E-book: A Practical Guide to AI and Vector Search in Relational Databases
Read Now
Download MariaDBContact Us

Access Control

Overview

The API implements a comprehensive access control system that includes:

  1. Authentication - JWT-based authentication with support for multiple token types

  2. Role-Based Access Control - Different permission levels for users

  3. Document-Level Permissions - Control who can access specific documents

Authentication

Login for Access Token

POST /token

Purpose: Authenticates a user and provides a JWT token for subsequent API calls.

Request body:

{
  "username": "user@example.com",
  "password": "secure_password"
}

Response:

Usage Example: Authentication should be performed before any other API calls.

User Management

Register User

Purpose: Creates a new user account (admin only).

Request body:

Response:

Usage Example:

Get Current User

Purpose: Retrieves information about the currently authenticated user.

Response:

Delete User

Purpose: Deletes a user by email address (admin only).

Request body:

Response:

Usage Example:

Note: Users cannot delete their own admin account. Only admin users can delete other users.

Document Sharing

Share Document

Purpose: Shares a document with specific users.

Request body:

Response:

Usage Example: Use this endpoint to share documents with other users.

List Document Access

Purpose: Lists all users who have access to a document.

Response:

Role Management

Get User Roles

Purpose: Gets the roles assigned to the current user.

Response:

Add User Role

Purpose: Assigns a role to a user (admin only).

Request body:

Remove User Role

Purpose: Removes a role from a user (admin only).

User Directory Management

The API supports custom ingest directories for users, allowing administrators to configure where each user's documents are stored and ingested from.

Get User Ingest Directory

Purpose: Retrieves the custom ingest directory configured for a user (admin only or self).

Query Parameters:

  • email (required): Email address of the user

Response:

Response (no directory configured):

Usage Example:

Note: Users can view their own ingest directory, but only admins can view other users' directories.

Set User Ingest Directory

Purpose: Sets or updates the custom ingest directory for a user (admin only).

Request body:

Response:

Usage Example:

Validation:

  • The directory path must exist on the server

  • Only admin users can set ingest directories

  • The directory path is validated before being saved

Delete User Ingest Directory

Purpose: Removes the custom ingest directory configuration for a user (admin only).

Request body:

Response:

Response (no directory configured):

Usage Example:

Note: Deleting the ingest directory configuration will cause the user to fall back to the default ingest directory (./).

This page is: Copyright © 2025 MariaDB. All rights reserved.

PreviousDatabase IntegrationNextOrchestration

Last updated

Was this helpful?