Users
Users
Users are entities that can interact with the Vertex.
They can be created and managed using the Vertex REST API Admin endpoints.
A User is identified by its user_id
and has API Keys, which can then be used to authenticate the User while interacting with the Vertex.
It is recommended to use different Users for different machines using the Vertex for different purposes.
All Keys generated by a specific User can only be used by that User.
An Admin may also assign a Policy to a User, which will be applied to all Keys generated by that User.
Alternatively, a Policy can be assigned to a specific Key Share directly by an Admin.
Creating a User
To create a User, an Admin must send a GET request to the /admin/create-user
endpoint.
The request may include a name
query parameter, which is a human-readable, unique name for the User:
curl -L -X GET 'https://<YOUR_VERTEX>/admin/create-user?name=human-readable-name-for-user' \
-H 'Accept: application/json' \
-H 'Authorization: <ADMIN_TOKEN>'
In response, an API key will be generated for the User and returned to the Admin, together with a user_id
that the Admin may then use for setting Policies for the User or other administrative operations.
Managing User API Keys
- A User can have multiple API Keys, or none at all.
- Every User starts with one API key, which is generated when the User is created.
- An Admin can generate additional API Keys for a User by sending a
GET
request to the/admin/generate-api-key
endpoint. - An Admin can also revoke an API key by sending a
DELETE
request to the/admin/revoke-api-key
endpoint. - If a User has no API Keys, the User will not be able to interact with the Vertex but its Keys and data will still be stored by the Vertex and an Admin will be able to create a new API Key for it and "activate" this User again.
Deleting a User
To delete a User, an Admin must send a DELETE
request to the /admin/delete-user
endpoint.
The delete operation will only succeed if the User has no key shares associated with it.
If you are sure you want to delete the User, you should first delete all the Keys associated with the User (using list-all-user-keys
to list them and then delete-key-share
to delete them) and then delete the user.