I am using Signed Search Keys for a web client, the result retrieval works fine.
I would like to still use the click analytics, however right now the click endpoint return 401 Unauthorized when authenticating with the signed search key.
A solution would be to use the private search key for that endpoint but that would defeat the purpose and security of the signed search key.
Is it possible to use signed search key with click analytics?
Thanks for writing in! I'm sorry you're not having any luck with the Signed Search Key and the Clicks API.
Unfortunately, the Clicks API does not support using Signed Search Keys. The only API endpoints that truly support Signed Search Keys at this time are the Search and Multi-Search endpoints.
I've filed an issue to improve the documentation around this issue. I'll also make sure to file an issue to look into other APIs that should support Signed Search Keys because I can definitely see the use case for the Clicks API.
I think it makes sense that the Signed Search Keys mirror the behaviour of Search Keys.
It's a great functionality to be able to partition users securely with SSK, but then you loose large portion of functionality of Analytics. (and need more configuration of search-ui, if you're using it, to disable analytics)
Or roll your own backend with jwt auth, and potentially loose convenience of search-ui.
I don't believe I am trying to do anything fancy here. I wonder how others have solved this issue?
@kubami unfortunately, I think the best workaround at the moment would be to split your engine up by what you're filtering for in your signed search key, which I understand is not a great workaround.
I'm hoping we'll be able to address this soon, but at the moment we can't give a specific timeline
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.