Generate secured API key

This helper method generates a secured API key from a parent API key by adding query parameters and restrictions. Secured API keys use hash-based message authentication codes (HMAC). To generate a secured API key, the method performs the following steps:

Compute a SHA-256 HMAC with:
- Secret: the parent API key
- Message: a URL-encoded list of query parameters
These query parameters are applied to every request that uses the API key and can’t be modified by end users.
Concatenate the SHA-256 HMAC with the list of query parameters into a single string.
Encode the resulting string in base64.

Usage

var response = client.GenerateSecuredApiKey(
  "2640659426d5107b6e47d75db9cbaef8",
  new SecuredApiKeyRestrictions
  {
    ValidUntil = 2524604400L,
    RestrictIndices = new List<string> { "Movies" },
  }
);

Parameters

parentApiKey

string

required

The API key to be used as secret for the secured API key. The secured API key inherits all restrictions from its parent. You can’t use an Admin API key as parent.

restriction

SecuredApiKeyRestrictions

required

You must apply at least one restriction when creating a secured API key. If you try to use a secured API key with the same restrictions as its parent key, the API returns a 403 Forbidden error.

Show child attributes

SearchParams

SearchParamsObject

Search parameters that are always applied when using this API key. For more information, see API parameters.

Filters

string

Filters that are always applied when using this API key.

ValidUntil

long

Timestamp when the API key expires, in seconds since the Unix epoch.

RestrictIndices

List<string>

Indices names that this API key can access. Use * as a wildcard, for example dev_* to allow all indices with names that start with dev_.

RestrictSources

string

IP network range that is allowed to use this API key.

UserToken

string

By default, rate limits are applied per IP address. If many users share an IP, add a user token to each generated API key to avoid incorrect rate limiting.

parentApiKey

string

required

The API key to be used as secret for the secured API key. The secured API key inherits all restrictions from its parent. You can’t use an Admin API key as parent.

restrictions

SecuredApiKeyRestrictions

required

You must apply at least one restriction when creating a secured API key. If you try to use a secured API key with the same restrictions as its parent key, the API returns a 403 Forbidden error.

Show child attributes

SearchParams

SearchParamsObject

Search parameters that are always applied when using this API key. For more information, see API parameters.

Filters

string

Filters that are always applied when using this API key.

ValidUntil

int64

Timestamp when the API key expires, in seconds since the Unix epoch.

RestrictIndices

[]string

Indices names that this API key can access. Use * as a wildcard, for example dev_* to allow all indices with names that start with dev_.

RestrictSources

string

IP network range that is allowed to use this API key.

UserToken

string

By default, rate limits are applied per IP address. If many users share an IP, add a user token to each generated API key to avoid incorrect rate limiting.

parentApiKey

String

required

The API key to be used as secret for the secured API key. The secured API key inherits all restrictions from its parent. You can’t use an Admin API key as parent.

restrictions

SecuredApiKeyRestrictions

required

You must apply at least one restriction when creating a secured API key. If you try to use a secured API key with the same restrictions as its parent key, the API returns a 403 Forbidden error.

Show child attributes

searchParams

SearchParamsObject

Search parameters that are always applied when using this API key. For more information, see API parameters.

filters

String

Filters that are always applied when using this API key.

validUntil

Long

Timestamp when the API key expires, in seconds since the Unix epoch.

restrictIndices

List<String>

Indices names that this API key can access. Use * as a wildcard, for example dev_* to allow all indices with names that start with dev_.

restrictSources

String

IP network range that is allowed to use this API key.

userToken

String

By default, rate limits are applied per IP address. If many users share an IP, add a user token to each generated API key to avoid incorrect rate limiting.

parentApiKey

string

required

The API key to be used as secret for the secured API key. The secured API key inherits all restrictions from its parent. You can’t use an Admin API key as parent.

restrictions

SecuredApiKeyRestrictions

required

You must apply at least one restriction when creating a secured API key. If you try to use a secured API key with the same restrictions as its parent key, the API returns a 403 Forbidden error.

Show child attributes

searchParams

SearchParams

Search parameters that are always applied when using this API key. For more information, see API parameters.

filters

String

Filters that are always applied when using this API key.

validUntil

number

Timestamp when the API key expires, in seconds since the Unix epoch.

restrictIndices

string[]

Indices names that this API key can access. Use * as a wildcard, for example dev_* to allow all indices with names that start with dev_.

restrictSources

string

IP network range that is allowed to use this API key.

userToken

string

By default, rate limits are applied per IP address. If many users share an IP, add a user token to each generated API key to avoid incorrect rate limiting.

parentApiKey

String

required

The API key to be used as secret for the secured API key. The secured API key inherits all restrictions from its parent. You can’t use an Admin API key as parent.

restrictions

SecuredApiKeyRestrictions

required

You must apply at least one restriction when creating a secured API key. If you try to use a secured API key with the same restrictions as its parent key, the API returns a 403 Forbidden error.

