CreateKey
CreateKey( param_object )CreateKey( param_object )CreateKey( param_object )CreateKey( param_object )create_key( param_object )CreateKey( param_object )Description
CreateKey creates a new key, based on the settings in param_object,
which can be used to access the current database. If you provide an
optional ref to a child database, the key is
associated with (and provides access to) that database. An admin key
must be used when calling CreateKey.
Once the key is created, the key’s secret can be used to connect to
Fauna and execute queries within the associated database, with the
permissions associated with the key’s role.
If you would prefer to use Fauna’s
Attribute-based access control (ABAC), you
should use the Login function instead.
Parameters
| Argument | Type | Definition and Requirements |
|---|---|---|
|
The |
param_object
| Field Name | Field Type | Definition and Requirements | ||
|---|---|---|---|---|
|
String, Reference to a user-defined user-defined role, or an Array of user-defined role references |
The built-in access roles
include |
||
|
Optional - A ref of an existing child database. If not provided, the new key grants access to the current database. |
|||
|
Optional - A name to apply to the key, to help differentiate this key from any others that may exist. |
|||
|
Optional - A relative weight between 1 and 500, inclusive, indicating how many resources this key should be allowed to utilize. Defaults to 1. A higher number means more resources.
|
|||
|
Optional - Contains user-defined metadata for the key. It is provided for the developer to store key-relevant information. |
Returns
An object containing the metadata about the results of CreateKey
operations.
| Field Name | Field Type | Definition and Requirements |
|---|---|---|
|
The reference is an automatically-generated, unique identifier within the database to the key that was created. |
|
|
The ref of the database that the key belongs to. |
|
|
The access role for this key. |
|
|
The name for this key. Only present when specified during key creation. |
|
|
The timestamp, with microsecond resolution, associated with the creation of the key. |
|
|
The key’s authentication secret. It is only present at creation. You must copy the key’s secret and store it securely for future use. |
|
|
The key’s hashed authentication secret. |
Examples
The following query creates a key for the prydain database with an
access role of server:
client.Query(
CreateKey(
Obj("database", Database("prydain"), "role", "server")
)
);ObjectV(ref: RefV(id = "280491289873482240", collection = RefV(id = "keys")),ts: LongV(1603756189140000),database: RefV(id = "prydain", collection = RefV(id = "databases")),role: StringV(server),secret: StringV(fnAD5IFXj4ACAHEArhW3oKlskzXWbls6MrFQcyxr),hashed_secret: StringV($2a$05$G0OyeKLOQUK6zuStl6gHbulOXe6UYlCImIfh9ROp/EiX2edV6DtLa))result, err := client.Query(
f.CreateKey(
f.Obj{"database": f.Database("prydain"), "role": "server"}))
if err != nil {
fmt.Fprintln(os.Stderr, err)
} else {
fmt.Println(result)
}map[database:{prydain 0xc0000af470 0xc0000af470 <nil>} hashed_secret:$2a$05$8fx.ey/kjuBqC24rJnPFeud6eJgANXrM6VCKLwkbTa/zkHq8/CUT2 ref:{280481798553600512 0xc0000af380 0xc0000af380 <nil>} role:server secret:fnAD5Hi1sMACACNy_iktsZt_JnfMqXzS2fqsF0qS ts:1603747137510000]System.out.println(
client.query(
CreateKey(
Obj(
"database", Database(Value("prydain")),
"role", Value("server")
)
)
).get());{ref: ref(id = "269699833648906752", collection = ref(id = "keys")), ts: 1593464654500000, database: ref(id = "prydain", collection = ref(id = "databases")), role: "server", secret: "fnADviqR3KACAIavBlIQnHz3eXMSyzgO3Ig3Xp1c", hashed_secret: "$2a$05$WbmfUL1yqFcU3Wh3nKZTm.HrWNGBA7Bjc.uaIqk2LeDMj3GHNmFmG"}client.query(
q.CreateKey({
database: q.Database('prydain'),
