Using Typesense Frontend and Protecting API Key
TLDR KARTHICK asked about using Typesense from frontend, Jason suggested both frontend and backend are possible but encourages frontend for performance. Marcos mentioned key exposure concerns, Kishore Nallan explained scoped API keys can provide protection.
Mar 30, 2023 (6 months ago)
document:searchonly and specific to the collection you want to search from).
Kishore Nallan02:14 PM
user_id: 100into the key so that one cannot use it to query another user's data.
Mar 31, 2023 (6 months ago)
Kishore Nallan06:26 AM
Indexed 2776 threads (79% resolved)
Securing Typesense Search API Key
sonu was concerned about securing typesense API key while all data are searchable. Jason suggested using the 'limit_hits' parameter to secure the data.
Issues with Generating Scope API Keys in Python
Danny had issues generating a valid scope API key in a Python GraphQL server. Jason suggested encoding changes and confirmed that the key length varies. Issue unresolved with Python, although JS library worked.
Stefanie expressed concern over potential misuse of their typesense project key. Kishore Nallan proposed using a scoped API key with limitations for protection.
Typesense API Key and JWT Token Usage
Chetan asked about using the Typesense API key and JWT tokens. Jason clarified that search-only keys are exposed to the client side and shared data access control options.
Resolving Issues with Scoped API Keys in Typesense with Golang
Suvarna had problems with generating and using scoped API keys in Typesense with Golang. Several bugs misleading the user were found and fixed by Kishore Nallan.