Generate Multiple Scoped Search Keys with Typesense
TLDR Kian inquired if many
scoped search keys could be generated for each user and prevent access to indexes unrelated to each user. Kishore Nallan confirmed this and explained filtering by 'user_id' in the API key would restrict record access.
Oct 14, 2022 (12 months ago)
scoped search keyI can generate for an instance of Typesense in principle? would it be possible to have one for each user in our platform?
(I am trying to find out whether I can configure individual access role to certain indexes, not based on being part of a group like
adminand also not being part of an organization like the scenario for multi-tenancy)
Kishore Nallan11:52 AM
User Ashould only see index
User Bshould only see index
Using this custom API key with embedded
User Bstill can run the query based on index
1and get it right?
No way to prevent access to the index
1from other users besides
User Avia API keys?
Kishore Nallan12:12 PM
Kishore Nallan12:13 PM
filter_by=user_id:100clause you ensure that the API key will always be restricted to that user records.
Documentwhen I said index.
100) and I am user
99I can still build a query to filter_by
user_id:100and get the results back correct?
filtered_by:99embedded in it?
Kishore Nallan01:27 PM
Oct 17, 2022 (12 months ago)
Indexed 2779 threads (79% resolved)
Comparing Performance and Security of Different Data Collection Methods
bnfd asked about differences in performance and memory usage between a single, large data collection and multiple smaller collections. Kishore Nallan explained that the latter is faster, suggested 100 collections sharded by user_id, and informed about the use and security of scoped API keys.
Correct API Key Generation and Usage on Cloud
Tom faced 401 errors while creating keys via the Cloud API. Kishore Nallan clarified the correct syntax and mechanics, and identified a header mislabeling on Tom's part that caused the issue. They also discussed using scoped API keys.
Issues with Generating Scope API Keys in Python
Danny had issues generating a valid scope API key in a Python GraphQL server. Jason suggested encoding changes and confirmed that the key length varies. Issue unresolved with Python, although JS library worked.
Resolving Issues with Scoped API Keys in Typesense with Golang
Suvarna had problems with generating and using scoped API keys in Typesense with Golang. Several bugs misleading the user were found and fixed by Kishore Nallan.
Trouble with Scoped Search API Keys in Flutter App
Shane struggled with scoped search API keys in Typesense library for a Flutter app, which returned a 401 error. Jason identified that the error may be a result of an invalid filter within the key, and instructed to create separate keys for different permissions. On implementation, the error was resolved.