Keyring is an access management service that allows users to define access lists for restricted-access objects in-world. Keyring has several notable advantages over traditional access lists and owner/group/everyone levels:
Multi-Group: Keyring locks can allow access for multiple groups regardless of the object’s group setting.
Shared Rings: Users can create rings - collections of groups and users - and allow them access to multiple objects, so that access lists can be changed on multiple objects just by editing the ring.
Distributable Whitelists: Because rings can be used by anyone, you can share them to be used in other people's devices - for example, to add estate owners.
Off-World Editing: Access lists are edited on the NBS website, so there is no confusion over notecard formatting.
Because of Second Life limitations, Keyring cannot get group information from a user unless the user is wearing at least one attachment other than HUDs. Because this is rare today, this is usually not an issue. Any attached non-HUD object will work.
There are some special terms used by Keyring which you should understand before using it:
Device: an object in-world that uses Keyring to manage its access control.
User: any Second Life user known by NBS.
Group: any Second Life group known by NBS.
Lock: a specific list (composed of users, groups, and rings) that is created by a Keyring-compatible device.
Ring: a specific list (composed of users and groups) that you can apply to multiple locks. Rings are edited separately from locks. Think of rings as "pseudo-groups" for access control only. When authenticating, Keyring will include all users and groups in a ring as if they were directly in the lock, but you can edit rings separately and they will be changed on all locks that they are used in.
Locks are created automatically by devices. To edit them, access Keyring through the device's configuration.
Rings can be created on the Keyring homepage. You can add and remove users and groups from any of your rings on this page.
Users can typically be added by legacy name (Nelson Jenkins, NewUser Resident), username (nelson.jenkins, NewUser), or UUID (key).
Groups can be added by group name if we know of the group. If not, there are several ways to add groups to our database:
Rings can be added by name if you own them. If you don't, they can also be added by the ring key.
You can change a lock's access mode by clicking the dropdown at the top of the lock on the lock editor page.
Public locks are always accessible by everyone. The list is ignored.
Whitelist locks only allow users and groups in the lock's list, as well as any users and groups in any rings added to the lock.
Blacklist locks are the opposite of whitelists. They are always accessible by everyone except users, groups, and rings in the list.
Keyring-compatible devices usually create locks automatically and give you some way to access them for editing. Keyring only handles access control. For other device features, you will need to manage the device's own configuration outside of Keyring. Refer to the device's user manual for more information.
Because Keyring is a free service, we provide only limited support. If you are having problems with the service, please contact Nelson Jenkins.
With the exception of the Keyring API script, Keyring is completely server-side and may be updated periodically. However, we don't post changelogs unless major changes are made. If the Keyring API script is changed, it will be included in an update for Keyring-compatible devices as they are updated.
Use of Keyring is licensed under the NBS Terms of Service.