2022-06-30 Update
June 30, 2022 Update
API Key Privileges Restrictions
To align with the latest industry standards regarding API key privileges, the following restrictions have been added to API keys:
-
API keys that contain the Execute queries > Allowed and/or Impersonate > Allowed privileges of the Search service can now only be combined with the Impersonate > Allowed and/or Analytics data > Push privileges of the Analytics service.
-
API keys that contain administrative privileges, such as the Query pipelines > View all privilege of the Search service, or the Sources > Edit all privilege of the Content service, can no longer have the Execute queries > Allowed, Search > Impersonate > Allowed, or Analytics > Impersonate > Allowed privileges associated together.
This change also applies to API keys created before this update as soon as their privileges will be edited.
To execute tasks in your server-side application that require both administrative and search privileges, you now have to create two separate API keys, which combined, contain all the required privileges. Client-side API keys should always have only two privileges:
-
Execute queries > Allowed
-
Analytics data > Push
Click here to read about previous product upgrades.