Recently we had a client that was looking to explore additional features within Coveo. As such, we looked at using a separate Access Token that had restricted permissions to ensure it could only be used for what it was intended.
One of the ways you can accomplish this is by restricting the API key to a specific Search Hub
. Doing so is quite easy in the Platform Admin under API Keys > Privileges > Search > Limit the API Key Scope
. However, we found an issue where the token couldn't be updated via the interface. It's not something that is common or is likely to happen to anyone else, but we needed another way. Enter the Coveo Platform API.
Get The API Details
First thing first, head on over to the Coveo Platform API and specifically you want to look at the Authorization Server
definition. This should load up if you use the link and should resemble something like the following.
So first we're going to use the Show API key
method.
We will need the organizationId
and the apiKeyId
.You can retrieve these from the Platform Admin after clicking on the particular API key and then grabbing the values from the URL:
https://platform.cloud.coveo.com/admin/#<-- ORG ID -->/organization/api-access/<-- API KEY ID -->/configuration
Upon clicking Execute
and you have access (via the Authorize
button above), you should receive a response body containing all the details of the API key.
I will note that you could use a program like Postman, as long as you have an Access Token with the necessary rights.
Copy that response body to a separate file or text editor, where you can then make the appropriate changes.
In our case, because we wanted to update the searchHub so we made changes to the JSON to set the appropriate value.
...
"search": {
"enforcedQueryPipelineConfiguration": {
"searchHub": "recommendations"
}
}
},
...
Once the changes have been made, we can then move on to updating the API Key.
Updating The API Key Configuration
Find the method Update API key
. It will look like the following:
Add back in the organizationId
, apiKeyId
, and in the apiKeyModel
add back in the JSON you just updated.
Upon clicking Execute
you should receive a response 201 indicating it has been updated.
To verify you have made the change successfully, you can go back to Get API Details above and repeat that process to obtain the hopefully updated configuration.