Merge #3182

3182: Bump the other milli r=curquiza a=Kerollmops This PR bumps the other import of milli in the TOML. Co-authored-by: Clément Renault <clement@meilisearch.com>
Bump the other milli
2025-07-17 20:00:58 +00:00 · 2022-12-01 17:51:39 +00:00 · 2022-12-01 18:16:55 +01:00 · 2022-12-01 15:47:45 +00:00 · 2022-12-01 16:43:23 +01:00 · 2022-12-01 16:41:48 +01:00
191 changed files with 21115 additions and 9118 deletions
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@ -23,8 +23,8 @@ A clear and concise description of what you expected to happen.
 **Screenshots**
 If applicable, add screenshots to help explain your problem.

-**MeiliSearch version:** [e.g. v0.20.0]
+**Meilisearch version:** [e.g. v0.20.0]

 **Additional context**
 Additional information that may be relevant to the issue.
-[e.g. architecture, device, OS, browser]
+[e.g. architecture, device, OS, browser]
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@ -1,10 +1,13 @@
 contact_links:
-  - name: Feature request
+  - name: Language support request & feedback
+    url: https://github.com/meilisearch/product/discussions/categories/feedback-feature-proposal?discussions_q=label%3Aproduct%3Acore%3Atokenizer+category%3A%22Feedback+%26+Feature+Proposal%22
+    about:  The requests and feedback regarding Language support are not managed in this repository. Please upvote the related discussion in our dedicated product repository or open a new one if it doesn't exist.
+  - name: Feature request & feedback
    url: https://github.com/meilisearch/product/discussions/categories/feedback-feature-proposal
-    about: The feature requests are not managed in this repository, please open a discussion in our dedicated product repository
+    about: The feature requests and feedback regarding the already existing features are not managed in this repository. Please open a discussion in our dedicated product repository
  - name: Documentation issue
    url: https://github.com/meilisearch/documentation/issues/new
    about: For documentation issues, open an issue or a PR in the documentation repository
  - name: Support questions & other
-    url: https://github.com/meilisearch/MeiliSearch/discussions/new
+    url: https://github.com/meilisearch/meilisearch/discussions/new
    about: For any other question, open a discussion in this repository
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -0,0 +1,13 @@
+# Set update schedule for GitHub Actions only
+
+version: 2
+updates:
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "monthly"
+    labels:
+      - 'skip changelog'
+      - 'dependencies'
+    rebase-strategy: disabled
--- a/.github/release-draft-template.yml
+++ b/.github/release-draft-template.yml
@ -1,13 +0,0 @@
-name-template: 'v$RESOLVED_VERSION'
-tag-template: 'v$RESOLVED_VERSION'
-version-template: '0.21.0-alpha.$PATCH'
-exclude-labels:
-  - 'skip-changelog'
-template: |
-  ## Changes
-
-  $CHANGES
-no-changes-template: 'Changes are coming soon 😎'
-sort-direction: 'ascending'
-version-resolver:
-  default: patch
--- a/.github/scripts/check-release.sh
+++ b/.github/scripts/check-release.sh
@ -0,0 +1,28 @@
+#!/bin/bash
+
+# check_tag $current_tag $file_tag $file_name
+function check_tag {
+  if [[ "$1" != "$2" ]]; then
+      echo "Error: the current tag does not match the version in $3: found $2 - expected $1"
+      ret=1
+  fi
+}
+
+ret=0
+current_tag=${GITHUB_REF#'refs/tags/v'}
+
+toml_files='*/Cargo.toml'
+for toml_file in $toml_files;
+do
+    file_tag="$(grep '^version = ' $toml_file | cut -d '=' -f 2 | tr -d '"' | tr -d ' ')"
+    check_tag $current_tag $file_tag $toml_file
+done
+
+lock_file='Cargo.lock'
+lock_tag=$(grep -A 1 'name = "meilisearch-auth"' $lock_file | grep version | cut -d '=' -f 2 | tr -d '"' | tr -d ' ')
+check_tag $current_tag $lock_tag $lock_file
+
+if [[ "$ret" -eq 0 ]] ; then
+  echo 'OK'
+fi
+exit $ret
--- a/.github/scripts/is-latest-release.sh
+++ b/.github/scripts/is-latest-release.sh
@ -1,14 +1,14 @@
 #!/bin/sh

-# Checks if the current tag should be the latest (in terms of semver and not of release date).
-# Ex: previous tag -> v0.10.1
-#     new tag -> v0.8.12
-#     The new tag should not be the latest
-#     So it returns "false", the CI should not run for the release v0.8.2
-
-# Used in GHA in publish-docker-latest.yml
+# Was used in our CIs to publish the latest docker image. Not used anymore, will be used again when v1 and v2 will be out and we will want to maintain multiple stable versions.
 # Returns "true" or "false" (as a string) to be used in the `if` in GHA

