Documentation Index
Fetch the complete documentation index at: https://docs.helix-db.com/llms.txt
Use this file to discover all available pages before exploring further.
For the complete documentation index optimized for AI agents, see llms.txt.
Authentication
All API requests to Helix Cloud are authenticated with a Bearer token. Tokens are managed
through the Helix dashboard. Include the token in the Authorization header of every request:
Authorization: Bearer <token>
Role-Based Access Control
Scoped API keys with role-based permissions - read-only, read-write, or restricted to specific
stored queries - allowing least-privilege credentials for each service or environment.
Contact founders@helix-db.com to discuss RBAC requirements for
your cluster.
SSO / SAML
SSO and SAML integration for dashboard access, enabling teams to manage Helix users through an
existing identity provider (Okta, Azure AD, Google Workspace, etc.) with centralized provisioning
and deprovisioning.
Contact founders@helix-db.com to discuss SSO requirements for
your organization.
Audit Logs
Per-request audit logging covering timestamp, token identity, query name, source IP, and response
status. Audit logs support compliance requirements (SOC 2, HIPAA, GDPR) and enable forensic
analysis of access patterns.
Contact founders@helix-db.com to discuss audit logging
requirements for your cluster.
Encryption
All traffic between clients and the gateway is encrypted in transit via TLS. Data at rest in
object storage is encrypted using the storage provider’s server-side encryption.
AWS PrivateLink
For workloads that require traffic to remain entirely within the AWS network, PrivateLink creates
a private endpoint in your VPC that routes to Helix Cloud without traversing the public
internet. This eliminates exposure to internet-based threats and satisfies network isolation
requirements common in regulated environments.
Contact founders@helix-db.com to discuss PrivateLink
configuration for your cluster.
