Key terms and concepts used in Eden-MDBS.
A legacy compatibility label derived from a control-plane permission set. New
RBAC APIs use explicit control-plane bits instead of hierarchical runtime
tiers.
A legacy compatibility label roughly corresponding to a broad control-plane
permission set. The authoritative model is now explicit control-plane bits.
HTTP Basic Authentication used for the login endpoint. Credentials are Base64-encoded in the format username:password.
The JWT token included in the Authorization header for authenticated API requests. Format: Authorization: Bearer .
A managed connection to an external database or service. Endpoints abstract connection details, handle pooling, and integrate with RBAC.
The type of database or service an endpoint connects to (e.g., Postgres, Mongo, Redis, Http).
The templating syntax used in Eden templates for parameter substitution. Uses double curly braces: {{parameter}}.
The system for managing users and their permissions within an organization.
The authorization plane that governs who can configure Eden resources.
Control-plane permissions use the uppercase bits R, C, P, G, D,
and A.
The token format used for authentication. Contains user and organization identifiers along with expiration time.
The top-level multi-tenant container in Eden. Organizations provide complete isolation between different customer environments. All users, endpoints, templates, and workflows belong to an organization.
A query that uses placeholders for values instead of embedding them directly. Prevents SQL injection. Example: SELECT * FROM users WHERE id = $1.
The permission system that controls who can configure resources in Eden.
Control-plane permissions can be granted at the organization or resource
level.
A legacy compatibility label. In the new control-plane model, viewing config
is represented by the R bit.
In RBAC context, an entity (user) that can be granted permissions on a resource.
A legacy compatibility label. In the new control-plane model, destructive
operations are represented explicitly by the D bit rather than by a special
tier.
A reusable, parameterized operation definition. Templates define database queries or API calls that can be executed with different parameters.
A group of database operations executed atomically - either all succeed or all are rolled back.
A 128-bit identifier used for resources in Eden. Format: 550e8400-e29b-41d4-a716-446655440000.
A multi-step operation that orchestrates multiple templates or actions. Workflows enable complex data pipelines with conditional logic.
A legacy compatibility label. In the new control-plane model, configuration
changes are represented by explicit bits such as C, P, and G.
| Bit | Meaning |
|---|---|
R | Read configuration and metadata |
C | Configure settings and policies |
P | Promote or roll back versioned changes |
G | Grant or revoke permissions |
D | Perform irreversible destructive actions |
A | View audit-oriented records |
The runtime authorization plane that governs what operations a caller can
execute against an endpoint. Shared-mode data-plane permissions use lowercase
r, w, and x; ELS mode delegates runtime enforcement to the target
system using the caller's injected credentials.
| Type | Category | Description |
|---|---|---|
| Postgres | Database | PostgreSQL relational database |
| MySQL | Database | MySQL/MariaDB database |
| Mongo | Database | MongoDB document database |
| Redis | Database | Redis key-value store |
| Cassandra | Database | Apache Cassandra |
| ClickHouse | Database | ClickHouse analytics database |
| Mssql | Database | Microsoft SQL Server |
| Oracle | Database | Oracle database |
| Pinecone | Vector DB | Pinecone vector database |
| Http | Service | External HTTP/REST API |
| Llm | Service | Large Language Model service |
| Code | Meaning |
|---|---|
| 200 | Success |
| 400 | Bad Request |
| 401 | Unauthorized |
| 403 | Forbidden |
| 404 | Not Found |
| 409 | Conflict |
| 429 | Too Many Requests |
| 500 | Internal Server Error |
http://{host}:8000/api/v1/All API endpoints are prefixed with this base URL.