Authorized Search | Yext Hitchhikers Platform
We support the ability to add entity-level ACLs into a Search Experience. This means that in a single search experience, each user can see different results for the same query based on which entities or documents they have access to.
We offer two ways of accomplishing this:
- Yext Authorization
- External Authorization
Authorized search is configured at the vertical level in Search, so you can leverage both Yext authorization and External authorization in the same experience for different verticals. You can also have verticals without any authorization if you’d like to keep everything in a certain vertical visible to everyone.
Yext Authorization — this pulls from user access controls in Yext. For each user, you can designate in Yext which entities they have permissions to view and limit their search results to match their entity level authorization.
This is recommended for customers managing all their users in Yext. This is also easiest if you are building web pages with Yext via Yext Sites.
External Authorization — this integrates permissions from an external source (such as Google Drive or Sharepoint) with the entities in the Yext Platform. An external identity can be passed at query time in your token and linked to entities in the Knowledge Graph.
This is recommended for users with data sets that already have document-level access controls pulled in via a Data Connector like Google Drive, Box, Dropbox and Sharepoint. This is also a great option for customers who manage user permissions outside of Yext.