Q: 2 Big missing security features makes me sad about this deal.
Hi, I have been using NocodeBackend for a few months now, but I think you are missing two important security features that I need—and that I think many people need for this to be usable.
- The auth table needs to allow roles. Some users are viewers, some are writers, and some are admins. - How can I make system registration available only to admins, so only users approved by an admin can use your...
I saw your other GDPR-related answers, however I still wanted to ask current status:
1] EU-only data residency: Since you mentioned that EU-only residency is not currently guaranteed, is this planned, and do you have an estimated timeline? Subprocessors: Is the public subprocessor list now available? If not, when do you expect to publish it?
2] Backups after deletion: You...
Founder Team
Riya_NoCodeBackend
Jun 18, 2026
A: Thank you for the follow-up questions.
1. EU-only Data Residency & Subprocessors
EU-only data residency: At present, we do not guarantee EU-only data residency. This is something we are evaluating based on customer demand and our broader infrastructure roadmap, but we do not have a committed timeline to share at this time.
Subprocessors: We are currently working on publishing a public...
Q: Can the nocodebackend webhook authenticate with OAuth?
Can the nocodebackend webhook authenticate with OAuth?
If the webhook provider cannot authenticate with OAuth and in what way can NCB send the data? e.g. via only a simple POST with a shared secret? or only to a public endpoint?
Founder Team
Riya_NoCodeBackend
Jun 11, 2026
A: Hello, The NCB webhooks feature allows to pass the data to any 3rd party webhook, but there is no oauth or secret required.
Does NoCodeBackend support: - An authenticated private_read / own_read_only policy?
Similar to the public RLS: - public_read - public_write - public_readwrite - public_scoped_read - public_scoped_write - public_scoped_readwrite
Is it possible to restrict private/authenticated users to read_only?
Thank you so much for your help on this!
Founder Team
Riya_NoCodeBackend
May 28, 2026
A: Hi, Currently we have below: Row Level Security (RLS): Controls who can access each table's data.
Private (default) — Only the logged-in admin who created the data can see it. Authentication required. Shared — All logged-in admins can see each other's data (useful for team features). Authentication still required. Public — Anyone on the internet can access the data without logging in, via...
Hi Riya, thank you for your reply! To make this super clear: It is currently not possible for authenticated users to access authenticated table with read only permission (immutable table) and with write permission on another table, right?
Q: 2 Big missing security features makes me sad about this deal.
Hi, I have been using NocodeBackend for a few months now, but I think you are missing two important security features that I need—and that I think many people need for this to be usable.
- The auth table needs to allow roles. Some users are viewers, some are writers, and some are admins.
- How can I make system registration available only to admins, so only users approved by an admin can use your...
Share NoCodeBackend
Q: GDPR Update needed: EU Residency, Subprocessors, Backup Retention & Roadmap
Hello NCB Team,
I saw your other GDPR-related answers, however I still wanted to ask current status:
1] EU-only data residency: Since you mentioned that EU-only residency is not currently guaranteed, is this planned, and do you have an estimated timeline?
Subprocessors: Is the public subprocessor list now available? If not, when do you expect to publish it?
2] Backups after deletion: You...
Riya_NoCodeBackend
Jun 18, 2026A: Thank you for the follow-up questions.
1. EU-only Data Residency & Subprocessors
EU-only data residency: At present, we do not guarantee EU-only data residency. This is something we are evaluating based on customer demand and our broader infrastructure roadmap, but we do not have a committed timeline to share at this time.
Subprocessors: We are currently working on publishing a public...
Share NoCodeBackend
I'm also interested, I'm a level 4 user, if you became GDPR compliant I would upgrade to level 5
Q: Can the nocodebackend webhook authenticate with OAuth?
Can the nocodebackend webhook authenticate with OAuth?
If the webhook provider cannot authenticate with OAuth and in what way can NCB send the data? e.g. via only a simple POST with a shared secret? or only to a public endpoint?
Riya_NoCodeBackend
Jun 11, 2026A: Hello,
The NCB webhooks feature allows to pass the data to any 3rd party webhook, but there is no oauth or secret required.
Thanks
Riya
Share NoCodeBackend
Verified purchaser
Thx, yes I know it's not required, but is it possible? Or other authentication methods...
It's not possible. But I think it's a good Idea to have a secret (optional) that can be passed along with the data
Q: 🚀 New Feature: Bulk Data API is Now Live!
Need to process large amounts of data? You can now create, update, or delete up to 500 records in a single API request.
✅ Faster processing
✅ Fewer API calls
✅ Reduced risk of timeouts
✅ Existing webhooks and automations continue to work seamlessly
New endpoints:
POST /bulk/create/{table}
PUT /bulk/update/{table}
DELETE /bulk/delete/{table}
Check out your database's Swagger documentation for examples and implementation details
Share NoCodeBackend
Verified purchaser
This has been GAME-CHANGER for us. Thank you for this feature! 🚀
Q: RLS Policies Inquiry
Hi Riya,
Does NoCodeBackend support:
- An authenticated private_read / own_read_only policy?
Similar to the public RLS:
- public_read
- public_write
- public_readwrite
- public_scoped_read
- public_scoped_write
- public_scoped_readwrite
Is it possible to restrict private/authenticated users to read_only?
Thank you so much for your help on this!
Riya_NoCodeBackend
May 28, 2026A: Hi,
Currently we have below:
Row Level Security (RLS): Controls who can access each table's data.
Private (default) — Only the logged-in admin who created the data can see it. Authentication required.
Shared — All logged-in admins can see each other's data (useful for team features). Authentication still required.
Public — Anyone on the internet can access the data without logging in, via...
Share NoCodeBackend
Verified purchaser
Hi Riya, thank you for your reply! To make this super clear: It is currently not possible for authenticated users to access authenticated table with read only permission (immutable table) and with write permission on another table, right?
Hi,
Yes correct.