Process requests from certain domain especially for js

[doguhan]

It is not directly possible to set domain restrictions on API keys in MeiliSearch. Can you provide this

[macraig]

Hi @doguhan, would you mind expanding on your needs?

We could potentially provide this by adding fields in the tenant token/API Key and checking, on the engine side, that the referer HTTP header only accepts legit requests. However, as the MDN website explains, this header can be easily faked.