https://typesense.org logo
Join Slack
Powered by
hello can you help me, I am generating scope api k...
# community-help
d
hello can you help me, I am generating scope api keys with excluded fields, this process I do it in a graphql server in python that sends it to a frontend to be used in the client with instant-search, but the api key that generates me is not valid and has this format 
b'YVZidxxxxxxxx4MDk4fQ=='"
try deleting the weird fields like the b, the single quotes and the equals signs, but it still gives me an error. I was guided by this documentation https://typesense.org/docs/0.23.0/api/api-keys.html#generate-scoped-search-key
j
That sounds strange. Could you post a post a code snippet that replicates the issue?
d
of cuourse this is the code
Copy code
class TypesenseService(TypeSenseBase):

    def __init__(self):
        super().__init__()
        self.__search_api_key = TYPESENSE_ADMIN_API_KEY

    def get_api_key_limited_by_configuration(self, configuration):
        result = self.typesense_client.keys.generate_scoped_search_key(self.__search_api_key, configuration)
        return result
i use this configuration
Copy code
{
    "exclude_fields": "person",
    "expires_at": expiration_date
}
and this is my configuration of typesense client
Copy code
class TypeSenseBase(object):
    typesense_client = None

    def __init__(self):
        self.typesense_client = typesense.Client({
            'nodes': [{
                'host': TYPESENSE_HOST,
                'port': TYPESENSE_PORT,
                'protocol': 'http'
            }],
            'api_key': TYPESENSE_ADMIN_API_KEY,
            'connection_timeout_seconds': 2
        })
j
On a side note, you want to use a search-only api key (not the admin key) to generate the scoped search api key
Could you print the value of 
result
and see what it shows you server-side?
d
I changed to the ADMIN-API-KEY because I didn't know if it was that but I generated the api key with the SEARCH-API-KEY and the error is the same.
b'K0lNZnpzVDFnbHdFWjdBYy9LYmZVK293LzcwWlBBNklEYmU3OGcvRHlDTT1JdHB4eyJleGNsdWRlX2ZpZWxkcyI6ICJwZXJzb24iLCAiZXhwaXJlc19hdCI6IDE2NTQ4ODAwNTQuODUyNzk0fQ=='
this the result value
and i change generate this with the SEARCH-API-KEY
the frontend send this api-key 
b%27Y21rWnlsUE1tbGxMckRWV1ZmZGczeTVUNFRGcEROOFhBc05uQm5KOXFyUT1JdHB4eyJmaWx0ZXJfYnkiOiAiYWNjZXNzaWJsZVRvQ29tcGFueUlkczokMTIzMzMiLCAiZXhwaXJlc19hdCI6IDE2NTQ4ODI5MTMuMTQyMzE4fQ%3D%3D%27
and use this name 
x-typesense-api-key
j
Hmm, I'm not too familiar with Python, but I suspect there's some string encoding issue going on. @Kishore Nallan any thoughts on this ^
d
aaaa ok this service return bytes ???
j
Looks like it... Let me know if the StackOverflow answer works, may be we should update the library to return a string, it could have also been a recent change that broke the return type.
d
now return without b' but the ==sign still continue and the frontend still showing this error message 
message: "Forbidden - a valid x-typesense-api-key header must be sent."
i will try to do this with typescript maybe it can be the python library
I have this result with python library and making decode in the string 
c1JGZGRVdmJMeDFSVzNKSytYUlZ4YU1SbnRMNXhMQzVSRlZQajBzaVViOD1JdHB4eyJleGNsdWRlX2ZpZWxkcyI6ICJwZXJzb24iLCAiZXhwaXJlc19hdCI6IDE2NTQ4ODQ4MTEuNzgxMjMxfQ==
j
Could you try 
result.decode('utf-8')
?
(Btw, the = sign at the end is ok)
d
no I keep getting the same error
the length of the api key thats correct ???
j
The scoped API key length will vary based on the embedded params, so there's no fixed length
d
i should set something configuration in typesense cloud ???
beacuse i generate a new key with the typescritp client and get this api key 
a09YSmRHZHcrVWl2eXA3clVCTWtLbVZvdnpCTEJUcHFSWXdhWTRMMFkwcz1JdHB4eyJleGNsdWRlX2ZpZWxkcyI6InBlcnNvbiIsImV4cGlyZXNfYXQiOjE2NTQ4ODU1NDJ9
but I still have the same error
j
Are you on Typesense Cloud or are you self-hosting Typesense?
The Typesense logs should have more information. If you're on Typesense Cloud, if you can DM me your cluster ID, I can check for you
d
I use Typesense Cloud
j
Found the issue in the logs: 
Parent key does not allow queries against queried collection. Key prefix: Itpx
I also see this: 
Scoped API keys can only be used for searches.
d
i can show the logs in typesense cloud ???
j
No... Usually logs are mainly useful for managing Typesense infrastructure, so we don't expose it and the API response shows all the errors. In this case, we don't show specific auth errors in the API response for security reasons.
d
ok i understand perfectly, well i will check the documentation and my code maybe i am doing something wrong. thank you very much for everything.
j
You want to make sure the parent search API key you're using has permissions to search through this particular collection
d
i use the search only api key generated by typesense cloud
j
Hmmm, that has permissions to search through all collections
d
and this api key can acces to this collections 
[ "*" ]
yes, that's why I don't know what's wrong
j
Could you DM me the exact JS code snippet you used to generate the scoped API key (along with the API Keys) and the code snippet you used to generate the search request? I can then run it locally to see what's going on. You can rotate the API Keys you share with me once we finish debugging.
d
ok
j
Summary: this worked with the JS library, but not the Python library for some reason. CC: @Kishore Nallan
Open in Slack
PreviousNext
Powered by