Use External Authorization on Yext Users for Search (Optional) | Yext Hitchhikers Platform

Overview

External Authorization with Yext Auth is a way to integrate permissions from an external source (such as Google Drive or Sharepoint) with the Yext Platform. An external identity (or as many as you wish) can be assigned to a Yext User, which links an external permission to a user while still using Yext Auth.

Set up External Authorization

To set this up, you’ll need to do the following:

  1. Change your Search config on the vertical you want to use external authorization to set type to external.
  2. Add external identities to your users. Currently, this can only be done via the API, so you can make a call that looks like the following. Basically, you’ll need to include the source of your permission + the identity.

    • To update users: PUT https://api.yextapis.com/v2/accounts/me/users/{userID}?v=20161012&api_key={api_key}

    request body

      {
     "id": "replace_with_internal_yext_id",
     "firstName": "myFirstName",
     "lastName": "myLastName",
     "username": "myUserName",
     "emailAddress": "myEmail@yext.com",
     "externalIdentities": [
     {
     "Source":"google-drive",
           "identities": ["exampleIdentity@gmail.com", "yext.com"]
       }
     ]
     }
    • To create users ( more info here ) you can do the same request_body as above but with acl attributes added, and instead send a POST request.
  3. Update Entities to include Authorization Fields

light bulb
Tip
Note: You’ll likely want to integrate a Connector such as for Google-Drive for this part, so if you have not done so yet we recommend trying that out first.

You’ll need to make sure all of your entities that you want to include in your permissioned search experience have the correct permissions associated with them. You must populate the field External Authorization Source, and then can populate the External Authorized Identities field and External Blocked Identities filed with your identities associated with the Yext users.

external authorization

Entities can have both external identities as well as Yext permissioning system attached to it, and Search will know which system to respect based on the Search config by Vertical. The idea of allowed identities is to list any users or user groups that will have access to the entity. A blocked identity is useful if you want to add a user group to externalAuthorizedIdentities, with the exception of a single person, which you can subsequently add as an externalblockedIdentity to override it.