Roles

Protected Document Rails endpoints are available to users only if they have the necessary permissions attached to them.

Ideally, you should keep user permission set minimal and allocate new permissions only as necessary.

Role management

Get user information (JavaScript)Attach roles to a user (JavaScript)Detach roles from a user (JavaScript)

import { getUser } from "@vaultie/document-rails";

const response = await getUser(
    client,
    accessToken,
);

getUser response contains information about available user roles within the roles field.

import { attachRolesToUser } from "@vaultie/document-rails";

const response = await attachRolesToUser(
    client,
    accessToken,
    userId,
    ["createTrustRegistries", "getRecipes"]
);

import { detachRolesFromUser } from "@vaultie/document-rails";

const response = await detachRolesFromUser(
    client,
    accessToken,
    userId,
    ["createRecipes", "updateOrganizations"]
);

Superadmin role

superadmin role is special, because it implicitly grants access to all other roles.

In general, avoid using this role, allocating specific roles on per-user basis.

Available roles

Superadmin

superadmin - Implicit access to all other roles.

Translations

upsertTranslations - Create or update existing translations.
deleteTranslations - Delete translations.

Recipes

getRecipes - View recipes.
listRecipes - List recipes.
printRecipes - Print recipes.
createRecipes - Create new recipes.
deleteRecipes - Delete recipes.
restoreRecipes - Restore previously deleted recipes.

Organizations

listOrganizations - List all organizations.
createOrganizations - Create new organizations.
deleteOrganizations - Delete organizations.
restoreOrganizations - Restore previously deleted organizations.
updateOrganizations - Modify organization details.

Organization users

listOrganizationUsers - List all users in an organization.
manageOrganizationUsers - Add/remove users attached to an organization.

Keys

getKeys - Get key.
listKeys - List all keys.
createKeys - Create new keys.
deleteKeys - Delete keys.
restoreKeys - Restore previously deleted keys.
updateKeys - Modify key details.

Credentials

getCredentials - Get credential.
listCredentials - List all credentials.
createCredentials - Create new credentials.
deleteCredentials - Delete credentials
updateCredentials - Modify credential details.

Trust registries

getTrustRegistries - Get trust registry.
listTrustRegistries - List all trust registries.
createTrustRegistries - Create new trust registries.
deleteTrustRegistries - Delete trust registries.
restoreTrustRegistries - Restore previously deleted trust registries.
syncTrustRegistries - Sync trust registries with configured publishers.
manageTrustRegistryCertificates - Manage certificates within trust registries.
manageTrustRegistryDids - Manage DIDs within trust registries.
manageTrustRegistryJwks - Manage JWKs within trust registries.

Auth services

createAuthServices - Create new authentication services.
deleteAuthServices - Delete authentication services.
listAuthServices - List all authentication services.
restoreAuthServices - Restore previously deleted authentication services.

Certificates

createCertificates - Create new certificates.
deleteCertificates - Delete certificates.
getCertificates - Get certificate.
listCertificates - List all certificates.

Certificate authorities

createCertificateAuthorities - Create new certificate authorities.
deleteCertificateAuthorities - Delete certificate authorities.
issueCertificates - Issue certificates from a certificate authority.
listCertificateAuthorities - List all certificate authorities.
restoreCertificateAuthorities - Restore previously deleted certificate authorities.

Certificate revocation lists

createCertificateRevocationLists - Create new certificate revocation lists.
deleteCertificateRevocationLists - Delete certificate revocation lists.
listCertificateRevocationLists - List all certificate revocation lists.

Credential offers

createCredentialOffers - Create new credential offers.
deleteCredentialOffers - Delete credential offers.
listCredentialOffers - List all credential offers.
suspendCredentialOffers - Suspend credential offers.
unsuspendCredentialOffers - Reactivate suspended credential offers.

DIDs

createDids - Create new DIDs.
deleteDids - Delete DIDs.
listDids - List all DIDs.

JWKs

createJwks - Create JWKs.
deleteJwks - Delete JWKs.
listJwks - List all JWKs.

Inbound webhooks

createInboundWebhooks - Create new inbound webhooks.
deleteInboundWebhooks - Delete inbound webhooks.
listInboundWebhooks - List all inbound webhooks.
restoreInboundWebhooks - Restore previously deleted inbound webhooks.

Outbound webhooks

createOutboundWebhooks - Create new outbound webhooks.
deleteOutboundWebhooks - Delete outbound webhooks.
listOutboundWebhooks - List all outbound webhooks.
restoreOutboundWebhook - Restore previously deleted outbound webhooks.

Issued certificates

listIssuedCertificates - List all issued certificates.
revokeIssuedCertificates - Revoke issued certificates.

OID4VP

manageOID4VPPresentations - Manage OID4VP presentations.

Service account connectors

createServiceAccountConnectors - Create service account connectors.
deleteServiceAccountConnectors - Delete service account connectors.
listServiceAccountConnectors - List all service account connectors.
restoreServiceAccountConnectors - Restore previously deleted service account connectors.

SSO connectors

createSsoConnectors - Create SSO connectors.
deleteSsoConnectors - Delete SSO connectors.
restoreSsoConnectors - Restore previously deleted SSO connectors.

Status lists

createStatusLists - Create new status lists.
listStatusLists - List all status lists.
revokeCredentials - Revoke credentials via status lists.

Templates

createTemplates - Create new templates.
deleteTemplates - Delete templates.
extractTemplateVariables - Extract variables from templates.
restoreTemplates - Restore previously deleted templates.
getTemplates - Get template.
listTemplates - List all templates.

Users

createUsers - Create new users.
deleteUsers - Delete users.
restoreUsers - Restore previously deleted users.
listUsers - List all users.
updateUsers - Modify user details.
userInfo - View current user information.

W3C contexts

createW3CContexts - Create new W3C contexts.
deleteW3CContexts - Delete W3C contexts.
listW3CContexts - List all W3C contexts.

Generators

generateDidDocuments - Generate DID documents.
generateJsonLdContexts - Generate JSON-LD contexts.
generateOID4VCICredentialIssuerMetadata - Generate OID4VCI credential issuer metadata.

Verification

verify - Verify credentials/presentations using the verification API.

Logs

listLogs - List action logs.

Roles

manageRoles - Attach/detach roles from existing users.