Identity (TypeID)

Every entity in Vault has a TypeID. TypeIDs are globally unique, sortable, URL-safe identifiers built on UUIDv7 with a human-readable prefix that tells you what kind of entity you're looking at.

A TypeID looks like this:

sec_01h455vb4pex5vsknk084sn02q

The sec prefix identifies this as a secret. The suffix is a base32-encoded UUIDv7 that encodes creation time, so IDs sort chronologically.

The id package

The id package wraps the TypeID Go library (v2) with a single ID struct. All entity types share the same struct -- the prefix distinguishes them.

Creating IDs

import "github.com/xraph/vault/id"

secretID := id.New(id.PrefixSecret)    // sec_01h455vb...
flagID   := id.New(id.PrefixFlag)      // flag_01h455vb...
configID := id.New(id.PrefixConfig)    // cfg_01h455vb...

Convenience constructors: id.NewSecretID(), id.NewFlagID(), id.NewRuleID(), id.NewConfigID(), id.NewOverrideID(), id.NewRotationID(), id.NewVersionID(), id.NewAuditID().

Parsing IDs

parsed, err := id.Parse("sec_01h455vb4pex5vsknk084sn02q")
parsed, err := id.ParseWithPrefix("sec_01h455vb...", id.PrefixSecret)  // validates prefix
parsed, err := id.ParseSecretID("sec_01h455vb...")                     // convenience

Nil ID

var empty id.ID
empty.IsNil()  // true
empty.String() // ""
id.Nil.IsNil() // true

Database storage

id.ID implements Scanner and driver.Valuer. Stores as a string, returns NULL for nil IDs.

JSON serialization

id.ID implements TextMarshaler and TextUnmarshaler. Nil IDs serialize as empty strings.

Prefix reference