Rubidex API Documentation
Welcome to Rubidex
Welcome to Rubidex, the most secure data management system in the world, yet enabling easy and flexible sharing of information.
In Rubidex, users are uniquely identified by their email address, which is used to create an account. Users can create organizational spaces, simply called Spaces, where they can create data resources, referred to as Resources. These Resources can be shared with other users belonging to the same Space by applying one or more Sharing Profiles to the Resource.
Resources
The way data resources (Resources) are stored in Rubidex is inspired by NoSQL document stores (with enhancements for shareability and security).
The “NO” in NoSQL means “Not Only”. You can use it as a relational database (implementing relationships with foreign key references typical of SQL), but this is optional, providing flexibility in how you organize your data.
In Rubidex, data is structured differently than traditional SQL databases to accommodate additional types like images and PDF documents. Our hierarchy:
- Datasets
- Collections
- Documents
- Collections
Analogy to SQL:
- Dataset ≈ Database
- Collection ≈ Table
- Document ≈ Row
These Resources are always created within a Space, which provides organizational, sharing, and privacy features.
Spaces
Think of Space as an “organizational space”, abbreviated to Space for simplicity.
Nowadays, organizational boundaries are moving rapidly, and people are often organized around a specific project, that often include a number of moral and physical persons. We believe that the term Space is more adapted to such structures, rather than “organizations”, that has a connotation of formal, legalized entities.
In order to access a Resource within a Space, a User shall mandatorily be a member of the Space (either its Creator, or having been invited by the Space’s creator). We can see a Space as a Walled Garden, as the information within can only be accessed by a User if it has been previously invited to the Space. Note that being a member of a Space is a mandatory condition to access a resource within it, but it may be not sufficient, as some additional access control rules may apply, as we will see further. However, you are guaranteed that if a User is not a member of the Space, he will never ever have access to the information within it.
To access a Resource in a Space:
- Users must be members of the Space (creator or invited)
- Additional access rules may apply (see Sharing Profiles)
Non-members are guaranteed to never access Space contents.
Space types:
- Private Space
- Automatically created for each user at registration
- Fully private – only accessible to the owner
- Share data by copying to a Public Space
- Public Space
- Created freely by any user for collaboration
- Governance features:
- User Roles and Clearance Levels
- Optional Groups
- Sharing Profiles for Resources
Public Spaces
Public Space is a flexible organizational space designed for collaboration. In order to provide clear governance rules for Resources accessibility, several concepts are introduced :
Clearance Levels
For applications and organizations that requires it, a clearance system is supported. 5 level of clearance are defined:
- 0: Official (unclassified)
- 1: Restricted
- 2: Confidential
- 3: Secret
- 4: Top Secret
A clearance level can be applied to Users and Resources. A User can perform an action on a resource if his Clearance is superior or equal to the Resource clearance. If a clearance level management is not needed for your specific use case, simply assign the Official (0) clearance level to all Users and Resources
Sharing Profiles
Sharing Profile are introduced to provide additional shareability and privacy features. Sharing Profile enables another level of access control. Under the hood, Rubidex implements ABAC (Attribute Based Access Control). A Sharing Profile is a practical way to implement ABAC.
Think of a Sharing Profile as the set of rules that needs to be validated for a User to access a Resource.
In the Sharing Profile, you can define:
- Users and Groups which the Sharing Profile will be applied to
- Read or Write permissions.
- IP restrictions.
- Time windows.
User Roles
-
Owner
In the current (V1.0) version, an Owner of a Space cannot be removed nor can another user assume the Owner role. Owners have default maximum Clearance Level.
-
User Administrator
Manages users and groups. Can invite/remove members (except Owners). Sets user clearance levels within the Space.
-
Sharing Profile Admin
Creates and manages sharing profiles. Defines access rules including IP restrictions and time windows.
-
Dataset Admin
Creates datasets/collections and defines schemas. Sets clearance levels for data structures.
-
Resource Operator
Performs CRUD operations on documents. Cannot modify data structures or sharing rules.
Groups
These are simply a group of Users. After defining a Space you can define different Groups within it, for instance, a “finance” group, or a “ux/ui” group. A User can belong to one or more group. This is an optional implementation, a User doesn’t have to belong to one Group.
Data Management
Import/Export
- Support for CSV/JSON file imports
- Database synchronization with MongoDB/PostgreSQL
- Field validation rules (unique, mandatory, foreign keys)
Authentication
All API requests require an access token. Include the token in the Authorization header as follows:
Authorization: Bearer YOUR_ACCESS_TOKENSpaces
A Space is a logical grouping of datasets. Each space can have multiple datasets and sharing profiles.
Datasets
A Dataset is the most general collection of assets inside a Space. It can contain multiple collections (similar to tables).
Collections
A Collection is a subset of a Dataset. It contains documents and schemas for organizing data.
Sharing Profiles
A Sharing Profile defines access rules for users, groups, and resources within a Space.
Users
Users are members of Spaces and can have different roles and permissions.
© 2025 Rubidex. All rights reserved. For questions or feedback, please reach out to our support team.