Sample Code

    The .NET SDK now lets you create users, assign them roles and associated privileges, and remove them from the system.

    User-Management APIs

    Users who have been assigned the Admin role for the cluster are able to create, edit, and remove users. The .NET SDK provides APIs to support these activities. A high-level summary of the APIs can be found in User-Management.

    .NET User-Management Example

    The following code-example demonstrates how the user-management APIs can be used. It assumes that Couchbase Server is established on localhost; that the Full Administrator username and password are Administrator and password respectively; and that the travel-sample bucket is installed. For information on installing the travel-sample bucket, see Install Sample Buckets.

    Use of the Full Administrator username and password gives an application complete access to all resources within the Couchbase Server-environment: use of the Full Administrator username and password may therefore be useful during code-development. However, for production purposes, the Full Administrator username and password should only be used when absolutely essential: in all other circumstances, the specified username and password should correspond to some lesser role, which appropriately delimits access to server-resources. Creation of such a role, and the establishment of its associated username and password, is demonstrated in the following code-example.
    using System;
    using System.Collections.Generic;
    using System.Linq;
    using Couchbase;
    using Couchbase.Configuration.Client;
    using Couchbase.Management;
    using Couchbase.N1QL;
    namespace UserManagementExample
        class Program
            static void Main(string[] args)
                // Access the cluster that is running on the local host, authenticating with
                // the username and password of the Full Administrator. This
                // provides all privileges.
                var cluster = new Cluster(new ClientConfiguration
                    Servers = new List<Uri>
                        new Uri("http://localhost:8091")
                Console.WriteLine("Authenticating as administrator.");
                cluster.Authenticate("Administrator", "password");
                // Create a user and assign roles.
                    .UpsertUser("cbtestuser", "cbtestuserpwd", "cbtestuser",
                        // Roles required for the reading of data from
                        // the bucket.
                        new Role {Name = "data_reader", BucketName = "travel-sample"},
                        new Role {Name = "query_select", BucketName = "travel-sample"},
                        // Roles required for the writing of data into
                        // the bucket.
                        new Role {Name = "data_writer", BucketName = "travel-sample"},
                        new Role {Name = "query_insert", BucketName = "travel-sample"},
                        new Role {Name = "query_delete", BucketName = "travel-sample"},
                        // Role required for the creation of indexes
                        // on the bucket.
                        new Role {Name = "query_manage_index", BucketName = "travel-sample"}
                // List current users.
                Console.WriteLine("Listing current users.");
                var listOfUsers = cluster.CreateManager().GetUsers().Value;
                var ofUsers = listOfUsers as User[] ?? listOfUsers.ToArray();
                for (var j = 0; j < ofUsers.Count(); j++)
                    var currentUser = ofUsers[j];
                    Console.WriteLine(Environment.NewLine + "USER #" + j + ": "
                            + Environment.NewLine);
                    Console.WriteLine("User's name is: " + currentUser.Name);
                    Console.WriteLine("User's domain is: " + currentUser.Domain);
                    var currentRoles = currentUser.Roles.ToArray();
                    var arraySize = currentRoles.Length;
                    for (var i = 0; i < arraySize; i++)
                        Console.WriteLine("User has the role: " + currentRoles[i].Name
                            + ", applicable to bucket " +
                // Access the cluster with the username and password assigned by the administrator'
                Console.WriteLine("Authenticating as user." + Environment.NewLine);
                cluster.Authenticate("cbtestuser", "cbtestuserpwd");
                // Open the travel-sample bucket.
                Console.WriteLine("Opening travel-sample bucket as user." + Environment.NewLine);
                var travelSample = cluster.OpenBucket("travel-sample");
                // Create a N1QL Primary Index (but ignore if one already exists).
                // Read out an existing document within the bucket.
                Console.WriteLine("Reading out airline_10 document");
                var returnedAirline10Doc = travelSample.GetDocument<dynamic>("airline_10");
                Console.WriteLine("Found: " + returnedAirline10Doc.Content);
                // Create a new document.
                Console.WriteLine(Environment.NewLine + "Creating new document as user.");
                var airline11Document = new Document<dynamic>
                    Id = "airline_11",
                    Content = new
                        callsign = "MILE-AIR",
                        iata = "Q5",
                        icao = "MLA",
                        id = 11,
                        name = "40-Mile Air",
                        type = "airline"
                // Upsert the document to the bucket.
                Console.WriteLine("Upserting new document as user.");
                Console.WriteLine("Reading out airline11Document as user.");
                var returnedAirline11Doc = travelSample.GetDocument<dynamic>("airline_11");
                Console.WriteLine("Found: " + returnedAirline11Doc.Content);
                // Perform a N1QL Query.
                Console.WriteLine("Performing query as user.");
                var returnedValues = "Query-results are: \n\t";
                var result = travelSample.Query<dynamic>(new QueryRequest("SELECT * FROM `travel-sample` LIMIT 5"));
                foreach (var row in result)
                    returnedValues = returnedValues + row + Environment.NewLine
                            + Environment.NewLine + '\t';
                // Access the cluster that is running on the local host, authenticating with
                // the username and password of the Full Administrator. This
                // provides all privileges.
                Console.WriteLine("Re-authenticating as administrator.");
                cluster.Authenticate("Administrator", "password");
                // Remove known user.
                Console.WriteLine("Removing user as administrator.");
                var userToBeRemoved = "cbtestuser";
                var whetherOrNotUserWasRemoved =
                if (!whetherOrNotUserWasRemoved)
                    Console.WriteLine("Could not delete user " + userToBeRemoved + ".");
                    Console.WriteLine("Deleted user " + userToBeRemoved + ".");
                // Disconnect from the cluster.