Skip to main content

Create a Service


  • Dockerfile modified for the enclave present in .oblivious
  • Services to run the application present in .oblivious/services

For detailed steps click here.

Add a new Service

Navigate to Repositories page and select open the repository to add a new Service from. On the sub-repository page, click on "Add a Service" to open up the form to create a Service

Base Image and Authentication:

In this section, you can select the base image you would want, and the type of Authentication to be used for users to the application. Auth

  • base_image: Select the Oblivious base image in use by the application e.g.: python-3-8
  • auth: Authentication to be used for the application
    • auth_name: The custom name of the Authentication to reference it with during deployment e.g.: Admin
    • auth_type: The type of Authentication e.g.: Signed Headers


The User roles of the application and their Authentication methods. Roles

  • role_name: The name of the User role for which the application will have users at the time of deployment
  • role_description: Description of the User role
  • role_cardinality: The number of users of the role_name for the application
  • role_auth: Name of the authentication method to be used as pre-defined in auth_name of auth section of the form above


The application routes to be allowed access to - for Role based access / Access Control List. Paths

  • path: The path for which access is to be allowed e.g.: /upload_data
  • access: Comma seperated list of Roles that are allowed access to the mentioned path e.g.: admin, data_provider
  • short_description: A short description explaining the path's functionality

Build Arguments and Traffic:

The build arguments to be provided while deploying the application and the traffic allowed to and from the application. Traffic

  • build_args: Build Arguments as needed by your application during the Docker build process
    • name: The argument name e.g.: max_num_queries
    • type: The data type of the argument based on json-schema type e.g.: integer, string, number
  • traffic: Traffic to be allowed for the application
    • name: Traffic entry name e.g.: main_io
    • port: Traffic port to open e.g.: 80, 8000

Information about the application:

Application information like the VCS URL, Readme file, etc. Meta

Optionally details about Security tools can also be provided in the link_sec_ops section of the form


Click on Submit and Create to finalize Service Creation on the Console.