Step 2: Configure Your Search Experience with External Authorization

External authorization is a way to integrate permissions from an external source (such as Google Drive or Sharepoint) with the entities in Yext. External authorization is also useful for any subset of entities that you would like to restrict to only certain users in your Yext account. External identities can be passed at query time in your token and linked to entities in Yext Content.

light bulb
Note
We recommend leveraging a Connector (such as Google Drive for this section.

Step 1: Entity Configuration

You’ll need to make sure all of the entities that you want to include in your permissioned search experience have the correct permissions associated with them. You must populate the External Authorization Source field, and then you can populate the External Authorized Identities and External Blocked Identities fields with the identities associated with your users.

external authorization

The idea of allowed identities is to list any users or user groups that will have access to the entity. A blocked identity is useful if you want to add a user group to externalAuthorizedIdentities, with the exception of a single person, which you can subsequently add as an externalblockedIdentity to override it.

In order for the External Authorization fields to appear on your entities, you will need to enable these fields. Below are steps to enable External Authorization fields on entities using built-in entity types and custom entity types.

Built-In Entity Types

To display the External Authorization fields on any entities using built-in entity types, enable Authorized Search under Account Features.

Custom Entity Types

To display the External Authorization fields on any entities using custom entity types, you will need to create a new section for these fields in the schema for that entity type.

  1. Navigate to Content > Configuration > Entity Types. Choose the entity type that you would like to use External Authorization for.
  2. Go to the Fields tab. Click the + icon in the left-hand sidebar to add a field section.
  3. Add a new section titled “Authorized Search.” To that section, add these fields: External Authorization Source, External Authorized Identities and External Blocked Identities.

Step 2: Search Configuration

We assume that you have already created a Search experience on your Yext account. To configure your Search experience with External Auth, you’ll need to set type to external in the JSON config.

You can do this by navigating to your Search experience, clicking Edit in JSON on the left, and adding in this snippet of code for the vertical you intend to protect with External Auth permissions. Note that this is done on the vertical level, so you can have some verticals respect external permissions while keeping other verticals completely public.

{
  "verticals": {
    "googleDrive": {
      "entityTypes": ["googleDriveDocument"],
      "authorization": {
			"type": "external"
		}
      },
  },
}
light bulb
Note
Currently, Query Suggest and Spellcheck are not compatible with Authorized Search. This means that entities that may not surface as a Search result do still exist as part of Query Suggest and Spellcheck. We therefore recommend turning off those two features in order to make sure your experience is extremely secure.