Hide sensitive data from administrator role


Is it possible to make certain sensitive data inaccessible by the admin role (especially in the console view), similar to the way passwords are being handled? Also, is the database encrypted by default? If not, what would your recommendation be for encrypting it?

Hello @smarii,

The console allows to set up users with more restrict access levels, see: Heroic Labs Documentation | User Management . However it is currently not possible to restrict functionality for a specific role.

All passwords stored by Nakama are encrypted using well established security best practices.

If you use our managed Heroic Cloud solution, the database will be fully encrypted and backed up, otherwise it will depend entirely on how you manage the database yourself.


Thank you for the fast reply. What about the permission levels of collections in the storage, is it possible to prevent an admin user to view the values of those “private” collections that are set for “user only” view?

It is not possible to hide the content of the storage objects from the console users, the lowest access level (Viewer) disallows to edit, but the content can still be seen. Could you elaborate on what you’re trying to achieve?

I wish to store a private key for each user, but I need to guarantee that not even the admin will be able to view these private keys.

The best way to store secrets such as private keys would be using something like vault

Alright then, thanks a lot for your input