user - Murmur

A user is a catalog resource that represents your developer identity in the catalog. It stores your git configuration, SSH public keys, and references to your encrypted secrets. When you spawn an agent, the platform reads your user record to assemble the credentials the agent needs. User records are self-owned — only the authenticated developer matching the resource’s name can read or write their own record. The record is created automatically by murmur setup when you upload your developer profile.

Fields

Name	Type	Required	Description
`name`	string	yes	Canonical name: `{provider}/{username}` (e.g. `github_oauth/alice`).
`git_name`	string	no	Git author name for commits (e.g. `Alice Developer`). Gathered from `git config user.name` during `murmur setup`.
`git_email`	string	no	Git author email (e.g. `alice@example.com`). Gathered from `git config user.email` during `murmur setup`.
`ssh_public_keys`	string[]	no	SSH public keys for `murmur ssh` access. Each entry is a full `authorized_keys` line (e.g. `ssh-ed25519 AAAAC3... alice@laptop`).
`github_token_secret`	string	no	Name of the user-secret containing your GitHub OAuth token.
`claude_token_secret`	string	no	Name of the user-secret containing your Claude subscription OAuth token. Mutually exclusive with `anthropic_api_key_secret`.
`claude_refresh_token_secret`	string	no	Name of the user-secret containing your Claude OAuth refresh token. Set alongside `claude_token_secret`.
`anthropic_api_key_secret`	string	no	Name of the user-secret containing your Anthropic API key. Mutually exclusive with `claude_token_secret`.
`openai_api_key_secret`	string	no	Name of the user-secret containing your OpenAI/Codex API key.
`signing_key_secret`	string	no	Name of the user-secret containing your Ed25519 commit signing key (PEM).
`updated_at`	timestamp	no (read-only)	Timestamp of last update. Set automatically.

The *_secret fields are references to user-secret resources — not raw credential values. Each reference names a user-secret resource in the format {provider}/{username}/{SECRET_NAME} (e.g. github_oauth/alice/GH_TOKEN). murmur setup creates these user-secret resources and wires the references automatically.

Examples

Viewing your user record

murmur get user github_oauth/alice

Creating a user record via `murmur setup`

murmur setup creates your user record and its associated user-secret resources in one step. You do not need to create the user record manually.

murmur setup

Setting a user record manually

cat <<'EOF' | murmur set user github_oauth/alice
name: github_oauth/alice
git_name: Alice Developer
git_email: alice@example.com
ssh_public_keys:
  - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAI... alice@laptop"
github_token_secret: github_oauth/alice/GH_TOKEN
claude_token_secret: github_oauth/alice/CLAUDE_TOKEN
claude_refresh_token_secret: github_oauth/alice/CLAUDE_REFRESH_TOKEN
signing_key_secret: github_oauth/alice/SIGNING_KEY
EOF

Setting a user record manually requires that the referenced user-secret resources already exist. Use murmur setup to create both in the correct order.

Errors

Code	Meaning	What to do
`INVALID_ARGUMENT`	`name is required`	Provide the `name` field in `{provider}/{username}` format.
`PERMISSION_DENIED`	Caller does not match the resource name	You can only read or write your own user record. The `name` must match your authenticated identity.

Profiles and secrets — concept overview of developer credentials and encryption
murmur setup — CLI command that creates your user record and secrets
secret — tenant-wide secrets (distinct from per-user secrets)
murmur set — CLI command for creating and updating catalog resources
murmur get — CLI command for reading catalog resources
murmur spawn — spawning agents that consume the user record

​Fields

​Examples

​Viewing your user record

​Creating a user record via murmur setup

​Setting a user record manually

​Errors

​Related

Fields

Examples

Viewing your user record

Creating a user record via `murmur setup`

Setting a user record manually

Errors

Related