+# Checks if the current tag should be the latest (in terms of semver and not of release date).
+# Ex: previous tag -> v2.1.1
+#     new tag -> v1.20.3
+#     The new tag (v1.20.3) should NOT be the latest
+#     So it returns "false", the `latest` tag should not be updated for the release v1.20.3 and still need to correspond to v2.1.1
+
 # GLOBAL
 GREP_SEMVER_REGEXP='v\([0-9]*\)[.]\([0-9]*\)[.]\([0-9]*\)$' # i.e. v[number].[number].[number]

@ -74,7 +74,7 @@ semverLT() {
 # Returns the tag of the latest stable release (in terms of semver and not of release date)
 get_latest() {
    temp_file='temp_file' # temp_file needed because the grep would start before the download is over
-    curl -s 'https://api.github.com/repos/meilisearch/MeiliSearch/releases' > "$temp_file"
+    curl -s 'https://api.github.com/repos/meilisearch/meilisearch/releases' > "$temp_file"
    releases=$(cat "$temp_file" | \
        grep -E "tag_name|draft|prerelease" \
        | tr -d ',"' | cut -d ':' -f2 | tr -d ' ')
--- a/.github/workflows/README.md
+++ b/.github/workflows/README.md
@ -1,20 +0,0 @@
-# GitHub Actions Workflow for MeiliSearch
-
-> **Note:**
-
-> - We do not use [cache](https://github.com/actions/cache) yet but we could use it to speed up CI
-
-## Workflow
-
- On each pull request, we trigger `cargo test`.
- On each tag, we build:
-    - the tagged Docker image and publish it to Docker Hub
-    - the binaries for MacOS, Ubuntu, and Windows
-    - the Debian package
- On each stable release (`v*.*.*` tag):
-    - we build the `latest` Docker image and publish it to Docker Hub
-    - we publish the binary to Hombrew and Gemfury
-
-## Problems
-
- We do not test on Windows because we are unable to make it work, there is a disk space problem.
--- a/.github/workflows/coverage.yml
+++ b/.github/workflows/coverage.yml
@ -8,7 +8,7 @@ jobs:
  nightly-coverage:
    runs-on: ubuntu-18.04
    steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
      - uses: actions-rs/toolchain@v1
        with:
          toolchain: nightly
@ -25,7 +25,7 @@ jobs:
          RUSTFLAGS: "-Zprofile -Ccodegen-units=1 -Cinline-threshold=0 -Clink-dead-code -Coverflow-checks=off -Cpanic=unwind -Zpanic_abort_tests"
      - uses: actions-rs/grcov@v0.1
      - name: Upload coverage to Codecov
-        uses: codecov/codecov-action@v1
+        uses: codecov/codecov-action@v3
        with:
          token: ${{ secrets.CODECOV_TOKEN }}
          file: ${{ steps.coverage.outputs.report }}
--- a/.github/workflows/create-issue-dependencies.yml
+++ b/.github/workflows/create-issue-dependencies.yml
@ -0,0 +1,23 @@
+name: Create issue to upgrade dependencies
+on:
+  schedule:
+    - cron: '0 0 1 */3 *'
+  workflow_dispatch:
+  
+jobs:
+  create-issue:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - name: Create an issue
+      uses: actions-ecosystem/action-create-issue@v1
+      with:
+        github_token: ${{ secrets.GITHUB_TOKEN }}
+        title: Upgrade dependencies
+        body: |
+          We need to update the dependencies of the Meilisearch repository, and, if possible, the dependencies of all the core-team repositories that Meilisearch depends on (milli, charabia, heed...).
+
+          ⚠️ This issue should only be done at the beginning of the sprint!     
+        labels: |
+          dependencies
+          maintenance
--- a/.github/workflows/flaky.yml
+++ b/.github/workflows/flaky.yml
@ -8,7 +8,7 @@ jobs:
    runs-on: ubuntu-18.04

