Use Vault Parameters in Your Indexing Pipeline Extension

Vault parameters are sensitive and restricted key-value pairs stored using the Vault API of the Coveo Migration Service and passed as arguments to target IPEs. More precisely, these parameters populate the vault_parameters dictionary available in target IPEs. Typically, you will use those IPE vault_parameters values as usernames and passwords to access external resources.

Of course, vault entries cannot be logged using the Document Object Python API.


You use the POST /vaultentries endpoint to store a password you want to use in an IPE.

Accept: application/json
Content-Type: application/json

In the request payload, you set password as the vault entry key, and you set its value to 2d6snx9@, which is your password. The unique identifier of your IPE is yourorganizationid-xc56kss5iazmlq4irhndj52ns4, so you pass that as the target id value.

      "id": "yourorganizationid-xc56kss5iazmlq4irhndj52ns4",
      "resourceType": "EXTENSION"
  "key": "password",
  "organizationId": "yourorganizationid",
  "sensitive": true,
  "value": "2d6snx9@",
  "valueType": "string"

Now, in your IPE, you leverage that vault entry via vault_parameters["password"] to make a request to an external library.

import requests
r = requests.get('', auth=('yourusername', vault_parameters["password"]))
if r.status_code == 200:
  # ...
What's Next for Me?