Skip to main content

Admin SDK Reference

Admin SDKs run on your backend server and authenticate with a Service Key. They bypass all access rules and provide server-only capabilities.

Admin SDKs are available in 12 languages. This page documents the common operations with examples in JavaScript, Python, and Go. The API surface is consistent across all languages -- see SDK Overview for installation instructions and the full language list.

warning

Never expose the Service Key in client-side code. It grants full admin access to your backend.

Initialization

import { createAdminClient } from '@edgebase/admin';

const admin = createAdminClient('https://your-project.edgebase.fun', {
  serviceKey: process.env.EDGEBASE_SERVICE_KEY,
});

Auth Management

List Users

Paginated user listing with cursor-based pagination.

const { users, cursor } = await admin.auth.listUsers({ limit: 20 });

// Paginate
let nextCursor = cursor;
while (nextCursor) {
  const page = await admin.auth.listUsers({ limit: 20, cursor: nextCursor });
  users.push(...page.users);
  nextCursor = page.cursor;
}

Get User

const user = await admin.auth.getUser('user-id');
// { id, email, displayName, role, customClaims, createdAt, ... }

Create User

const user = await admin.auth.createUser({
  email: 'jane@example.com',
  password: 'securePassword',
  displayName: 'Jane Doe',
  role: 'editor',
});

Update User

const updated = await admin.auth.updateUser('user-id', {
  displayName: 'Jane Smith',
  role: 'admin',
});

Disable / Enable User

Disabling a user revokes all sessions immediately and blocks new sign-ins.

// Ban
await admin.auth.updateUser('user-id', { disabled: true });

// Unban
await admin.auth.updateUser('user-id', { disabled: false });

Delete User

Permanently deletes the user and cleans up all associated records.

await admin.auth.deleteUser('user-id');

Set Custom Claims

Custom claims are included in the user's JWT on the next token refresh. Use them in access rules via auth.custom.

await admin.auth.setCustomClaims('user-id', {
  plan: 'pro',
  orgId: 'org_123',
  tier: 2,
});

Revoke All Sessions

Forces the user to re-authenticate on all devices.

await admin.auth.revokeAllSessions('user-id');

Database Operations

Table Reference

Access database tables through namespace and optional instance ID.

// Static app database
const posts = admin.db('app').table('posts');

// Dynamic per-workspace database
const docs = admin.db('workspace', 'ws-456').table('documents');

// Per-user database
const notes = admin.db('user', 'user-123').table('notes');

CRUD Operations

const table = admin.db('app').table('posts');

// Create
const post = await table.insert({ title: 'Hello', body: 'World' });

// Read by ID
const found = await table.get('post-id');

// List with filters
const recent = await table.list({
  where: { published: true },
  orderBy: { createdAt: 'desc' },
  limit: 10,
});

// Update
const updated = await table.update('post-id', { title: 'Updated Title' });

// Delete
await table.delete('post-id');

Raw SQL

Execute arbitrary SQL queries against a database namespace.

const rows = await admin.sql(
  'app', undefined,
  'SELECT authorId, COUNT(*) as cnt FROM posts GROUP BY authorId ORDER BY cnt DESC LIMIT ?',
  [10],
);

Broadcast

Send server-side events to database subscription channels.

await admin.broadcast('posts', 'new_post', { id: 'post-123', title: 'Hello' });

Storage Management

The admin storage client provides file upload, download, and management with service-key authority.

// Upload a file
await admin.storage.upload('avatars/user-123.png', fileBuffer, {
  contentType: 'image/png',
});

// Get a signed download URL
const url = await admin.storage.getSignedUrl('avatars/user-123.png', {
  expiresIn: 3600,
});

// List files in a path
const files = await admin.storage.list('avatars/');

// Delete a file
await admin.storage.delete('avatars/user-123.png');

Function Invocation

Invoke App Functions from your backend with service-key authority.

const result = await admin.functions.invoke('send-welcome-email', {
  userId: 'user-123',
  template: 'onboarding',
});

Push Notifications

Send to a User

const result = await admin.push.send('user-123', {
  title: 'New message',
  body: 'You have a new message from Jane',
  data: { threadId: 'thread-456' },
});
// { sent: 2, failed: 0, removed: 0 }

Send to Multiple Users

const result = await admin.push.sendMany(
  ['user-1', 'user-2', 'user-3'],
  {
    title: 'System update',
    body: 'New features are available',
  },
);

Broadcast to All Devices

const result = await admin.push.broadcast({
  title: 'Maintenance notice',
  body: 'Scheduled maintenance at 2am UTC',
  silent: true,
});

Send to FCM Topic

const result = await admin.push.sendToTopic('news', {
  title: 'Breaking news',
  body: 'Something happened',
});

Device Tokens and Logs

// Get registered devices for a user (token values are NOT exposed)
const devices = await admin.push.getTokens('user-123');
// [{ deviceId, platform, updatedAt, deviceInfo }]

// Get send logs for debugging
const logs = await admin.push.getLogs('user-123', 50);
// [{ sentAt, userId, platform, status, error? }]

Analytics

Request Log Metrics

Query aggregate metrics about your API usage (same data powering the admin dashboard).

