FQL v4 will be decommissioned on June 30, 2025. Ensure that you complete your migration from FQL v4 to FQL v10 by that date.

For more details, review the migration guide. Contact support@fauna.com with any questions.

KeyFromSecret

This reference topic applies to FQL v4. Go to this page for the latest FQL v10 reference topics.

KeyFromSecret( secret )
key_from_secret( secret )
f.KeyFromSecret( secret )
KeyFromSecret( secret )
KeyFromSecret( secret )

Description

The KeyFromSecret function retrieves a key document given a key’s secret string, or a token document given a token’s secret string.

If the key belongs to a parent database, that key document cannot be retrieved; KeyFromSecret behaves as if the key does not exist.

Parameter

Parameter Type Definition and Requirements

secret

String

The secret identifying an existing key or token.

Returns

An object containing data returned by performing a lookup for the secret. If the secret does not match an existing key or token (in the current database or a child database), an error is returned.

When the secret string identifies a key, the object has the following fields:

Field Name Field Type Definition and Requirements

ref

Reference

The reference identifies the key that was retrieved.

ts

Long

The timestamp, with microsecond resolution, reporting the most recent modification time of the key.

database

Reference

A reference to the database the key is protecting. The reference could refer to a child or deeply nested database, depending on where the key was created.

role

String

The security role for this key.

hashed_secret

String

The hash of the secret.

When the secret string identifies a token, the object has the following fields:

Field Name Field Type Definition and Requirements

ref

Reference

The reference identifies the token instance that was retrieved.

ts

Integer

The timestamp, with microsecond resolution, reporting the most recent modification of the token.

instance

Reference

A reference to the document representing the logged-in user (the one passed to the Login function invocation that created the token.)

hashed_secret

String

A hash of the secret. The secret is not recoverable from this value.

Examples

The following query retrieves a key by providing a given secret:

client.query(
  q.KeyFromSecret(secret)
)
.then((ret) => console.log(ret))
.catch((err) => console.error(
  'Error: [%s] %s: %s',
  err.name,
  err.message,
  err.errors()[0].description,
))
{
  ref: Ref(Keys(), "1"),
  ts: 1595006126050000,
  role: 'admin',
  hashed_secret: '$2a$05$ljsckc4a7EEznrfZ0WRHcOIh8Qqstc4w.LrGTgt4uVJs4z6JKKBtW'
}
result = client.query(
  q.key_from_secret(secret)
)
print(result)
{'ref': Ref(id=1, collection=Ref(id=keys)), 'ts': 1594329814670000, 'role': 'admin', 'hashed_secret': '$2a$05$8D.eeKlisdSQ2AQ5zT5vj.AuX9v9T.Sg.oeeEAuCJMZPTqTSi4EO.'}
result, err := client.Query(
	f.KeyFromSecret(secret))

if err != nil {
	fmt.Fprintln(os.Stderr, err)
} else {
	fmt.Println(result)
}
map[hashed_secret:$2a$05$cvyAy13sXZ95li3Ft7l3xOuTiSv.Sd7tuzqwAZJwjQhAP5.wwRtFa ref:{1 0xc0001500c0 0xc0001500c0 <nil>} role:admin ts:1603747193080000]
try
{
    Value result = await client.Query(
        KeyFromSecret(secret)
    );
    Console.WriteLine(result);
}
catch (Exception e)
{
    Console.WriteLine($"ERROR: {e.Message}");
}
ObjectV(ref: RefV(id = "1", collection = RefV(id = "keys")),ts: LongV(1603756423720000),role: StringV(admin),hashed_secret: StringV($2a$05$WA8x8.x7U5Y/br9ClZo8k..IzQWykw.e.6hwEsxU/pmNlrNRnrJ2e))
Query metrics:
  •    bytesIn:    62

  •   bytesOut:   192

  • computeOps:     1

  •    readOps:     1

  •   writeOps:     0

  •  readBytes:   128

  • writeBytes:     0

  •  queryTime: 395ms

  •    retries:     0

Is this article helpful? 

Tell Fauna how the article can be improved:
Visit Fauna's forums or email docs@fauna.com

Thank you for your feedback!