    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
    - name: Install cargo-flaky
      run: cargo install cargo-flaky
    - name: Run cargo flaky 100 times
--- a/.github/workflows/publish-binaries.yml
+++ b/.github/workflows/publish-binaries.yml
@ -5,10 +5,35 @@ on:
 name: Publish binaries to release

 jobs:
+  check-version:
+    name: Check the version validity
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      # Check if the tag has the v<nmumber>.<number>.<number> format.
+      # If yes, it means we are publishing an official release.
+      # If no, we are releasing a RC, so no need to check the version.
+      - name: Check tag format
+        if: github.event_name != 'schedule'
+        id: check-tag-format
+        run: |
+          escaped_tag=$(printf "%q" ${{ github.ref_name }})
+
+          if [[ $escaped_tag =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+            echo ::set-output name=stable::true
+          else
+            echo ::set-output name=stable::false
+          fi
+      - name: Check release validity
+        if: steps.check-tag-format.outputs.stable == 'true'
+        run: bash .github/scripts/check-release.sh
+
  publish:
-    name: Publish for ${{ matrix.os }}
+    name: Publish binary for ${{ matrix.os }}
    runs-on: ${{ matrix.os }}
+    needs: check-version
    strategy:
+      fail-fast: false
      matrix:
        os: [ubuntu-18.04, macos-latest, windows-latest]
        include:
@ -26,7 +51,7 @@ jobs:
    - uses: hecrj/setup-rust-action@master
      with:
        rust-version: stable
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
    - name: Build
      run: cargo build --release --locked
    - name: Upload binaries to release
@ -37,28 +62,70 @@ jobs:
        asset_name: ${{ matrix.asset_name }}
        tag: ${{ github.ref }}

-  publish-armv8:
-    name: Publish for ARMv8
-    runs-on: ubuntu-18.04
+  publish-aarch64:
+    name: Publish binary for aarch64
+    runs-on: ${{ matrix.os }}
+    needs: check-version
+    continue-on-error: false
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - build: aarch64
+            os: ubuntu-18.04
+            target: aarch64-unknown-linux-gnu
+            linker: gcc-aarch64-linux-gnu
+            use-cross: true
+            asset_name: meilisearch-linux-aarch64
+
    steps:
-      - uses: actions/checkout@v2
-      - uses: uraimo/run-on-arch-action@v2.1.1
-        id: runcmd
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Installing Rust toolchain
+        uses: actions-rs/toolchain@v1
        with:
-          arch: aarch64 # aka ARMv8
-          distro: ubuntu18.04
-          env: |
-            JEMALLOC_SYS_WITH_LG_PAGE: 16
-          run: |
-            apt update
-            apt install -y curl gcc make
-            curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile minimal --default-toolchain stable
-            source $HOME/.cargo/env
-            cargo build --release --locked
+          toolchain: stable
+          profile: minimal
+          target: ${{ matrix.target }}
+          override: true
+
+      - name: APT update
+        run: |
+          sudo apt update
+
+      - name: Install target specific tools
+        if: matrix.use-cross
+        run: |
+          sudo apt-get install -y ${{ matrix.linker }}
+
+      - name: Configure target aarch64 GNU
+        if: matrix.target == 'aarch64-unknown-linux-gnu'
+        ## Environment variable is not passed using env:
+        ## LD gold won't work with MUSL
+        # env:
+        #   JEMALLOC_SYS_WITH_LG_PAGE: 16
+        #   RUSTFLAGS: '-Clink-arg=-fuse-ld=gold'
+        run: |
+          echo '[target.aarch64-unknown-linux-gnu]' >> ~/.cargo/config
+          echo 'linker = "aarch64-linux-gnu-gcc"' >> ~/.cargo/config
+          echo 'JEMALLOC_SYS_WITH_LG_PAGE=16' >> $GITHUB_ENV
+          echo RUSTFLAGS="-Clink-arg=-fuse-ld=gold" >> $GITHUB_ENV
+
+      - name: Cargo build
+        uses: actions-rs/cargo@v1
+        with:
+          command: build
+          use-cross: ${{ matrix.use-cross }}
+          args: --release --target ${{ matrix.target }}
+
+      - name: List target output files
+        run: ls -lR ./target
+
      - name: Upload the binary to release
        uses: svenstaro/upload-release-action@v1-release
        with:
          repo_token: ${{ secrets.PUBLISH_TOKEN }}
-          file: target/release/meilisearch
-          asset_name: meilisearch-linux-armv8
+          file: target/${{ matrix.target }}/release/meilisearch
+          asset_name: ${{ matrix.asset_name }}
          tag: ${{ github.ref }}
--- a/.github/workflows/publish-crossbuild.yml
+++ b/.github/workflows/publish-crossbuild.yml
@ -1,76 +0,0 @@
-name: Publish aarch64 binary
-
-on:
-  release:
-    types: [published]
-
-env:
-  CARGO_TERM_COLOR: always
-
-jobs:
-  publish-aarch64:
-    name: Publish to Github
-    runs-on: ${{ matrix.os }}
-    continue-on-error: false
-    strategy:
-      fail-fast: false
-      matrix:
-        include:
-          - build: aarch64
-            os: ubuntu-18.04
-            target: aarch64-unknown-linux-gnu
-            linker: gcc-aarch64-linux-gnu
-            use-cross: true
-            asset_name: meilisearch-linux-aarch64
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v2
-
-      - name: Installing Rust toolchain
-        uses: actions-rs/toolchain@v1
-        with:
-          toolchain: stable
-          profile: minimal
-          target: ${{ matrix.target }}
-          override: true
-
-      - name: APT update
-        run: |
-          sudo apt update
-
-      - name: Install target specific tools
-        if: matrix.use-cross
-        run: |
-          sudo apt-get install -y ${{ matrix.linker }}
-
-      - name: Configure target aarch64 GNU
-        if: matrix.target == 'aarch64-unknown-linux-gnu'
-        ## Environment variable is not passed using env:
-        ## LD gold won't work with MUSL
-        # env:
-        #   JEMALLOC_SYS_WITH_LG_PAGE: 16
-        #   RUSTFLAGS: '-Clink-arg=-fuse-ld=gold'
-        run: |
-          echo '[target.aarch64-unknown-linux-gnu]' >> ~/.cargo/config
-          echo 'linker = "aarch64-linux-gnu-gcc"' >> ~/.cargo/config
-          echo 'JEMALLOC_SYS_WITH_LG_PAGE=16' >> $GITHUB_ENV
-          echo RUSTFLAGS="-Clink-arg=-fuse-ld=gold" >> $GITHUB_ENV
-
-      - name: Cargo build
-        uses: actions-rs/cargo@v1
-        with:
-          command: build
-          use-cross: ${{ matrix.use-cross }}
-          args: --release --target ${{ matrix.target }}
-
-      - name: List target output files
-        run: ls -lR ./target
-
-      - name: Upload the binary to release
-        uses: svenstaro/upload-release-action@v1-release
-        with:
-          repo_token: ${{ secrets.PUBLISH_TOKEN }}
-          file: target/${{ matrix.target }}/release/meilisearch
-          asset_name: ${{ matrix.asset_name }}
-          tag: ${{ github.ref }}
--- a/.github/workflows/publish-deb-brew-pkg.yml
+++ b/.github/workflows/publish-deb-brew-pkg.yml
@ -5,16 +5,25 @@ on:
    types: [released]

