<% user.full_name %>
<% util.level ? util.level.title : '' %>
Explorer Pioneer Apollo Viking Voyager Pathfinder Orion
Points
<% user.points ? user.points.toLocaleString() : 0 %>
Badges
<% util.badgeCount %>
Streaks
Congratulations You've <% util.newestBadge.isCurriculum ? 'completed' : 'earned' %> the
<% util.newestBadge.title %> <% util.newestBadge.isCurriculum ? 'curriculum' : 'badge' %>!
previous
next
Share to Social Media
Linked In Facebook
Status
<% util.level ? util.level.title : '' %>
<% util.level ? util.level.points : '' %>
<% util.nextLevel ? util.nextLevel.title : '' %>
<% util.nextLevel ? util.nextLevel.points : '' %>
Level up! <% util.levelPointsRemaining %> points to go
Level up! <% util.levelPointsRemaining %> points to go
Badges
Completed Hitchhikers Program Track Completed Content Track Completed Pages Track Completed Page Builder Track Completed Search Backend Track Completed Search Frontend Theme Track Completed Search UI React Track Completed Solution Templates and the Admin Console Track Completed Technical Skills Track Completed Platform Basics Track Completed Listings Track Completed Reviews Track Completed Industry Overview Track Completed Analytics Track Completed Industry Overview & Product Basics Track Completed Knowledge Assistant Track Completed Multi-Language Experiences Track Completed Fall '22 Release Highlights Track Completed Spring '23 Release Highlights Track Completed Chat Track Completed Summer '23 Release Highlights Track Completed Fall '23 Release Highlights Track
<% util.expandBadges ? 'Less' : 'More' %>
Playground Accounts
New +
No Playground Accounts
Create Playground +
View Profile
Log Out loading
Mission Complete! 🚀
Congratulations, you’ve completed your first module!

We hope you enjoy exploring the rest of the site. Please don’t forget to leave us feedback - we are constantly looking to improve. Happy Hitchhiking!
Home
Welcome to Hitchhikers! 👋
To learn more about the platform we encourage you to get started by completing the Hitchhikers Program Track and earning your first badge!
Start Here
Close notification
Guide
Set up a Yext Authenticated Site and an Authorized Search Experience
Arrow Back
Completed
Introduction
Introduction
completed
Completed 1
Step 1
Create an App in the Developer Console
completed
Completed 2
Step 2
Create your Yext Auth Policy to secure your Yext Site
completed
Completed 3
Step 3
Create a Site in the Yext Platform
completed
Completed 4
Step 4
Configure Your Search Experience
completed
Completed 5
Step 5
Add Permissions and Roles to Your Yext Users
completed
Next Steps
Use External Authorization on Yext Users for Search (Optional)
completed
Next Steps
Visitor Analytics (Optional)
completed
home

Step 2: Create your Yext Auth Policy to secure your Yext Site

Next, you’ll need to create an authentication policy in the Admin Console via Configuration as Code. This authentication policy will ultimately be linked to your site, so your site will know how to authenticate users.

  1. Navigate to the Admin Console.
  2. Click Add Resource and choose to add an authentication-policy resources under pages. Give your policy a name and click Create.

  3. Configure the first part of your resource to look like the following. This will signal to Sites that you would like to use Yext Auth to protect your page, meaning users will have to authenticate into the Site with their Yext credentials.

    example-authentication-policy.json

     {
 "$id": "example-authentication-policy",
 "$schema": "https://schema.yext.com/config/pages/authentication-policy/v1",
 "name": "example-yextAuth-policy",
 "authentication": {
   "yext": true
  }
 }

    You can choose any name of your choice, but be sure to remember it for the next part.

  4. Below the authentication part, you’ll want to configure secure API tokens. This is done within the same policy that you have just created. These tokens are essential for your Search experience in order to make secure client-side calls to Yext APIs from an authenticated page. By using Yext Auth to protect your page, your Search experience can utilize the permissions and identities of Yext Users (explained more in later steps), and Sites will place the configured token on the window for Search to use. The token may look like the following:

example-authentication-policy.json // SAME RESOURCE AS ABOVE

{
"apiTokens": [
  {
"name": "SITE_SEARCH",
"keyId": "1nfhkeafjlzn439",
"claims": {
   "aud": "/v2/accounts/me/search",
   "expiresIn": 3600000,
   "query": {
      "experienceKey": "authorized-search",
      "experienceVersion": "ENV.DOMAIN_ENVIRONMENT"
    }
  },
      "scope": "/about.html"
     }
   ]
}

For more information on how to configure secure tokens, you can follow this guide . The important things to note right now are:

  • Remember the name of your token for the next part.
  • The keyID is from step 1 of this guide. This is required.
  • The audience specifies the intended URL, or array of URLs, of which endpoint(s) the token is authorized to call. For all search endpoints, for instance, the audience would be “/v2/accounts/me/search. This is required.
  • The expiresIn value is in milliseconds and designates how long the token will last for after being minted by Sites. You can choose any value. For example, if you choose 3600000 milliseconds (1 hour), the token will expire 1 hour after the time in which Sites mints it, which is when the user logs into the site. Setting the expiry time is optional. If unset, it will not expire.
    • Note: you also have the option to set exp, or the expiry time in UNIX time, directly. This is NOT recommended, as all tokens for the experience will expire at the given time, rather than dynamically based on when the token is minted.
  • The experienceKey designates which search experience your secure tokens should work for. The experience key can be found under the Experience Details tab within your search experience. This is optional.
  • The experienceVersion is optional but recommended and should remain unchanged. This is not truly a CaC variable, but rather set to ensure that a specific version is used and that previous versions of the configuration cannot be searched with the token. The version will be set based on the environment variable DOMAIN_ENVIRONMENT, either to STAGING or PRODUCTION.
  • The scope is a regex that specifies paths in the site. If set, the system will only generate tokens for pages matching the regex of this path. This is useful to improve performance, so that Sites does not have to mint a token for pages where it is not used. If not set, the system will generate a token for every page in the Site.

Note that identity is also part of the JWT that Sites will put on the page. It will be added at runtime to match that of user logging into the Site with Yext Auth.

Once you are satisfied with your authentication policy, including the configuration of your authentication policy as well as apiTokens, you can apply your resources to the account.

Feedback
<% elem.innerText %>