Hello Typesense community I have some questions about the Sc typesense #community-help

Hello Typesense community, I have some questions a...

Zhexuan Liu

09/28/2024, 5:32 PM

Hello Typesense community, I have some questions about the ScopedSearchKey: 1. So in our case we want to generate a scoped search api key per user and per user role, so we were treating it as an ephemeral key. But it turns out not the case - the key is actually stored/registered with Typesense cluster. In this case we should just rotate the keys and not treat them as ephemeral right? 2. To rotate the key, we think we should just set

expires_at

and

autodelete

for each generated key, and let the cluster purge any expired keys. However, from the JS/TS client, I don't see

autodelete

param is exposed as stated in the API doc, is that expected? If so, how can we set ScopedSearch key to be autodelete after expired?

Jason Bosco

09/28/2024, 7:38 PM

Scoped API keys are not stored on the server-side they are indeed ephemeral. You want to generate a parent API key (which is stored on the server side), and then re-use that same parent API key to generate multiple scoped API Keys. Or if you have the concept of teams or organizations, may be create one parent api key for each team or organization, and then use that same one to generate ephemeral scoped API keys for each user on that team who needs different scoped access.

Jason Bosco

09/28/2024, 7:39 PM

Scoped api keys have their own expires_at that you can set, in addition to the expires_at you can set inside a parent API key. The

autodelete

parameter is just an typing issue in the TS client, the server-side still supports it. We'll add the types for it soon

Jason Bosco

09/28/2024, 7:39 PM

CC: @Fanis Tharropoulos Could you add the missing types

Zhexuan Liu

09/28/2024, 8:02 PM

@Jason Bosco Gotcha, yep that makes sense, thanks for the explanation! We will manage the parent API key as you suggested!

👍 1

Open in Slack

Previous Next