API Reference / API Methods / API Keys / Update API Key
Jan. 14, 2019

Update API Key

Required API Key: Admin
Method signature
$client->updateApiKey(apiKey)

$client->updateApiKey(apiKey, [
  // All the following parameters are optional
  'acl'                     => acl
  'indexes'                 => indexes,
  'referers'                => referers,
  'queryParameters'         => queryParameters,
  'description'             => description,
  'validity'                => validity,
  'maxQueriesPerIPPerHour'  => maxQueriesPerIPPerHour,
  'maxHitsPerQuery'         => maxHitsPerQuery,
])

About this method

Update the permissions of an existing API Key.

Examples

Update the permissions of an existing key

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
// Update an existing API key that is valid for 300 seconds
$res = $client->updateApiKey('myAPIKey', [
  'acl' => ['search']
  'validity' => 300
]);

echo 'key=' . $res['key'] . "\n";

// Update an existing index specific API key valid for 300 seconds,
// with a rate limit of 100 calls per hour per IP and a maximum of 20 hits
$res = $index->updateApiKey('myAPIKey', [
  'acl' => ['search'],
  'validity' => 300,
  'maxQueriesPerIPPerHour' => 100,
  'maxHitsPerQuery' => 20
]);

echo 'key=' . $res['key'] . "\n";

Parameters

apiKey
type: string
default: no default
Required

API Key to update

acl
type: list
default: no default
Optional

Set of permissions associated to the key.

The possible acls are:

  • search: Allows search.
  • browse: Allows retrieval of all index contents via the browse API.
  • addObject: Allows adding/updating an object in the index. (Copying/moving indices are also allowed with this permission.)
  • deleteObject: Allows deleting an existing object.
  • deleteIndex: Allows deleting index content.
  • settings: allows getting index settings.
  • editSettings: Allows changing index settings.
  • analytics: Allows retrieval of analytics through the analytics API.
  • listIndexes: Allows listing all accessible indices.
  • logs: Allows getting the logs.
  • seeUnretrievableAttributes: Disables the unretrievableAttributes feature for all operations returning records.
validity
type: list
default: no expiration date
Optional

A Unix timestamp used to define the expiration date of the API key.

maxHitsPerQuery
type: list
default: 0 (unlimited)
Optional

Specify the maximum number of hits this API key can retrieve in one call. This parameter can be used to protect you from attempts at retrieving your entire index contents by massively querying the index.

maxQueriesPerIPPerHour
type: list
default: 0 (no rate limit)
Optional

Specify the maximum number of API calls allowed from an IP address per hour. Each time an API call is performed with this key, a check is performed. If the IP at the source of the call did more than this number of calls in the last hour, a 403 code is returned.

This parameter can be used to protect you from attempts at retrieving your entire index contents by massively querying the index.

indexes
type: list
default: [] (all indices)
Optional

Specify the list of targeted indices. You can target all indices starting with a prefix or ending with a suffix using the ‘*’ character. For example, “dev_*” matches all indices starting with “dev_” and “*_dev” matches all indices ending with “_dev”.

referers
type: list
default: [] (all referers)
Optional

Specify the list of referers. You can target all referers starting with a prefix, ending with a suffix using the ‘*’ character. For example, “https://algolia.com/*” matches all referers starting with “https://algolia.com/” and “*.algolia.com” matches all referers ending with “.algolia.com”. If you want to allow the domain algolia.com you can use “*algolia.com/*”.

queryParameters
type: key value mapping
default: "" (no query parameters)
Optional

Specify the list of query parameters. You can force the query parameters for a query using the url string format. Example: “typoTolerance=strict&ignorePlurals=false”

description
type: string
default: ""
Optional

Specify a description to describe where the key is used.

Response

In this section we document the JSON response returned by the API. Each language will encapsulate this response inside objects specific to the language and/or the implementation. So the actual type in your language might differ from what is documented.

JSON format

1
2
3
4
{
  "key": "1eb37de6308abdccf9b760ddacb418b4",
  "updatedAt": "2017-12-16T22:21:31.871Z"
}
key
string

The updated key.

updatedAt
string

The date at which the key was updated.

Did you find this page helpful?