Show child attributes

searchParams

SearchParamsObject

Search parameters that are always applied when using this API key. For more information, see API parameters.

filters

String

Filters that are always applied when using this API key.

validUntil

Long

Timestamp when the API key expires, in seconds since the Unix epoch.

restrictIndices

List<String>

Indices names that this API key can access. Use * as a wildcard, for example dev_* to allow all indices with names that start with dev_.

restrictSources

String

IP network range that is allowed to use this API key.

userToken

String

By default, rate limits are applied per IP address. If many users share an IP, add a user token to each generated API key to avoid incorrect rate limiting.

parentApiKey

string

required

The API key to be used as secret for the secured API key. The secured API key inherits all restrictions from its parent. You can’t use an Admin API key as parent.

restrictions

array

required

You must apply at least one restriction when creating a secured API key. If you try to use a secured API key with the same restrictions as its parent key, the API returns a 403 Forbidden error.

Show child attributes

searchParams

array

Search parameters that are always applied when using this API key. For more information, see API parameters.

filters

string

Filters that are always applied when using this API key.

validUntil

int

Timestamp when the API key expires, in seconds since the Unix epoch.

restrictIndices

string[]

Indices names that this API key can access. Use * as a wildcard, for example dev_* to allow all indices with names that start with dev_.

restrictSources

string

IP network range that is allowed to use this API key.

userToken

string

By default, rate limits are applied per IP address. If many users share an IP, add a user token to each generated API key to avoid incorrect rate limiting.

parent_api_key

str

required

The API key to be used as secret for the secured API key. The secured API key inherits all restrictions from its parent. You can’t use an Admin API key as parent.

restrictions

dict | SecuredApiKeyRestrictions

required

You must apply at least one restriction when creating a secured API key. If you try to use a secured API key with the same restrictions as its parent key, the API returns a 403 Forbidden error.

Show child attributes

search_params

dict | SearchParams

Search parameters that are always applied when using this API key. For more information, see API parameters.

filters

str

Filters that are always applied when using this API key.

valid_until

int

Timestamp when the API key expires, in seconds since the Unix epoch.

restrict_indices

list[str]

Indices names that this API key can access. Use * as a wildcard, for example dev_* to allow all indices with names that start with dev_.

restrict_sources

str

IP network range that is allowed to use this API key.

user_token

str

By default, rate limits are applied per IP address. If many users share an IP, add a user token to each generated API key to avoid incorrect rate limiting.

parent_api_key

String

required

The API key to be used as secret for the secured API key. The secured API key inherits all restrictions from its parent. You can’t use an Admin API key as parent.

restrictions

Hash

required

You must apply at least one restriction when creating a secured API key. If you try to use a secured API key with the same restrictions as its parent key, the API returns a 403 Forbidden error.

Show child attributes

search_params

SearchParams

Search parameters that are always applied when using this API key. For more information, see API parameters.

filters

String

Filters that are always applied when using this API key.

valid_until

integer

Timestamp when the API key expires, in seconds since the Unix epoch.

restrict_indices

Array[String]

Indices names that this API key can access. Use * as a wildcard, for example dev_* to allow all indices with names that start with dev_.

restrict_sources

String

IP network range that is allowed to use this API key.

user_token

String

By default, rate limits are applied per IP address. If many users share an IP, add a user token to each generated API key to avoid incorrect rate limiting.

parentApiKey

String

required

The API key to be used as secret for the secured API key. The secured API key inherits all restrictions from its parent. You can’t use an Admin API key as parent.

restrictions

SecuredApiKeyRestrictions

required

You must apply at least one restriction when creating a secured API key. If you try to use a secured API key with the same restrictions as its parent key, the API returns a 403 Forbidden error.

Show child attributes

searchParams

SearchParamsObject

Search parameters that are always applied when using this API key. For more information, see API parameters.

filters

String

Filters that are always applied when using this API key.

validUntil

Long

Timestamp when the API key expires, in seconds since the Unix epoch.

restrictIndices

Seq[String]

Indices names that this API key can access. Use * as a wildcard, for example dev_* to allow all indices with names that start with dev_.

restrictSources

String

IP network range that is allowed to use this API key.

userToken

String

By default, rate limits are applied per IP address. If many users share an IP, add a user token to each generated API key to avoid incorrect rate limiting.

parentApiKey

String

required

The API key to be used as secret for the secured API key. The secured API key inherits all restrictions from its parent. You can’t use an Admin API key as parent.

restrictions

SecuredApiKeyRestrictions

required

You must apply at least one restriction when creating a secured API key. If you try to use a secured API key with the same restrictions as its parent key, the API returns a 403 Forbidden error.

Show child attributes

searchParams

SearchParamsObject

Search parameters that are always applied when using this API key. For more information, see API parameters.

filters

String

Filters that are always applied when using this API key.

validUntil

int

Timestamp when the API key expires, in seconds since the Unix epoch.

restrictIndices

[String]

Indices names that this API key can access. Use * as a wildcard, for example dev_* to allow all indices with names that start with dev_.

restrictSources

String

IP network range that is allowed to use this API key.

userToken

String

By default, rate limits are applied per IP address. If many users share an IP, add a user token to each generated API key to avoid incorrect rate limiting.

API clients (current)

Clients and methods

Generate secured API key

Usage

Parameters

API clients (current)

Clients and methods

​Usage

​Parameters

Usage

Parameters