This page is part of a static HTML representation of the TiddlyWiki at

WebServer Authorization

4th September 2018 at 5:40pm

Authorization is the process of determining which resources may be accessed by a particular user. It occurs after authentication has determined the identity of the user. TiddlyWiki's WebServer implements a simple authorization scheme which permits independent control of who has read and write access to a wiki.

The WebServer parameters readers and writers each contain a comma separated list of principals (which is to say, either usernames or certain special tokens) which should have read or write access respectively.

The available special tokens are:

  • (anon) - indicates all anonymous users
  • (authenticated) - indicates all authenticated users

Read-only Mode

Read-only mode is engaged when the current user is not authorized to write to the current wiki.

User interface features concerned with creating or editing content are disabled in read-only mode:

  • clone, delete, new-here and new-journal-here tiddler toolbar buttons
  • import, manager, new-tiddler new-image and new-journal page control buttons

The tiddler $:/status/IsReadOnly is set to yes when read-only mode is engaged.


These example use the credentials parameter to specify the location of a file containing usernames and passwords.

In the first example, read access is permitted for the users "joe" and "mary", with write access restricted to "mary":

tiddlywiki mywikifolder --listen credentials=myusers.csv readers=joe,mary writers=mary

In the following example, read access is granted to all authenticated users, but only "mary" is granted write access:

tiddlywiki mywikifolder --listen credentials=myusers.csv "readers=(authenticated)" writers=mary