Use vault parameters in your indexing pipeline extension

This is for:

Developer System Administrator
In this article

Vault parameters are sensitive and restricted key-value pairs stored using the Vault API of the Coveo Migration Service and passed as arguments to target IPEs. More precisely, these parameters populate the vault_parameters dictionary available in target IPEs. Typically, you’ll use these IPE vault_parameters values as usernames and passwords to access external resources.

Of course, vault entries can’t be logged using the Document Object Python API.

Example

You use the POST /vaultentries endpoint to create a vault entry for a password you want to use in an IPE.

POST https://platform.cloud.coveo.com/rest/organizations/yourorganizationid/vaultentries HTTP/1.1

Accept: application/json
Content-Type: application/json

In the request payload, you set IPE_password as the vault entry key, and you set its value to 2d6snx9@, which is your password. The unique identifier of your IPE is yourorganizationid-xc56kss5iazmlq4irhndj52ns4, so you pass that as the target id value.

{
  "scopes": [
    {
      "id": "yourorganizationid-xc56kss5iazmlq4irhndj52ns4",
      "resourceType": "EXTENSION"
    }
  ],
  "key": "IPE_password",
  "organizationId": "yourorganizationid",
  "vaultVisibilityType": "OBFUSCATED",
  "value": "2d6snx9@",
  "valueType": "string"
}

Now, in your IPE, you leverage that vault entry via vault_parameters["IPE_password"] to make a request to an external library.

import requests

r = requests.get("https://example.com", auth=("yourusername", vault_parameters["IPE_password"]))

if r.status_code == 200:
  # ...