i was going through the Generate Scoped Search Key...
# community-helps
sonu sharma
07/08/2021, 1:14 PMi was going through the Generate Scoped Search Key part , where it says not to use the main search api key on the client side as anyone can query all the data and i was looking for a way to making typesense more secure.... i don't see any need for using generate scoped key as i want anyone who lands on my website to search but i also don't anyone to query all the data with typesense search api key ....do you guys have any suggestion to make using search api key more secure ??
j
Jason Bosco
07/08/2021, 1:26 PMWhat type of restrictions do you want for people searching?
Jason Bosco
07/08/2021, 1:28 PMThe note about not using the parent search api key on the frontend is only applicable to cases where you have certain records only be accessible to certain logged in users. If all users can search all records in your collection, then you can definitely use the parent search api key on the frontend .
s
sonu sharma
07/08/2021, 1:38 PMohhh okay ... i want everything to be publicly searchabl, there's no user login or something ...i was looking for ways to make typesense more secure, just that no ones able to randomly able to query all the data at once.
j
Jason Bosco
07/08/2021, 3:13 PMYou can use the limit_hits parameter to set a limit on the max number of results that can be fetched for a search term