Skip to main content
When the service runs with CYBORGDB_SERVICE_ROOT_KEY set, the Go SDK exposes per-index user provisioning on *EncryptedIndex. These calls require the client to be using the root API key.
See Multi-Tenancy & RBAC for the operator-side playbook (modes, key kinds, KMS-backed constraint).

CreateUser

Mint a per-user API key scoped to this index. 
func (e *EncryptedIndex) CreateUser(ctx context.Context, permissions []string) (*CreatedUser, error)

Parameters

ParameterTypeDescription
ctxcontext.ContextContext for cancellation and timeouts.
permissions[]stringNon-empty subset of {"read", "write"}. Enforced cryptographically by the service.

Returns

TypeDescription
*CreatedUser{ UserID string; APIKey string }. The APIKey (cdbk_…) is returned exactly once and is never stored.
errorAny error encountered.
The APIKey is shown only in this response and is never persisted by the service. Hand it to the user securely. If lost, revoke and re-mint.

Example

admin, _ := cyborgdb.NewClient("http://localhost:8000", rootKey)
index, _ := admin.LoadIndex(context.Background(), "documents", nil)

user, err := index.CreateUser(context.Background(), []string{"read", "write"})
if err != nil {
    log.Fatal(err)
}
// Hand user.APIKey to the new user via a secure channel — it is never recoverable.
// Avoid logging or printing it.
_ = user.UserID
_ = user.APIKey

Errors

  • Returns error if permissions is empty/invalid, the client is not using the root key, or RBAC is not enabled.

ListUsers

List the users provisioned for this index. 
func (e *EncryptedIndex) ListUsers(ctx context.Context) ([]UserInfo, error)

Returns

[]UserInfo — each contains UserID (hex) and Permissions (subset of {"read", "write"}).

Example

users, err := index.ListUsers(context.Background())
if err != nil {
    log.Fatal(err)
}
for _, u := range users {
    fmt.Println(u.UserID, u.Permissions)
}

Errors

  • Returns error if the client is not using the root key, or RBAC is not enabled.

DeleteUser

Revoke a user. Erases their wrapped DEK(s) for this index — even a captured cdbk_… token becomes useless on the next request. No propagation lag. 
func (e *EncryptedIndex) DeleteUser(ctx context.Context, userID string) error

Parameters

ParameterTypeDescription
ctxcontext.ContextContext for cancellation and timeouts.
userIDstringHex UserID from CreateUser (or ListUsers).

Example

err := index.DeleteUser(context.Background(), "a1b2c3d4e5f6")
if err != nil {
    log.Fatal(err)
}

Errors

  • Returns error if userID is invalid, the client is not using the root key, or RBAC is not enabled.