Get the Privileges You Can Assign to an API Key

Manage an Organization Coveo Relevance Cloud System Administrator Product Documentation

In this article

Sample Request

A Coveo API key is granted a set of privileges which are only valid within the confines of a specific Coveo organization (see Manage Privileges and Privilege Reference).

You can use the Get all possible privileges for api keys in the selected organization call to retrieve the list of values which are assignable to the privileges parameter when you create an API Key (see Create an API Key):

Request template

GET https://platform.cloud.coveo.com/rest/organizations/<MyOrganizationId>/privileges/apikeys HTTP/1.1
 
Accept: application/json
Authorization: Bearer <MyAccessToken>

In the request path:

Replace <MyOrganizationId> with the actual ID of the target Coveo organization (see Retrieve the Organization ID).

In the Authorization HTTP header:

Replace MyAccessToken with access token (API key or OAuth2 token) that grants you the privilege to view API keys in the target organization (see Get Your Coveo Access Token).

It’s impossible to authenticate this call using an API key, since an API key can’t have the privilege to edit or view other API keys.

The body of a successful response contains the list of all privileges which are individually assignable to any API key in the Coveo organization matching the organizationId you provide as a path argument.

The most important properties of an API key privilege are its targetDomain, owner, and type (see Valid Privilege owner, targetDomain, and type Combinations). You don’t need to specify the targetIds and global properties of the privileges you include in the privileges parameter when you create an API key.

Sample Request

Getting all privileges which are assignable to an API key in a specific Coveo organization

GET https://platform.cloud.coveo.com/rest/organizations/mycoveocloudv2organizationg8tp8wu3/privileges/apikeys HTTP/1.1
 
Accept: application/json
Authorization: Bearer **********-****-****-****-************

Successful response - 200 OK

[
  {
    "targetDomain": "AUTHENTICATION_EDITOR",
    "targetIds": [],
    "owner": "SEARCH_API",
    "global": false
  },
  {
    "type": "EDIT",
    "targetDomain": "ON_PREMISE_ADMINISTRATION",
    "targetIds": [],
    "owner": "PLATFORM",
    "global": false
  },
  ...
]