#community-help

Clarifying Key Creation Permissions in Coding

TLDR Ricardo asked if a non-bootstrap key can generate keys. Jason affirmed and clarified the role of "actions * " and "collections * ". Ricardo suggested adding this info to the documentation.

30mo

Join the chat

Jun 01, 2021 (30 months ago)

Photo of md5-a2785b9d22ba23f3627d4bd877e95e7c

Ricardo

05:45 PM

key = client.keys.create({
  "description": "Admin key.",
  "actions": ["*"],
  "collections": ["*"]
})

This can't create keys right?
is the bootstrap key the only key that can create keys?
one key to rule them all?

Photo of md5-8813087cccc512313602b6d9f9ece19f

Jason

05:49 PM

That's correct, you'd need to use the bootstrap api key to initialize the client and generate your first admin key

Jun 02, 2021 (30 months ago)

Jason

05:14 AM

To clarify, once you have your first admin key generated from the bootstrap api key, you can then create additional admin keys with that generated admin api key

Ricardo

05:37 AM

I'm a bit confused then. can the key created in my example above create other keys?

Jason

05:45 AM

Yes it can. I initially misunderstood your original question.

Ricardo

07:33 AM

I see, so what defines a key as being able to create keys.
Is it an action or a collection? I'm guessing the action * ?

key = client.keys.create({
  "description": "Almost Admin key.",
  "actions": ["collections:*"],
  "collections": ["*"]
})

So from my understanding this key can do every action on collections, but not create new keys?

Jason

05:52 PM

It's actions * and collections * that makes it an admin key.

The key generated with the snippet above shouldn't allow you to create new keys...

Jun 03, 2021 (30 months ago)

Ricardo

01:55 AM

Jason cool can I put in a pull request to add this to the docs?

Jason

01:56 AM

Yes please, thank you!

Typesense

Lightning-fast, open source search engine for everyone | Knowledge Base powered by Struct.AI

Indexed 2776 threads (79% resolved)

Join Our Community Manage subscription

Similar Threads

Resolving Issues with Scoped API Keys in Typesense with Golang

Suvarna had problems with generating and using scoped API keys in Typesense with Golang. Several bugs misleading the user were found and fixed by Kishore Nallan.

158

26mo

Correct API Key Generation and Usage on Cloud

Tom faced 401 errors while creating keys via the Cloud API. Kishore Nallan clarified the correct syntax and mechanics, and identified a header mislabeling on Tom's part that caused the issue. They also discussed using scoped API keys.

12mo

API Key Permissions for Typesense Docsearch Scraper

JP asked about configuring API key actions for reindexing a site using Typesense. Kishore Nallan clarified the required permission. Then, JP and Jason discussed specific permission configurations, and JP made a documentation update to illustrate their findings.

9mo

Assigning an API Key for Backend Indexing Operations

Ross inquired about assigning an API key for backend service. After some confusion, Jason clarified that the `documents:upsert`, `documents:update`, `documents:create`, and `documents:delete` actions were necessary for document-only operations.

10mo

Issue with API Key Expiry and Generation in Node.js

Sai is having trouble with API keys expiring and triggering a forbidden key error in Node.js. Despite trying to generate a new key after expiry, Sai gets the same error. Jason explains that the problem may be due to the expiration of parent API keys.