Introduction | Yext Hitchhikers Platform

Overview

Search API calls can be made using JWT (JSON Web Tokens) in place of an API key. JWTs are used to authenticate users and can be seen as short-term, personal API tokens that carry user information. There are lots of good materials on JWT , and it has some significant advantages over using a plain API key; specifically, you can use fixed_query_params in a JWT to pass context for query rules, making it so users can only view a specific set of entities (or other query rule applications). Even if the JWT is shared, it will always keep those fixed_query_params. Here’s an outline of how it works with our APIs and SDKs:

  1. The implementer will make a server side request for a JWT using our secure token API .
  2. They pass that token to the Search API (or Content Delivery API) in place of the API key to get a response.
  3. The token eventually expires and the implementer requests a new one.

Preparation

To use JWT with your Search experience, there are a few things you’ll need to do in advance:

  1. Confirm you are on theme version 1.22 or later. This theme has support for a Runtime Configuration, which is used to use JWT in place of your API key. For more information on Theme 1.22, visit the Theme Changelog .
  2. Set useJWT and initializeManually to true in the Theme’s global_config.json. For more information on the global_config.json, visit the Global Settings and Local Configuration reference doc. You also want to be sure that you do not set the usual apiKey as you are using the JWT in place of your API key.
  3. Create a new developer app with the following permissions:

    • Secure Token Content Delivery API - Read / Write
    • Q&A Submission - Read / Write
    • Locations (Content Delivery API) - Read-Only
    • Entities (Content Delivery API) - Read-Only

    For more information on setting up an App, visit our Get Started guide .

  4. If you’re using the JS Snippet integration option, follow the normal steps to add the Search results page .