ALLOW_ANONYMOUS

Also known as

anonymous, allow_anon, anon (with or without @ prefix)

Allow unauthenticated access to the endpoint, overriding the global RequiresAuthorization setting.

Syntax

code

@allow_anonymous

Examples

Public Endpoint

sql

create function get_public_info()
returns json
language sql
begin atomic;
select '{"version": "1.0"}'::json;
end;

comment on function get_public_info() is
'HTTP GET
@allow_anonymous';

Equivalent as a SQL file endpoint (sql/get-public-info.sql):

sql

-- HTTP GET
-- @allow_anonymous
select '{"version": "1.0"}'::json;

Short Form

sql

comment on function health_check() is
'HTTP GET
@anon';

Public Read, Protected Write Pattern

sql

-- Anyone can read
comment on function get_products() is
'HTTP GET
@allow_anonymous';

-- Only authenticated users can create
comment on function create_product(text, numeric) is
'HTTP POST
@authorize';

Behavior

Overrides the global RequiresAuthorization: true setting
Allows requests without authentication tokens
Useful for public APIs, health checks, and login endpoints

Authentication configuration - Configure authentication providers
NpgsqlRest Options configuration - Configure RequiresAuthorization setting
Comment Annotations Guide - How annotations work
Configuration Guide - How configuration works

AUTHORIZE - Require authentication
LOGIN - Mark as sign-in endpoint

ALLOW_ANONYMOUS ​

Syntax ​

Examples ​

Public Endpoint ​

Short Form ​

Public Read, Protected Write Pattern ​

Behavior ​

Related ​

Related Annotations ​

Comments