Skip to main content

Role-based access control permissions

The following tables list the permissions for role-based access control. Each permission has a list of allowed REST endpoints.

Ethereum accounts

NameDescriptionAllowed endpoints
read:ethereumAllows reading operations over Ethereum accountsGet, list, get deleted, list deleted
write:ethereumAllows creating Ethereum accountsCreate, import, update
delete:ethereumAllows soft-deleting Ethereum accountsDelete, restore
destroy:ethereumAllows permanently deleting Ethereum accountsDelete, restore, destroy
sign:ethereumAllows signing and verifying signaturesAll sign endpoints, EC recover
encrypt:ethereumAllows encryption and decryptionEncrypt, decrypt


NameDescriptionAllowed endpoints
read:keyAllows reading operations over keysGet, list, get deleted, list deleted
write:keyAllows creating keysCreate, import, update
delete:keyAllows soft-deleting keysDelete, restore
destroy:keyAllows permanently deleting keysDelete, restore, destroy
sign:keyAllows signing and verifying signaturesSign
encrypt:keyAllows encryption and decryptionEncrypt, decrypt


NameDescriptionAllowed endpoints
read:secretAllows reading operations over secretsGet, list, get deleted, list deleted
write:secretAllows creating secretsSet, update
delete:secretAllows soft-deleting secretsDelete, restore
destroy:secretAllows permanently deleting secretsDelete, restore, destroy


NameDescriptionAllowed endpoints
read:aliasAllows reading aliases over registriesGet, list
write:aliasAllows creating aliasesCreate, update
delete:aliasAllows deleting aliasesDelete


proxy:nodesAllows you to proxy traffic into nodes