Add a simple hosted search page to a website
Add a simple hosted search page to a website
This is for:
DeveloperYou can add a hosted search page to any of your websites and software-as-a-service (SaaS) applications.
When you create a search page with the search page builder, the page configuration automatically includes a dedicated JavaScript loader snippet script. You can use the loader snippet to embed the search page into a web page or an application.
Note
If you haven’t done so already, we strongly recommend that you configure query pipelines and Coveo Machine Learning for your search page. |
To add a hosted search page to a website
-
Use the loader snippet to add the hosted search page to a website.
Configure search token authentication
You can configure search token authentication for your hosted search page using one of the following two methods:
-
Generic API key authentication: Use this simple configuration method to use the same generic search token to authenticate all users in your hosted search page. This token grants access to publicly available content only. This means that search page users will only have access to indexed content that’s accessible to everyone, and indexed content that’s secured via a repository’s permissions system won’t appear in search results.
-
Advanced search token authentication: Use this configuration method if you want to generate a distinct search token for each authenticated user in your hosted search page so that each user only sees the secured content that they’re allowed to access. Implementing advanced search token authentication requires you to add server-side logic to your website or application.
Generic API key authentication
This authentication method requires you to create an API key that’ll be used as the generic search token to authenticate all users of your search page. This means that search page users will only have access to indexed content that’s accessible to everyone, while indexed content that’s secured via a repository’s permissions system won’t appear in search results.
The API key is used to authenticate your search page to execute queries in the Coveo Search API and send Coveo Usage Analytics (Coveo UA) events to Coveo.
If you created multiple search pages, each page requires its own API key.
Create an API key while making sure to grant the key only the following permissions:
-
Allowed on Execute queries
-
Push on Analytics data
When Your API Key dialog appears, click Copy to copy the key value to your clipboard and paste the value to a safe location. This is the only time the key value will appear, so make sure to copy it when it appears. You’ll need the value when adding your search page to your website or application. |
Advanced search token authentication
Advanced search token authentication requires you to add server-side logic to your website or application for the purpose of generating a distinct search token for each authenticated user in your search page. This configuration method is used if some or all of your indexed content is secured by a repository’s permissions system, and you want search page users to only see the secured content that they’re allowed to access.
This procedure outlined in this section is a general guideline as the actual implementation details vary from one project to another.
Note
This procedure must be executed by a developer who is allowed to modify code in the target site or application. |
In summary, you must write server-side code that performs the following actions:
-
Authenticate the user in your website or application.
-
Call a service exposed through Coveo to request a search token for the authenticated user.
Add a hosted search page to a website
This section describes how to add a hosted search page built with Coveo’s search page builder to a website.
Notes
|
-
If you haven’t done so already, configure search token authentication for your search page.
-
Ensure that the domain of your Coveo organization’s primary deployment region is allowlisted in the website or application in which you want to add the search page.
Examples-
If your Coveo organization’s deployment region is US East, allowlist
platform.cloud.coveo.com
. -
If your Coveo organization is on the Coveo HIPAA platform, allowlist
platformhipaa.cloud.coveo.com
.
-
-
In the snippet you just copied, complete the script by replacing
API_KEY
with one of the following depending on your chosen search token authentication method:-
For generic search token authentication, replace
API_KEY
with the value of the API key that you created for your search page, and then save the completed script.ExampleYour search page loader snippet is:
<script async onload="CoveoSearchPage.initialize('API_KEY')" src="https://platform.cloud.coveo.com/rest/organizations/barcaorganization/searchpage/v1/interfaces/94218b9b-0a3e-4379-9dd4-ae3f4cbd2c80/loader"></script>
Your API key value is
xx1xx11x1x-1x11-1111-x1x1-11x111111x11
.Your completed script is therefore:
<script async onload="CoveoSearchPage.initialize('xx1xx11x1x-1x11-1111-x1x1-11x111111x11')" src="https://platform.cloud.coveo.com/rest/organizations/barcaorganization/searchpage/v1/interfaces/94218b9b-0a3e-4379-9dd4-ae3f4cbd2c80/loader"></script>
-
For advanced search token authentication, you’ll need to programmatically inject a generated search token value into
API_KEY
. The details will depend on your specific implementation.
