Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/owasp/nest/llms.txt

Use this file to discover all available pages before exploring further.

OWASP Nest uses Algolia to power fast, full-text search across all major content types. Search is available on the Projects, Chapters, and Contribute pages, and is also accessible via the REST API.

How search works

The backend indexes OWASP data into Algolia on a scheduled basis. Each content type has its own Algolia index:
IndexContent
projectsOWASP projects with names, summaries, tags, levels, and GitHub statistics
chaptersOWASP chapters with names, summaries, countries, and geographic coordinates
issuesOpen GitHub issues with titles, summaries, labels, and project references
The Next.js frontend queries these indices directly using the Algolia search client, using the useSearchPage hook to manage queries, pagination, and sorting state.

Searching from the UI

Each list page (Projects, Chapters, Contribute) has a search bar that triggers a live Algolia query as you type. Results update instantly without a full page reload. On the Projects page you can:
  • Search by project name, keywords in the description, or topic tags.
  • Sort by relevance, stars, forks, contributors, or activity.
  • Filter to show only projects with a specific activity level.
On the Chapters page you can:
  • Search by chapter name or description keywords.
  • Filter by country using the country dropdown, which applies an Algolia facet filter on the idx_country attribute.
  • Sort by name or recent activity.
On the Contribute page you can:
  • Search by issue title, description, label names, or project name.
  • Results include issues from all active OWASP projects.

Search proxy endpoint

The frontend does not query Algolia directly. Instead, it sends POST requests to the backend’s /idx/ endpoint (configured via NEXT_PUBLIC_IDX_URL). The backend proxies these requests to Algolia server-side, so no Algolia API key is needed in the frontend. The request body format used by the fetchAlgoliaData utility in src/server/fetchAlgoliaData.ts: 
{
  "indexName": "projects",
  "query": "zap",
  "page": 0,
  "hitsPerPage": 25,
  "facetFilters": ["idx_is_active:true"]
}
The response includes hits (array of matching records) and nbPages (total page count).
This /idx/ proxy is separate from the public REST API at /api/v0/. It is used exclusively by the Nest frontend and is not part of the public API surface.

Facets and filters

Algolia facet filtering is used for structured filtering that goes beyond text matching:
  • Country filter on the Chapters page uses idx_country as a facet attribute.
  • Level filter on the Projects page can filter by idx_level (Flagship, Production, Lab, Incubator).
Facet values are fetched via GraphQL (GetChapterCountriesDocument) so that the UI can populate filter dropdowns with only the values that exist in the current data set.

Algolia configuration

Search requires Algolia credentials in the backend environment. The frontend does not require separate Algolia credentials because all Algolia queries are proxied through the backend. 
DJANGO_ALGOLIA_APPLICATION_ID=<your-algolia-app-id>
DJANGO_ALGOLIA_WRITE_API_KEY=<your-algolia-write-api-key>
The frontend only needs the idx proxy URL: 
NEXT_PUBLIC_IDX_URL=http://localhost:8000/idx/
During local development, you need your own free Algolia account with an app and indices set up. Follow the local setup guide for step-by-step instructions on configuring Algolia for development.