01 Aug 2018

Vault API

Overview

Algolia Vault allows you to restrict the access to your cluster to a specific set of sources. This restriction is applied at the network level and for non-authorised sources the cluster becomes invisible.

Make sure you authorize the IP addresses of people/offices that need to access the dashboard, as it is also affected by the restricted list you setup.

By default, the firewall restriction is disabled and all the sources are allowed to reach the server but they still need to provide valid application ID and api key to access the data stored on the cluster. The first call to setup the firewall whitelist will enable it, it’s possible to allow all the source by adding the source 0.0.0.0/0.

It’s possible to add a special source ALGOLIA_SUPPORT to allow the support team of algolia to access the api.

The number of sources allowed is limited to 1000 sources for performance reason.

All API access is over HTTPS, and accessed via the https://{Application-ID}.algolia.net domain for all write operations and https://{Application-ID}-dsn.algolia.net domain for all read operations to use our Distributed Search Network option. Application-ID variable can be found in your dashboard.

Vault API

Quick Reference

Verb Path Method

GET

/1/security/sources

List allowed sources

PUT

/1/security/sources

Replace the list of allowed sources

POST

/1/security/sources/append

Add a source to the allowed sources

GET

/1/security/sources/{source}

Delete one allowed source

List allowed sources

Path: /1/security/sources
HTTP Verb: GET

Description:
This command lists all your allowed sources.

Example:

curl -X GET \
     -H "X-Algolia-API-Key: ${ADMIN_API_KEY}" \
     -H "X-Algolia-Application-Id: ${APPLICATION_ID}" \
     "https://${APPLICATION_ID}-dsn.algolia.net/1/security/sources"

When the query is successful, the HTTP response is a 200 OK and returns a list of sources with associated descriptions.

[
  {
    "source": "10.0.0.1/32"
  },
  {
    "source": "192.168.0.0/16",
    "description": "Server subnet"
  }
]

Replace the list of allowed sources

Path: /1/security/sources
HTTP Verb: PUT

Description:
This command replaces the list of allowed sources.

Example:

curl -X PUT \
     -H "X-Algolia-API-Key: ${ADMIN_API_KEY}" \
     -H "X-Algolia-Application-Id: ${APPLICATION_ID}" \
     --data-binary '[
                        { "source": "10.0.0.1\/32" },
                        { "source": "192.168.0.0\/16", "description": "Server subnet" }
                    ]' \
    "https://${APPLICATION_ID}.algolia.net/1/security/sources"

When the query is successful, the HTTP response is a 200 OK and returns the update date.

{
  "updatedAt": "2013-08-17T07:59:28.313Z"
}

Add a source to the allowed sources

Path: /1/security/sources/append
HTTP Verb: POST

Description:
This command adds an source to the list of allowed sources.

Example:

curl -X POST \
     -H "X-Algolia-API-Key: ${ADMIN_API_KEY}" \
     -H "X-Algolia-Application-Id: ${APPLICATION_ID}" \
     --data-binary '{
                        "source": "10.0.0.1/32", "description": "One ip"
                    }' \
    "https://${APPLICATION_ID}.algolia.net/1/security/sources/append"

When the query is successful, the HTTP response is a 200 OK and returns the creation date.

{
  "createdAt": "2013-08-17T07:59:28.313Z"
}

Delete one allowed source

Path: /1/security/sources/{source}
HTTP Verb: GET

Description:
This command deleted one allowed source.

Parameters:

source
type: string
Required

Source to delete

Example:

curl -X DELETE \
     -H "X-Algolia-API-Key: ${ADMIN_API_KEY}" \
     -H "X-Algolia-Application-Id: ${APPLICATION_ID}" \
     "https://${APPLICATION_ID}.algolia.net/1/security/source/10.0.0.0%2f16"

When the query is successful, the HTTP response is a 200 OK and returns the deletion date.

{
  "deletedAt": "2013-08-17T07:59:28.313Z"
}
© Algolia - Privacy Policy