Step 2: Configure Your Search Experience with External Authorization
External authorization is a way to integrate permissions from an external source (such as Google Drive or Sharepoint) with the entities in Yext. External authorization is also useful for any subset of entities that you would like to restrict to only certain users in your Yext account. External identities can be passed at query time in your token and linked to entities in Yext Content.
Step 1: Entity Configuration
You’ll need to make sure all of the entities that you want to include in your permissioned search experience have the correct permissions associated with them. You must populate the External Authorization Source field, and then you can populate the External Authorized Identities and External Blocked Identities fields with the identities associated with your users.
The idea of allowed identities is to list any users or user groups that will have access to the entity. A blocked identity is useful if you want to add a user group to externalAuthorizedIdentities
, with the exception of a single person, which you can subsequently add as an externalblockedIdentity
to override it.
In order for the External Authorization fields to appear on your entities, you will need to enable these fields. Below are steps to enable External Authorization fields on entities using built-in entity types and custom entity types.
Built-In Entity Types
To display the External Authorization fields on any entities using built-in entity types, enable Authorized Search under Account Features.
Custom Entity Types
To display the External Authorization fields on any entities using custom entity types, you will need to create a new section for these fields in the schema for that entity type.
- Navigate to Content > Configuration > Entity Types. Choose the entity type that you would like to use External Authorization for.
- Go to the Fields tab. Click the + icon in the left-hand sidebar to add a field section.
- Add a new section titled “Authorized Search.” To that section, add these fields: External Authorization Source, External Authorized Identities and External Blocked Identities.
Step 2: Search Configuration
We assume that you have already created a Search experience on your Yext account. To configure your Search experience with External Auth, you’ll need to set type to external
in the JSON config.
You can do this by navigating to your Search experience, clicking Edit in JSON on the left, and adding in this snippet of code for the vertical you intend to protect with External Auth permissions. Note that this is done on the vertical level, so you can have some verticals respect external permissions while keeping other verticals completely public.
{
"verticals": {
"googleDrive": {
"entityTypes": ["googleDriveDocument"],
"authorization": {
"type": "external"
}
},
},
}