In some cases, you don’t want every user to be able to access all the objects that you have indexed on Algolia.
You want to restrict the search to the objects this specific user has access to.
There are 2 ways to achieve this:
Having an index for each user.
With Algolia, you can have as many indices as you want, so you can create one index for each user, create one API key for each index.
It’s as simple as that.
If you want to create tens of thousands of indices, you may want to contact us first.
Using our Secured API Keys feature** If some of the objects are shared by multiple users,
it’s better to use the same index for all users, but to use the Secured API Key feature.
It allows you to generate API Keys that can only retrieve objects that have a specific tag.
For example, you could tag all objects with the user_id of all users that have access to this object and then dynamically generate an API Key for each user.
This way, you can make sure that each user can only search the objects he is allowed to access.
We're always looking for advice to help improve our documentation! Please let us know what's working (or what's not!) - we're constantly iterating thanks to the feedback we receive.