Skip to content

feat(client): add account/user params for root key multi-tenant auth#767

Merged
yeshion23333 merged 1 commit intomainfrom
feat/sdk-multi-tenant-auth-headers
Mar 19, 2026
Merged

feat(client): add account/user params for root key multi-tenant auth#767
yeshion23333 merged 1 commit intomainfrom
feat/sdk-multi-tenant-auth-headers

Conversation

@qin-ctx
Copy link
Collaborator

@qin-ctx qin-ctx commented Mar 19, 2026

Description

When root_api_key is enabled, the server requires X-OpenViking-Account and X-OpenViking-User headers for tenant-scoped data APIs (ls, find, sessions, etc.). The SDK HTTP clients (AsyncHTTPClient / SyncHTTPClient) had no way to set these headers, causing all root-key data requests to fail with InvalidArgumentError.

This PR adds account and user parameters to the SDK clients and updates the authentication docs accordingly.

Related Issue

N/A

Type of Change

  • Bug fix (non-breaking change that fixes an issue)
  • New feature (non-breaking change that adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation update
  • Refactoring (no functional changes)
  • Performance improvement
  • Test update

Changes Made

  • AsyncHTTPClient.__init__: added account and user optional params, read from ovcli.conf when not provided
  • AsyncHTTPClient.initialize: sends X-OpenViking-Account / X-OpenViking-User headers when set
  • SyncHTTPClient.__init__: forwards account and user to AsyncHTTPClient
  • docs/zh/guides/04-authentication.md: added "使用 Root Key 访问租户数据" section with curl, SDK, and config examples
  • docs/en/guides/04-authentication.md: added "Accessing Tenant Data with Root Key" section

Testing

  • New and existing unit tests pass locally with my changes
  • I have tested this on the following platforms:
    • Linux
    • macOS
    • Windows

Checklist

  • My code follows the project's coding style
  • I have performed a self-review of my code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • Any dependent changes have been merged and published

Screenshots (if applicable)

N/A

Additional Notes

All new params default to None, fully backward compatible with existing call sites.

@qin-ctx
feat(client): add account/user params for root key multi-tenant auth
2781699 
SDK HTTP client now supports account and user parameters so root key
holders can access tenant-scoped data APIs without being rejected by
the server explicit-tenant requirement.

Co-Authored-By: Claude Opus 4.6
@CLAassistant
Copy link

CLAassistant commented Mar 19, 2026
edited
Loading

CLA assistant check
All committers have signed the CLA.

@github-actions
Copy link

github-actions bot commented Mar 19, 2026

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪
🧪 No relevant tests
🔒 No security concerns identified
⚡ No major issues detected

@github-actions
Copy link

github-actions bot commented Mar 19, 2026

PR Code Suggestions ✨

No code suggestions found for the PR.

@yeshion23333 yeshion23333 self-requested a review March 19, 2026 08:03
@yeshion23333 yeshion23333 merged commit b31c477 into main Mar 19, 2026
5 of 6 checks passed
@yeshion23333 yeshion23333 deleted the feat/sdk-multi-tenant-auth-headers branch March 19, 2026 08:04
@github-project-automation github-project-automation bot moved this from Backlog to Done in OpenViking project Mar 19, 2026
chethanuk added a commit to chethanuk/OpenViking that referenced this pull request Mar 19, 2026
@chethanuk
feat(ci): add comprehensive Qodo PR-Agent review rules for OpenViking
f92fab9 
- Add .pr_agent.toml with 15 repo-specific review rules derived from real
  bug history (PRs volcengine#505, volcengine#728, volcengine#749, volcengine#740/volcengine#745, volcengine#754, volcengine#735, volcengine#767)
- Rules structured as WHEN/THEN/BECAUSE for deterministic enforcement
- Add 8 custom labels (memory-pipeline, async-change, api-breaking, etc.)
- Add ignore patterns for lock files, third_party, build artifacts
- Enable score review, TODO scan, split-PR detection, security audit
- Configure improve tool with quality threshold and extended mode
- Configure describe tool with PR diagrams and semantic file types
- Update workflow: ark-code-latest model, checkout step for .pr_agent.toml,
  move all config from inline YAML to .pr_agent.toml (single source of truth)
@chethanuk chethanuk mentioned this pull request Mar 19, 2026
Merged
4 tasks
qin-ctx pushed a commit that referenced this pull request Mar 19, 2026
@chethanuk
feat(ci): add comprehensive Qodo PR-Agent review rules for OpenViking (
1aa2ab3 
…#780)

- Add .pr_agent.toml with 15 repo-specific review rules derived from real
  bug history (PRs #505, #728, #749, #740/#745, #754, #735, #767)
- Rules structured as WHEN/THEN/BECAUSE for deterministic enforcement
- Add 8 custom labels (memory-pipeline, async-change, api-breaking, etc.)
- Add ignore patterns for lock files, third_party, build artifacts
- Enable score review, TODO scan, split-PR detection, security audit
- Configure improve tool with quality threshold and extended mode
- Configure describe tool with PR diagrams and semantic file types
- Update workflow: ark-code-latest model, checkout step for .pr_agent.toml,
  move all config from inline YAML to .pr_agent.toml (single source of truth)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yeshion23333 yeshion23333 yeshion23333 approved these changes

Assignees

No one assigned

Labels

Review effort 2/5

Projects

OpenViking project
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@qin-ctx @CLAassistant @yeshion23333