Using Typesense Frontend and Protecting API Key
TLDR KARTHICK asked about using Typesense from frontend, Jason suggested both frontend and backend are possible but encourages frontend for performance. Marcos mentioned key exposure concerns, Kishore Nallan explained scoped API keys can provide protection.
1
1
Mar 30, 2023 (6 months ago)
KARTHICK
04:30 AMJason
04:47 AM1
KARTHICK
04:49 AM1
Marcos
12:30 PMKARTHICK
01:07 PMMarcos
01:08 PMKARTHICK
01:09 PMMarcos
01:10 PMKARTHICK
01:11 PMMarcos
01:12 PMdocument:search
only and specific to the collection you want to search from).Marcos
01:12 PMKARTHICK
01:12 PMKARTHICK
01:13 PMKishore Nallan
02:14 PMuser_id: 100
into the key so that one cannot use it to query another user's data.Mar 31, 2023 (6 months ago)
KARTHICK
06:21 AMKishore Nallan
06:26 AMKARTHICK
06:29 AMTypesense
Indexed 2776 threads (79% resolved)
Similar Threads
Securing Typesense Search API Key
sonu was concerned about securing typesense API key while all data are searchable. Jason suggested using the 'limit_hits' parameter to secure the data.
Issues with Generating Scope API Keys in Python
Danny had issues generating a valid scope API key in a Python GraphQL server. Jason suggested encoding changes and confirmed that the key length varies. Issue unresolved with Python, although JS library worked.
Protecting Typesense Key in Javascript Project
Stefanie expressed concern over potential misuse of their typesense project key. Kishore Nallan proposed using a scoped API key with limitations for protection.
Typesense API Key and JWT Token Usage
Chetan asked about using the Typesense API key and JWT tokens. Jason clarified that search-only keys are exposed to the client side and shared data access control options.
Resolving Issues with Scoped API Keys in Typesense with Golang
Suvarna had problems with generating and using scoped API keys in Typesense with Golang. Several bugs misleading the user were found and fixed by Kishore Nallan.