Limiting results based on user

Hi there,

I was wondering if someone could point me in the right direction.

I have a bunch of data stored in the index and every piece of data has a company_id. I want to make it such that every query requires a company_id so that users are unable to go in the JS, see the query, and then replicate it and remove the ‘company_id’ parameter and get everyone’s results.

Is this doable? I feel like it’s something that could maybe be done with query rules, but I’m brand new to Algolia and I’m having a hard time setting this up for my use case.

Thanks!

Hey @patrick,

You can check the docs around secured API keys?

In some cases, you don’t want your users to search into your whole set of records. You want them to search into a subset that is specifically tailored to them. All the movies they bookmarked, all the items they added to their shopping list, or all the content shared by their friends.

Let me know if that helps solve your problem. If not, we can try looking at different options :slight_smile:

Cheers!

1 Like

Awesome! That absolutely sounds like what I need. Thanks so much!

1 Like

If a movie is bookmarked by millions of users, then do we need to store all those user ids on the movie object? to provide user based search for that movie? if yes, the movie document size will be much bigger.