gRPC API Reference
The Mezite auth service exposes a gRPC API on port 3025.
The protobuf definitions are located at proto/v1/auth.proto.
Authentication RPCs
| RPC | Description |
|---|---|
Login | Authenticate with credentials and receive short-lived certificates. |
IssueUserCerts | Issue new SSH certificates for an authenticated user. |
Node Management RPCs
| RPC | Description |
|---|---|
RegisterNode | Register a new SSH node with the cluster using a join token. |
ListNodes | List all registered SSH nodes and their metadata. |
Heartbeat | Periodic keepalive sent by agents to report node health. |
User and Role RPCs
| RPC | Description |
|---|---|
GetUser | Retrieve a user by name. |
CreateUser | Create a new local user with assigned roles. |
DeleteUser | Delete a user from the cluster. |
CreateRole | Create or update an RBAC role. |
ListRoles | List all roles defined in the cluster. |
Session and Audit RPCs
| RPC | Description |
|---|---|
CreateSession | Record a new SSH session. |
ListSessions | List recorded SSH sessions with filtering. |
EmitAuditEvent | Write an audit event to the log. |
ListAuditEvents | Query audit events by type, user, or time range. |
Access Request RPCs
| RPC | Description |
|---|---|
CreateAccessRequest | Submit a request for elevated roles or node access. |
ListAccessRequests | List access requests with optional status filtering. |
Proto File
The canonical protobuf definitions live in the repository at proto/v1/auth.proto. Generate Go stubs with:
Generate protobuf stubs bash
make proto