// Full overview: time series + summary + breakdown + top endpoints
const overview = await admin.analytics.overview({ range: '7d' });
console.log(overview.summary.totalRequests);
console.log(overview.summary.avgLatency);

// Time series only
const ts = await admin.analytics.timeSeries({
  range: '24h',
  category: 'db',
  groupBy: 'hour',
});

// Breakdown by category
const breakdown = await admin.analytics.breakdown({ range: '30d' });

// Top endpoints
const top = await admin.analytics.topEndpoints({ range: '7d' });

Custom Events

Track and query custom business events.

// Track a single event
await admin.analytics.track('user_upgraded', {
  plan: 'pro',
  amount: 29.99,
}, 'user-123');

// Track a batch of events
await admin.analytics.trackBatch([
  { name: 'page_view', properties: { path: '/pricing' } },
  { name: 'page_view', properties: { path: '/docs' } },
]);

// Query events
const list = await admin.analytics.queryEvents({
  event: 'user_upgraded',
  metric: 'list',
  limit: 20,
});

const count = await admin.analytics.queryEvents({
  event: 'user_upgraded',
  metric: 'count',
  range: '30d',
});

const topEvents = await admin.analytics.queryEvents({
  metric: 'topEvents',
  range: '7d',
});

Cloudflare Native Resources

Admin SDKs provide direct access to Cloudflare primitives when deployed on Cloudflare Workers.

KV

const kv = admin.kv('MY_NAMESPACE');
await kv.put('key', 'value', { expirationTtl: 3600 });
const value = await kv.get('key');
await kv.delete('key');
const keys = await kv.list({ prefix: 'user:' });

D1

const d1 = admin.d1('MY_DATABASE');
const results = await d1.execute('SELECT * FROM users WHERE active = ?', [true]);

Vectorize

const vec = admin.vector('MY_INDEX');
await vec.upsert([{ id: 'doc-1', values: [0.1, 0.2, 0.3], metadata: { title: 'Hello' } }]);
const matches = await vec.query([0.1, 0.2, 0.3], { topK: 5 });

Method Reference

admin.auth

MethodDescription
listUsers(options?)List users with cursor-based pagination
getUser(userId)Get a user by ID
createUser(data)Create a new user
updateUser(userId, data)Update a user's profile, role, or disabled status
deleteUser(userId)Permanently delete a user
setCustomClaims(userId, claims)Set custom JWT claims
revokeAllSessions(userId)Force re-authentication on all devices

admin.db(namespace, id?).table(name)

MethodDescription
get(id)Get a record by ID
list(options?)List records with filters, ordering, and pagination
insert(data)Insert a new record
update(id, data)Update an existing record
delete(id)Delete a record

admin.storage

MethodDescription
upload(path, data, options?)Upload a file
getSignedUrl(path, options?)Generate a signed download URL
list(prefix?)List files under a path
delete(path)Delete a file

admin.push

MethodDescription
send(userId, payload)Send to a single user's devices
sendMany(userIds, payload)Send to multiple users
sendToToken(token, payload)Send directly to an FCM token
sendToTopic(topic, payload)Send to an FCM topic
broadcast(payload)Send to all registered devices
getTokens(userId)List registered device tokens (values not exposed)
getLogs(userId, limit?)Get recent send logs

admin.analytics

MethodDescription
overview(options?)Full analytics overview
timeSeries(options?)Time series data only
breakdown(options?)Category breakdown
topEndpoints(options?)Top endpoints by request count
track(name, properties?, userId?)Track a custom event
trackBatch(events)Track multiple events in one request
queryEvents(options?)Query custom events

admin.functions

MethodDescription
invoke(name, payload?)Invoke an App Function

Other

MethodDescription
admin.sql(namespace, id, query, params?)Execute raw SQL
admin.broadcast(channel, event, payload?)Broadcast to a database subscription channel
admin.kv(namespace)Access Cloudflare KV
admin.d1(database)Access Cloudflare D1
admin.vector(index)Access Cloudflare Vectorize