#community-help

Typesense API Key Expiry and Management

TLDR Pradyuman inquired about garbage collection for expired Typesense API keys. Kishore Nallan stated that no garbage collection takes place but advised running a cron job to delete expired keys and recommended using short-lived scoped API keys.

22mo

Join the chat

Nov 27, 2021 (22 months ago)

Photo of md5-d7f4aa44e3d4866e8b7a38eceb9af762

Pradyuman

04:18 AM

Hi! Does Typesense perform any garbage collection of expired API Keys? For security reasons, we'd like to create short lived API Keys on demand, but aren't sure if there will be issues at a later time if there are millions of expired API keys on our instance.

Photo of md5-4e872368b2b2668460205b409e95c2ea

Kishore Nallan

05:03 AM

👋 Pradyuman We don't garbage collection of expired keys but the keys stop working once they expire. You can run a cron job to delete expired keys periodically.

Pradyuman

05:11 AM

Is there an easy way to query for all expired keys? We aren't keeping track of key ids currently.

Kishore Nallan

05:12 AM

There are no filtering options available on the /keys end-point. You have to list and loop through.

Pradyuman

05:14 AM

Ok, thanks! I assume that scoped search keys aren't stored in the database right? So it would make sense for us to push as much of this as possible into scoped api keys that have their own expiry.

Kishore Nallan

05:14 AM

Yup, scoped keys are entirely client side generated.

05:15

Kishore Nallan

05:15 AM

The expiry will be linked to the parent key from which they are generated from.

05:16

Kishore Nallan

05:16 AM

Meaning, the scoped key can have lower expiry than parent but parent's expiry is supreme. If parent key's expiry timestamp is smaller, it takes precedence.

Pradyuman

05:18 AM

Makes sense. I'm thinking that we'll have a single parent key per collection that is rotated periodically and then create short lived scoped API keys that have really tight expiries.

Kishore Nallan

05:20 AM

Yup that will work.

Typesense

Lightning-fast, open source search engine for everyone | Knowledge Base powered by Struct.AI

Indexed 2764 threads (79% resolved)

Join Our Community Manage subscription

Similar Threads

Resolving Issues with Scoped API Keys in Typesense with Golang

Suvarna had problems with generating and using scoped API keys in Typesense with Golang. Several bugs misleading the user were found and fixed by Kishore Nallan.

158

24mo

Issues with Generating Scope API Keys in Python

Danny had issues generating a valid scope API key in a Python GraphQL server. Jason suggested encoding changes and confirmed that the key length varies. Issue unresolved with Python, although JS library worked.

15mo

Issue with API Key Expiry and Generation in Node.js

Sai is having trouble with API keys expiring and triggering a forbidden key error in Node.js. Despite trying to generate a new key after expiry, Sai gets the same error. Jason explains that the problem may be due to the expiration of parent API keys.

Securing Typesense Search API Key

sonu was concerned about securing typesense API key while all data are searchable. Jason suggested using the 'limit_hits' parameter to secure the data.

26mo

Discussing Features for Typesense Cloud Dashboard

Stephano expressed the need for a Typesense Cloud dashboard to manage collections. Jason confirmed its development, also including features like editing and deleting items. James and Mica added comments about API key management and self-hosted Typesense compatibility.

28mo