Skip to main content
When the service runs with CYBORGDB_SERVICE_ROOT_KEY set, the Python SDK exposes per-index user provisioning on EncryptedIndex. These calls require the client to be using the root API key.
See Multi-Tenancy & RBAC for the operator-side playbook (modes, key kinds, KMS-backed constraint).

create_user

Mint a per-user API key scoped to this index.
EncryptedIndex.create_user(permissions: List[str]) -> Dict[str, str]

Parameters

ParameterTypeDescription
permissionsList[str]Non-empty subset of ["read", "write"]. Enforced cryptographically by the service.

Returns

Dict[str, str] with two keys:
KeyTypeDescription
user_idstrHex-encoded identifier for the new user.
api_keystrThe user’s API key (cdbk_…). Returned exactly once and never stored — capture it now.
The api_key is shown only in this response and is never persisted by the service. Hand it to the user securely. If lost, revoke and re-mint.

Example

from cyborgdb import Client

admin = Client(base_url='http://localhost:8000', api_key=ROOT_KEY)
index = admin.load_index('documents')  # KMS-backed: no index_key

user = index.create_user(permissions=['read', 'write'])
user_id = user['user_id']
api_key = user['api_key']
# Hand `api_key` to the new user via a secure channel — it is never recoverable.
# Avoid logging or printing it.

Exceptions

  • ValueError: invalid permissions, missing root key, RBAC not enabled, or service-side failure.

list_users

List the users provisioned for this index.
EncryptedIndex.list_users() -> List[Dict[str, Any]]

Returns

A list of dicts, each with:
KeyTypeDescription
user_idstrHex-encoded identifier.
permissionsList[str]Subset of ["read", "write"]. Derived from which wrapped DEKs exist for the user.

Example

for u in index.list_users():
    print(u['user_id'], u['permissions'])

Exceptions

  • ValueError: missing root key, RBAC not enabled, or service-side failure.

delete_user

Revoke a user. Erases their wrapped DEK(s) for this index — even a captured cdbk_… token becomes useless on the next request. No propagation lag.
EncryptedIndex.delete_user(user_id: str) -> None

Parameters

ParameterTypeDescription
user_idstrHex user_id from create_user (or list_users).

Example

index.delete_user('a1b2c3d4e5f6')

Exceptions

  • ValueError: invalid user_id, missing root key, RBAC not enabled, or service-side failure.