Storage
The Storage’s purpose is to provide a public interface for the Client to perform CRUD operations on encrypted data. It provides a stable, public API, along with an authentication and authorization layer that allows clients to request or modify the stored data.
An important note is that the owner of the Storage server does not need to be trusted. The Client encrypts stored data before sending it to storage, meaning that the storage server only ever handles ciphertexts (unless the Client is purposefully storing public, plaintext information). This allows operation of a multi-tenant storage service to be delegated to a third-party, reducing the burden on users.
Warning
Currently, the storage interface is only implemented for MongoDB. In the future, other database types will be supported.
API
GET /<path>
Retrieve data at a given path.
Path Parameters
Parameter |
Required? |
Description |
Example |
---|---|---|---|
|
Required |
A jsonpath-style string prepended and appended by a period which represents the path of the data |
|
POST /
Upsert data at a given path.
Header Parameters
Header Name |
Required? |
Description |
---|---|---|
|
Required |
Must be: |
Body Parameters
The body of the POST request should be a JSON-serialized Entry
struct. The
definition of an Entry
can be found here.