Circle
A circle groups multiple signers together. Instead of granting permissions to each signer individually, policies can reference a circle to grant access to the entire group at once.
For example, you can create a "compliance" circle with all compliance officers and grant the entire group read access to transaction records through a single policy.
Endpoints
| Method | Path | Description |
|---|---|---|
| POST | /circles | Define a new group of signers that can be referenced in access policies. |
| GET | /circles | Query circles with filtering, sorting, and pagination. |
| GET | /circles/{id} | Retrieve a circle by its handle or LUID. |
| PUT | /circles/{id} | Submit a new version of a circle. |
| POST | /circles/{id}/proofs | Submit a signed proof to a circle record. |
Signers
| Method | Path | Description |
|---|---|---|
| POST | /circles/{id}/signers | Assign a signer to a circle so they inherit the group's access permissions. |
| GET | /circles/{id}/signers | Retrieve all signers assigned to a circle. |
| GET | /circles/{id}/signers/{link} | Retrieve a circle signer by its handle or LUID. |
| DELETE | /circles/{id}/signers/{link} | Remove a signer from a circle, revoking their group-based access. |
Access & History
| Method | Path | Description |
|---|---|---|
| POST | /circles/{id}/access/!check | Evaluate what actions a signer can perform on this circle. |
| GET | /circles/{id}/changes | Retrieve the change history of a circle by its handle or LUID. |
| GET | /circles/{id}/changes/{change} | Retrieve a change record for a circle by handle or LUID and change number. |
Related
- About Circles — how circles group signers into roles
- About Authorization — how circles and policies control access
- About Signers — the identity primitives that circles group
Get signer factor change GET
Returns a single change by its sequence number. The change includes a full record snapshot as it existed at that point.
Create circle POST
After creation, add signers to the circle using the circle signer endpoints. Policies can then reference the circle to grant permissions to all its members at once. Broadcasts the `circle-created` signal. Use [effects](/ledger/reference/api/effect) to subscribe.