Skip to content
You are reading Quorum Key Manager development version documentation and some displayed features may not be available in the stable release. You can switch to stable version using the version box at screen bottom.

Role-based access control permissions

The following tables list the permissions for role-based access control. Each permission has a list of allowed REST endpoints.

Ethereum accounts

Name Description Allowed endpoints
read:ethereum Allows reading operations over Ethereum accounts Get, list, get deleted, list deleted
write:ethereum Allows creating Ethereum accounts Create, import, update
delete:ethereum Allows soft-deleting Ethereum accounts Delete, restore
destroy:ethereum Allows permanently deleting Ethereum accounts Delete, restore, destroy
sign:ethereum Allows signing and verifying signatures All sign endpoints, EC recover
encrypt:ethereum Allows encryption and decryption Encrypt, decrypt


Name Description Allowed endpoints
read:key Allows reading operations over keys Get, list, get deleted, list deleted
write:key Allows creating keys Create, import, update
delete:key Allows soft-deleting keys Delete, restore
destroy:key Allows permanently deleting keys Delete, restore, destroy
sign:key Allows signing and verifying signatures Sign
encrypt:key Allows encryption and decryption Encrypt, decrypt


Name Description Allowed endpoints
read:secret Allows reading operations over secrets Get, list, get deleted, list deleted
write:secret Allows creating secrets Set, update
delete:secret Allows soft-deleting secrets Delete, restore
destroy:secret Allows permanently deleting secrets Delete, restore, destroy


Name Description Allowed endpoints
read:alias Allows reading aliases over registries Get, list
write:alias Allows creating aliases Create, update
delete:alias Allows deleting aliases Delete


Name Description
proxy:nodes Allows you to proxy traffic into nodes
Questions or feedback? You can discuss issues and obtain free support on Quorum Key Manager Discord channel.