-
-
Include a snippet similar to what follows in the
<head>
of each page in which you want to add the search page, where you replaceLOADER_SNIPPET
with your complete search page loader snippet that includes your API key value (generic search token authentication) or your logic to generate and set search token values (advanced search token authentication):<!DOCTYPE html> <html> <head> <!-- ... --> <!-- Coveo Search Page --> <LOADER_SNIPPET> <!-- End Coveo Search Page --> <!-- ... --> </head> <body> <!-- ... --> </body> </html>
ExampleIf your loader snippet script is:
<script async onload="CoveoSearchPage.initialize('xx1xx11x1x-1x11-1111-x1x1-11x111111x11')" src="https://platform.cloud.coveo.com/rest/organizations/barcaorganization/searchpage/v1/interfaces/94218b9b-0a3e-4379-9dd4-ae3f4cbd2c80/loader"></script>
The snippet would be:
<!DOCTYPE html> <html> <head> <!-- ... --> <!-- Coveo Search Page --> <script async onload="CoveoSearchPage.initialize('xx1xx11x1x-1x11-1111-x1x1-11x111111x11')" src="https://platform.cloud.coveo.com/rest/organizations/barcaorganization/searchpage/v1/interfaces/94218b9b-0a3e-4379-9dd4-ae3f4cbd2c80/loader"></script> <!-- End Coveo Search Page --> <!-- ... --> </head> <body> <!-- ... --> </body> </html>
-
Access the web page where you added the search page to ensure that it appears as intended.
Add custom context
To provide more personalized and relevant search results, you can set your search page to send custom context data along with each user query.
You can then leverage the data in query ranking expressions (QREs) and query pipeline conditions to increase the relevance of search results. See Manage ranking expression rules and Manage query pipeline conditions for details on these features.
The data can also help to train Coveo ML models to boost results based on the context.
To include custom context in a search request that originates from a search page, you must create a JSON object in your source code that contains the data, and then call the object when initializing the search page using the CoveoSearchPage.initialize
function.
The context that’s passed when the search page initializes should be static data, such as an authenticated user ID or role.
If the custom context that you want to send is dynamic, such as context based on user action, you can use the CoveoSearchPage.addContext
function after initialization to add or overwrite the context you set in the JSON object.
To add custom context:
-
In the source code of the web page or application where you added the search page, create a JSON object that contains the custom context to send.
NoteCoveo recommends that your JSON object minimally contains user and app context.
ExampleIn this example, we created a
myContext
JSON object that contains the custom context.const myContext = { "user": { "email": "user@company.com" }, "app": { "title": "Home page" }, "custom": { } }
-
In the
<head>
of the page in which you added the search page, pass the custom context when loading the search page using the followingCoveoSearchPage.initialize
function, where you replaceCONTEXT
with your JSON object.CoveoSearchPage.initialize('API_KEY', <CONTEXT>)
ExampleIf your original search page loader script is
<script async onload="CoveoSearchPage.initialize('xx1xx11x1x-1x11-1111-x1x1-11x111111x11')" src="https://platform.cloud.coveo.com/rest/organizations/barcaorganization/searchpage/v1/interfaces/94218b9b-0a3e-4379-9dd4-ae3f4cbd2c80/loader"></script>
, and your JSON object ismyContext
, the modified script is the following:<!DOCTYPE html> <html> <head> <!-- ... --> <!-- Coveo Search Page --> <script async onload="CoveoSearchPage.initialize('xx1xx11x1x-1x11-1111-x1x1-11x111111x11', myContext)" src="https://platform.cloud.coveo.com/rest/organizations/barcaorganization/searchpage/v1/interfaces/94218b9b-0a3e-4379-9dd4-ae3f4cbd2c80/loader"></script> <!-- End Coveo Search Page --> <!-- ... --> </head> <body> <!-- ... --> </body> </html>
-
If required, you can add additional context or overwrite context that you set in the JSON object after initializing the search page by using the
CoveoSearchPage.addContext
function. This is useful when you want to send dynamic context, such as context based on an error code or a click event related to a user action.Examples-
To add context based on a click event:
searchPagesMenu.onclick = () => { CoveoSearchPage.addContext({ app: { menuItem: "searchPages" } }); }
-
To add context based on an error:
errorHandler = (error) => { console.error("An error occurred", error); CoveoSearchPage.addContext({ app: { errorCode: error.code } }); }
-
-
If you haven’t done so already, configure query pipelines and Coveo Machine Learning for your search page. You can leverage the custom context data in query ranking expressions (QREs) and query pipeline conditions to personalize and increase the relevance of search results.
NoteUse dot-walking syntax (for example,
user.email
) when referencing a context key in a query pipeline conditionContext
object.