Restricts this API key to a list of indices or index patterns. If the list is empty, all indices are allowed. Specify either an exact index name or a pattern with a leading or trailing wildcard character (or both). For example: - dev_* matches all indices starting with "dev_" - *_dev matches all indices ending with "_dev" - *_products_* matches all indices containing "products".
Maximum number of hits this API key can retrieve in one query. If zero, no limit is enforced. > Note: Use this parameter to protect you from third-party attempts to retrieve your entire content by massively querying the index.
Maximum number of API calls per hour allowed from a given IP address or user token. Each time an API call is performed with this key, a check is performed. If there were more than the specified number of calls within the last hour, the API returns an error with the status code 429 (Too Many Requests). > Note: Use this parameter to protect you from third-party attempts to retrieve your entire content by massively querying the index.
Restrict this API key to specific referrers. If empty, all referrers are allowed. For example: - https://algolia.com/_* matches all referrers starting with "https://algolia.com/" - *.algolia.com matches all referrers ending with ".algolia.com" - *algolia.com* allows everything in the domain "algolia.com".
Validity duration of a key (in seconds). The key will automatically be removed after this time has expired. The default value of 0 never expires. Short-lived API keys are useful to grant temporary access to your data. For example, in mobile apps, you can't control when users update your app. So instead of encoding keys into your app as you would for a web app, you should dynamically fetch them from your mobile app's backend.
