Expand description
§InferaDB Rust SDK
Official Rust SDK for the InferaDB authorization service.
§Quick Start
ⓘ
use inferadb::prelude::*;
#[tokio::main]
async fn main() -> Result<(), inferadb::Error> {
// Create client
let client = Client::builder()
.url("https://api.inferadb.com")
.credentials(ClientCredentialsConfig {
client_id: "your-client-id".into(),
private_key: Ed25519PrivateKey::from_pem_file("private-key.pem")?,
certificate_id: None,
})
.build()
.await?;
// Get vault context
let vault = client.organization("org_...").vault("vlt_...");
// Check permission
let allowed = vault.check("user:alice", "view", "document:readme").await?;
println!("Allowed: {}", allowed);
Ok(())
}§Key Concepts
- Client Hierarchy:
Client→OrganizationClient→VaultClient - Argument Order:
check(subject, permission, resource)- “Can subject do X to resource?” - Relationship Order:
Relationship::new(resource, relation, subject)- “resource has relation subject” - Denial ≠ Error:
check()returnsOk(false)for denied access, notErr
§Features
grpc(default): Enable gRPC transport via tonicrest(default): Enable REST transport via reqwestrustls(default): Use rustls for TLSnative-tls: Use native TLS (OpenSSL on Linux, Secure Transport on macOS)tracing: Enable tracing integrationblocking: Enable blocking APIderive: Enable derive macros for type-safe schemaswasm: Enable WASM/browser support (REST only)
§Minimum Supported Rust Version
This crate requires Rust 1.88.0 or later (MSRV). We target two releases behind stable where possible. See the CHANGELOG for MSRV increase notices.
Re-exports§
pub use client::Client;pub use client::ClientBuilder;pub use client::ComponentHealth;pub use client::HealthResponse;pub use client::HealthStatus;pub use client::ReadinessCriteria;pub use client::ShutdownGuard;pub use client::ShutdownHandle;pub use error::AccessDenied;pub use error::Error;pub use error::ErrorKind;pub use types::ConsistencyToken;pub use types::Context;pub use types::ContextValue;pub use types::Decision;pub use types::DecisionMetadata;pub use types::DecisionReason;pub use types::EntityRef;pub use types::ParseError;pub use types::Relationship;pub use types::Resource;pub use types::Subject;pub use types::SubjectRef;pub use vault::VaultClient;pub use auth::BearerCredentialsConfig;pub use auth::ClientCredentialsConfig;pub use auth::Credentials;pub use auth::CredentialsProvider;pub use auth::Ed25519PrivateKey;pub use config::CacheConfig;pub use config::CircuitBreakerConfig;pub use config::CircuitEvent;pub use config::CircuitState;pub use config::CircuitStats;pub use config::DegradationConfig;pub use config::FailureMode;pub use config::FailurePredicate;pub use config::RetryConfig;pub use config::TlsConfig;pub use transport::FallbackReason;pub use transport::FallbackTrigger;pub use transport::GrpcStats;pub use transport::PoolConfig;pub use transport::RestStats;pub use transport::Transport;pub use transport::TransportEvent;pub use transport::TransportStats;pub use transport::TransportStrategy;pub use testing::AuthorizationClient;pub use testing::InMemoryClient;pub use testing::MockClient;
Modules§
- auth
- Authentication and credentials for the InferaDB SDK.
- client
- Client types for connecting to InferaDB.
- config
- Configuration types for the InferaDB SDK.
- control
- Control plane API for managing InferaDB resources.
- derive
derive - Derive macros for Resource and Subject traits.
- error
- Error types for the InferaDB SDK.
- middleware
- Middleware and interceptors for cross-cutting concerns.
- prelude
- Prelude module for convenient imports.
- testing
- Testing utilities for InferaDB SDK.
- tracing_
support tracing - Tracing integration for observability.
- transport
- Transport layer for InferaDB communication.
- types
- Core types for the InferaDB SDK.
- vault
- Vault client for authorization operations.
- wasm
wasm - WebAssembly (WASM) support for the InferaDB SDK.