LCJpc3MiOiJTdXJyZWFsREIiLCJOUyI6InRlc3QiLCJEQiI6InRlc3QiLCJBQyI6Imh1bWFuIiwiSUQiOiJ1c2VyOnc2ZzBsNmh5eHpjZzlubTY2dGVjIn0.8Gud51cocThB8DMKD1zovtGiVgf5L1dAS6-pjWb6Lm6a7-4Spp7xXjD7JrHHdtJVNX1O0d8GdjZwRGTsP_NM9A"
}

Using Table Endpoints

The Postman collection has a couple of endpoints for POST GET PUT PATCH DEL operations. For example, If you want to add a new entry to the table Person (Which is the default table in the collection) go to the POST /key/:table endpoint then in a body of the request and add the table content in the body of the request. E.g:

{
    age: 32,
    name: 'John'
}

You should get a response as seen below, notice that there is a record ID, with this record ID you can now use any of the /key/:table/:id endpoints for POST GET PUT PATCH DEL operations.

[
    {
        "result": [
            {
                "age": 32,
                "id": "person:p1cdf6cx89gnfboq5wye",
                "name": "John"
            }
        ],
        "status": "OK",
        "time": "105.667µs"
    }
]

Conclusion

In this tutorial, we’ve walked through how to set up and use SurrealDB over HTTP using Postman. We’ve covered how to define a new record access method, sign up a new user, and sign in with a user. These steps are crucial for managing user authentication in your applications using SurrealDB.

The Postman collection is still in active development for more information on using surrealDB via the HTTP endpoints. Check out our documentation on HTTP and rest endpoints