Meilisearch’s tenant tokens are JSON web tokens (JWTs). Their payload is made of three elements: search rules, an API key UID, and an optional expiration date.
searchRules
must be a JSON object. Each key must correspond to one or more indexes:
filter
key. This filter
’s value must be a filter expression:
searchRules
object.
A token may contain rules for any number of indexes. Specific rulesets take precedence and overwrite *
rules.
medical_records
documents whose user_id
equals 1
:
medical_records
documents whose user_id
equals 1
and whose published
field equals true
:
medical_records
:
medical
. This includes indexes such as medical_records
and medical_patents
:
user_id = 1
for all indexes, except one. When querying medical_records
, the user will only have access to published documents:
null
: