How do I search/lookup the Identity of a Realm User?



Please can someone point me to documentation that can help me understand the following.

User A has a fine-grained permission Realm. User A is not an admin of the Realm platform. User A is an administrator of her Realm.

User B has a fine-grained permission Realm. User B is not an admin of Realm platform. User B is an administrator of his Realm.

User A wishes to grant User B read access to her fine grained Realm.

Here’s where I get stuck. How do I search/lookup the Identity of User B?

When User A is authenticated she does not have permission to look up another user’s identity on the Realm platform - which means User A is unable to add User B. When I look through the documentation all I see are methods like getUser() - does anyone have an example of this method? I can write a working method that returns information about any user - if the calling user is a ROS Admin. But this method always fails if the calling user is a “normal” Realm user.

Swift / iOS


I believe we’ve addressed that here
Let me know if this isn’t clear


Not clear.

RLMSyncPermission definition … “A value representing a permission granted to the specified user(s) to access the specified Realm(s).”

What I need is the answer to how to fetch the identity of a user so that I can feed that into the fine grained permission system without the calling user being a Realm Admin.


Unfortunately we only support looking up other users info if you are an admin. This was done for security purposes.

I agree this can be rather limiting, but I’m not sure just allowing non-admin users to lookup all other users is the right solution.

How is User A identifying User B right now?


Email address, all users will sign up using their email address as their username.

Back to the drawing board.


So the answer is that it is not possible for non admin users to secure content without access to an Admin credentials. So let’s mark this topic as closed.

However. I do wonder why it was thought that this solution is the secure solution. I know exactly zero developers who are serious about security and who would embed admin credentials into an application. Zero.