Use vault parameters in your indexing pipeline extension

This is for:

Developer System Administrator
In this article

Vault parameters are sensitive and restricted key-value pairs stored using the Vault API of the Coveo Migration Service and passed as arguments to target IPEs. More precisely, these parameters populate the vault_parameters dictionary available in target IPEs. Typically, you’ll use these IPE vault_parameters values as passwords, secrets, keys, or any other sensitive information needed to access external resources.

Of course, vault entries can’t be logged using the Document Object Python API.

Example

You use the POST /vaultentries endpoint to create a vault entry for a password you want to use in an IPE.

POST https://platform.cloud.coveo.com/rest/organizations/yourorganizationid/vaultentries HTTP/1.1

Accept: application/json
Content-Type: application/json

In the request payload, you set IPE_password as the vault entry key, and you set its value to 2d6snx9@, which is your password. The unique identifier of your IPE is yourorganizationid-xc56kss5iazmlq4irhndj52ns4, so you pass that as the target id value.

{
  "scopes": [
    {
      "id": "yourorganizationid-xc56kss5iazmlq4irhndj52ns4",
      "resourceType": "EXTENSION"
    }
  ],
  "key": "IPE_password",
  "organizationId": "yourorganizationid",
  "vaultVisibilityType": "OBFUSCATED",
  "value": "2d6snx9@",
  "valueType": "string"
}

Now, in your IPE, you leverage that vault entry via vault_parameters["IPE_password"] to make a request to an external library.

import requests

r = requests.get("https://example.com", auth=("yourusername", vault_parameters["IPE_password"]))

if r.status_code == 200:
  # ...