By default, when you create a new App Services account, an app named sandbox is automatically created for the first organization you create. The sandbox app is designed for testing purposes and as a learning aide.
For simplicity, the app has all authentication disabled, and so it doesn’t require an access token for application-level calls to the API. In addition, the guest role for the app is given full permissions for all paths, that is, GET, POST, PUT, and DELETE for /**. (Learn more about roles and permissions in Roles and permissions.
In some cases you may want to create (or re-create) the sandbox app. For example, you may want to create a sandbox app for another organization or you may want to create another app for testing purposes. To create or re-create the sandbox app:
- Create a new app in the admin portal. You can name the app sandbox if you want, or any other name.
- Set full permissions for the guest role, as follows:
- Select Roles.
- Click on the guest role.
- Enter /** in the Add Permission Rules field.
- Check the get, post, put, and delete checkboxes.
- Click the Add button.
Note: Giving the guest roll full permissions should be used only for testing and should not be used in production. Before you make your app “live”, you should remove the guest permissions for /**.