role: 'server',
})
)
.then((ret) => console.log(ret))
.catch((err) => console.error('Error: %s', err)){
ref: Ref(Keys(), "268220607958614528"),
ts: 1592053954950000,
database: Database("prydain"),
role: 'server',
secret: 'fnADuOk4ytACAMKkYwdY6_SYMpAit84dtYsUsXFF',
hashed_secret: '$2a$05$7w6fYT43jPB0A.R7i8JayuTLn6kXxsL2Y5nkNjrWZurL9L9pgxo/y'
}result = client.query(
q.create_key({
"database": q.database("prydain"),
"role": "server"
})
)
print(result){'ref': Ref(id=269061973282390528, collection=Ref(id=keys)), 'ts': 1592856343450000, 'database': Ref(id=prydain, collection=Ref(id=databases)), 'role': 'server', 'secret': 'fnADu-ZwbBACAGltDvSmU9jtXyMC7ccUjiKZlrhS', 'hashed_secret': '$2a$05$Vr7fLfa78XBrAKvWz4iZwezuG9l8kXII259nL6BFi0jmFkrAakrB6'}client.query(
CreateKey(
Obj("database" -> Database("prydain"), "role" -> "server"))){secret: "fnADwfe0j-ACAKBBcqprw_y2n6vPGefoftXZ5zce", database: ref(id = "prydain", collection = ref(id = "databases")), role: "server", ts: 1594485061080000, ref: ref(id = "270769807498936832", collection = ref(id = "keys")), hashed_secret: "$2a$05$gHA5ioUpzscPNtNkVmnf3OCLaVg4/mU4UG.zX8WB80MGnd0DgwEmq"}The following query creates a key for the current database with a user-defined role:
Value result = await client.Query(
CreateKey(
Obj(
"name", "For employees",
"role", Role("employees")
)
)
);
Console.WriteLine(result);ObjectV(ref: RefV(id = "280491285673935360", collection = RefV(id = "keys")),ts: LongV(1603756185130000),role: RefV(id = "employees", collection = RefV(id = "roles")),secret: StringV(fnAD5IFWlTACANDSFUgkNr0NOuTAASY2AHyTJ4VC),hashed_secret: StringV($2a$05$u9wF4DgvjsAqTUY5ntJXf.OIYphwCpGCS/8M4qLR1qtOgihL6P6Ze))result, err := client.Query(
f.CreateKey(
f.Obj{
"name": "For employees",
"role": f.Role("employees") }))
if err != nil {
fmt.Fprintln(os.Stderr, err)
} else {
fmt.Println(result)
}map[hashed_secret:$2a$05$Ac2KwiZ.midILlp9ODKsvONNta16Mf8BaktXg/CQcQvsPV0T1.BOm ref:{280481797774508544 0xc0001560c0 0xc0001560c0 <nil>} role:{employees 0xc0001561b0 0xc0001561b0 <nil>} secret:fnAD5Hi1glACAKdpDy-pKe1_lNa8SoHV3m8EQhcf ts:1603747136760000]System.out.println(
client.query(
CreateKey(
Obj(
"name", Value("For employees"),
"role", Role("employees")
)
)
)
.get());{ref: ref(id = "275508538948715026", collection = ref(id = "keys")), ts: 1599004267900000, role: ref(id = "employees", collection = ref(id = "roles")), secret: "fnAD0s2OdKACEvle2i8y1EFKBLcp4jnH4HGV1Kwi", hashed_secret: "$2a$05$wMPuTVNO4xkf5FsMgI4ZK.SalR8wBR6eSSOEV.RAEVIthVHZZIB3S"}client.query(
q.CreateKey({
name: 'For employees',
role: q.Role('employees'),
})
)
.then((ret) => console.log(ret))
.catch((err) => console.error('Error: %s', err)){
ref: Ref(Keys(), "275499349140570624"),
ts: 1598995503900000,
role: Role("employees"),
secret: 'fnAD0sUQyWACAqPT3eQgJqE71xyPTvQukTEE0yJz',
hashed_secret: '$2a$05$TOjupAxUwBinj/Gcx13fZeTu5scph1rqEGT2LD/VXIqqmdcEeV3dS'
}result = client.query(
q.create_key({
"name": "For employees",
"role": q.role("employees")
})
)
print(result){'ref': Ref(id=279929508802331136, collection=Ref(id=keys)), 'ts': 1603220432960000, 'role': Ref(id=employees, collection=Ref(id=roles)), 'secret': 'fnAD4oJntlACAKOE0r0JXgk_aTVLebr-7FSyEfPk', 'hashed_secret': '$2a$05$K35KSTsLHyRq17zYjXN70ewPTuzR21Nmsu/Crdx.q4QLouaJPwlxi'}println(Await.result(
client.query(
CreateKey(
Obj(
"name" -> "For employees",
"role" -> Role("employees")
)
)
),
5.seconds
)){secret: "fnAD0s3JYjACDdwBFo8f-D4GXeKMxuDtHV0E7SoL", role: ref(id = "employees", collection = ref(id = "roles")), ts: 1599004508950000, ref: ref(id = "275508792042455565", collection = ref(id = "keys")), hashed_secret: "$2a$05$V/x.4UZ9jZGd/dEhm6nNme7XA0u18z02jR8gEG.gnpLX2Ecx70qh6"}Is this article helpful?
Tell Fauna how the article can be improved:
Visit Fauna's forums
or email docs@fauna.com
Thank you for your feedback!