Use API key authentication with the Search API

Build a Search UI Coveo Relevance Cloud Developer Product Documentation

In this article

Step 1: Create an API key
Step 2: Configure the search interface

The simplest way to authenticate HTTP requests made from a Coveo-powered search interface is to pass an API key as a bearer token in the Authorization header of each Search API and usage analytics (UA) Write API call.

This authentication method requires you to expose a Coveo API key in client-side code. As such, it’s only legitimate if both of the following conditions are satisfied:

The API key you use only grants minimum privileges.
The search interface only queries public content.

If your search interface can query secured content, you must implement the search token authentication method instead.

Step 1: Create an API key

In the Coveo Administration Console, add an API key that grants the following privileges in the desired organization:

Domain	Access level
Execute Queries	Allowed
Analytics Data	Push

Domain

Access level

Execute Queries

Allowed

Analytics Data

Push

Avoid granting any additional privileges to this API key, as it will be exposed in client-side code.

Make sure that you also limit the scope of this API key to a specific search hub.

A search hub is an arbitrary string that identifies the search interface from which API requests are being made. For example, if you’re creating an API key for a public documentation search page, you could use Public docs search as the search hub.

Step 2: Configure the search interface

How you set the API key in a search interface depends on the library with which the search interface is built.

Atomic library

In a search interface built with the Coveo Atomic library, set the API key when calling the initialize method on the atomic-search-interface component.

You should also set the search-hub attribute to the correct value on the atomic-search-interface component.

<head>
  <!-- ... -->
  <script type="module" src="https://static.cloud.coveo.com/atomic/v2/atomic.esm.js">
  </script>
  <link rel="stylesheet" href="https://static.cloud.coveo.com/atomic/v2/themes/coveo.css"/>
  <script>
    (async () => {
      await customElements.whenDefined('atomic-search-interface');
      const searchInterface = document.getElementById("search");
      await searchInterface.initialize({
        accessToken: "a1b2c3d4-e5f6-g7h8-i9j0-k11l12m13n14",
        organizationId: "mycoveoorganization",
        organizationEndpoints: await searchInterface.getOrganizationEndpoints('mycoveoorganization')
      });
    })();
  </script>
  <!-- ... -->
</head>
<body>
  <atomic-search-interface id="search" search-hub="Public docs search">
    <!-- ... -->
  </atomic-search-interface>
</body>

Headless library

In a search interface built with the Coveo Headless library, set the API key and search hub in the configuration object when initializing your engine.

import { buildSearchEngine, getSampleSearchEngineConfiguration, getOrganizationEndpoints } from '@coveo/headless';
export const headlessEngine = buildSearchEngine({
  configuration: {
    search: {
      searchHub: "Public docs search"
    },
    organizationId: "mycoveoorganization",
    accessToken: "a1b2c3d4-e5f6-g7h8-i9j0-k11l12m13n14",
    organizationEndpoints: getOrganizationEndpoints("mycoveoorganization"),
  }
});

JavaScript Search Framework

In a search interface built with the Coveo JavaScript Search Framework, set the API key when calling the configureCloudV2Endpoint method on the SearchEndpoint class.

You should also set the data-search-hub attribute to the correct value on the CoveoAnalytics component.

<head>
  <!-- ... -->
  <link rel="stylesheet" href="https://static.cloud.coveo.com/searchui/v2.10093/css/CoveoFullSearch.min.css" />
  <script class="coveo-script" src="https://static.cloud.coveo.com/searchui/v2.10093/js/CoveoJsSearch.Lazy.min.js"></script>
  <script src="https://static.cloud.coveo.com/searchui/v2.10093/js/templates/templates.js"></script>
  <script>
    document.addEventListener("DOMContentLoaded", () => {
      const organizationId = "mycoveoorganization";
      const apiKey = "a1b2c3d4-e5f6-g7h8-i9j0-k11l12m13n14";
      const searchInterface = document.getElementById("search");
      Coveo.SearchEndpoint.configureCloudV2Endpoint(organizationId, apiKey)
      Coveo.init(searchInterface);
    });
  </script>
  <!-- ... -->
</head>
<body>
  <div id="search" class="CoveoSearchInterface">
    <div class="CoveoAnalytics" data-search-hub="Public docs search"></div>
    <!-- ... -->
  </div>
</body>