 jobs:
+  check-version:
+    name: Check the version validity
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Check release validity
+        run: bash .github/scripts/check-release.sh
+
  debian:
    name: Publish debian packagge
    runs-on: ubuntu-18.04
+    needs: check-version
    steps:
    - uses: hecrj/setup-rust-action@master
      with:
        rust-version: stable
    - name: Install cargo-deb
      run: cargo install cargo-deb
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
    - name: Build deb package
      run: cargo deb -p meilisearch-http -o target/debian/meilisearch.deb
    - name: Upload debian pkg to release
@ -30,6 +39,7 @@ jobs:
  homebrew:
    name: Bump Homebrew formula
    runs-on: ubuntu-18.04
+    needs: check-version
    steps:
      - name: Create PR to Homebrew
        uses: mislav/bump-homebrew-formula-action@v1
--- a/.github/workflows/publish-docker-images.yml
+++ b/.github/workflows/publish-docker-images.yml
@ -0,0 +1,71 @@
+---
+on:
+  schedule:
+    - cron: '0 4 * * *' # Every day at 4:00am
+  push:
+    tags:
+      - '*'
+
+name: Publish tagged images to Docker Hub
+
+jobs:
+  docker:
+    runs-on: docker
+    steps:
+      - uses: actions/checkout@v2
+
+      # Check if the tag has the v<nmumber>.<number>.<number> format. If yes, it means we are publishing an official release.
+      # In this situation, we need to set `output.stable` to create/update the following tags (additionally to the `vX.Y.Z` Docker tag):
+      # - a `vX.Y` (without patch version) Docker tag
+      # - a `latest` Docker tag
+      - name: Check tag format
+        if: github.event_name != 'schedule'
+        id: check-tag-format
+        run: |
+          escaped_tag=$(printf "%q" ${{ github.ref_name }})
+
+          if [[ $escaped_tag =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+            echo ::set-output name=stable::true
+          else
+            echo ::set-output name=stable::false
+          fi
+
+      # Check only the validity of the tag for official releases (not for pre-releases or other tags)
+      - name: Check release validity
+        if: github.event_name != 'schedule' && steps.check-tag-format.outputs.stable == 'true'
+        run: bash .github/scripts/check-release.sh
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Login to Docker Hub
+        if: github.event_name != 'schedule'
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: getmeili/meilisearch
+          # The lastest and `vX.Y` tags are only pushed for the official Meilisearch releases
+          # See https://github.com/docker/metadata-action#latest-tag
+          flavor: latest=false
+          tags: |
+            type=ref,event=tag
+            type=semver,pattern=v{{major}}.{{minor}},enable=${{ steps.check-tag-format.outputs.stable == 'true' }}
+            type=raw,value=latest,enable=${{ steps.check-tag-format.outputs.stable == 'true' }}
+
+      - name: Build and push
+        id: docker_build
+        uses: docker/build-push-action@v3
+        with:
+          # We do not push tags for the cron jobs, this is only for test purposes
+          push: ${{ github.event_name != 'schedule' }}
+          platforms: linux/amd64,linux/arm64
+          tags: ${{ steps.meta.outputs.tags }}
--- a/.github/workflows/publish-docker-latest.yml
+++ b/.github/workflows/publish-docker-latest.yml
@ -1,22 +0,0 @@
---
-on:
-  release:
-    types: [released]
-
-name: Publish latest image to Docker Hub
-
-jobs:
-  build:
-    runs-on: ubuntu-18.04
-    steps:
-      - uses: actions/checkout@v2
-      - name: Check if current release is latest
-        run: echo "##[set-output name=is_latest;]$(sh .github/is-latest-release.sh)"
-        id: release
-      - name: Publish to Registry
-        if: steps.release.outputs.is_latest == 'true'
-        uses: elgohr/Publish-Docker-Github-Action@master
-        with:
-          name: getmeili/meilisearch
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
--- a/.github/workflows/publish-docker-tag.yml
+++ b/.github/workflows/publish-docker-tag.yml
@ -1,22 +0,0 @@
---
-on:
-  push:
-    tags:
-      - '*'
-
-name: Publish tagged image to Docker Hub
-
-jobs:
-  build:
-    runs-on: ubuntu-18.04
-    steps:
-      - uses: actions/checkout@v2
-      - name: Publish to Registry
-        uses: elgohr/Publish-Docker-Github-Action@master
-        env:
-          COMMIT_SHA: ${{ github.sha }}
-        with:
-          name: getmeili/meilisearch
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
-          tag_names: true
--- a/.github/workflows/release-drafter.yml
+++ b/.github/workflows/release-drafter.yml
@ -1,16 +0,0 @@
-name: Release Drafter
-
-on:
-  push:
-    branches:
-      - main
-
-jobs:
-  update_release_draft:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: release-drafter/release-drafter@v5
-        with:
-          config-name: release-draft-template.yml
-        env:
-          GITHUB_TOKEN: ${{ secrets.RELEASE_DRAFTER_TOKEN }}
--- a/.github/workflows/rust.yml
+++ b/.github/workflows/rust.yml
@ -11,6 +11,8 @@ on:

 env:
  CARGO_TERM_COLOR: always
+  RUST_BACKTRACE: 1
+  RUSTFLAGS: "-D warnings"

 jobs:
  tests:
@ -21,9 +23,9 @@ jobs:
      matrix:
        os: [ubuntu-18.04, macos-latest, windows-latest]
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
    - name: Cache dependencies
-      uses: Swatinem/rust-cache@v1.3.0
+      uses: Swatinem/rust-cache@v2.0.0
    - name: Run cargo check without any default features
      uses: actions-rs/cargo@v1
      with:
@ -35,11 +37,30 @@ jobs:
        command: test
        args: --locked --release

+  # We run tests in debug also, to make sure that the debug_assertions are hit
+  test-debug:
+    name: Run tests in debug
+    runs-on: ubuntu-18.04
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions-rs/toolchain@v1
+        with:
+          profile: minimal
+          toolchain: stable
+          override: true
+      - name: Cache dependencies
+        uses: Swatinem/rust-cache@v2.0.0
+      - name: Run tests in debug
+        uses: actions-rs/cargo@v1
+        with:
+          command: test
+          args: --locked
+
  clippy:
    name: Run Clippy
    runs-on: ubuntu-18.04
    steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
      - uses: actions-rs/toolchain@v1
        with:
          profile: minimal
@ -47,7 +68,7 @@ jobs:
          override: true
          components: clippy
      - name: Cache dependencies
-        uses: Swatinem/rust-cache@v1.3.0
+        uses: Swatinem/rust-cache@v2.0.0
      - name: Run cargo clippy
        uses: actions-rs/cargo@v1
        with:
@ -58,14 +79,14 @@ jobs:
    name: Run Rustfmt
    runs-on: ubuntu-18.04
    steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
      - uses: actions-rs/toolchain@v1
        with:
          profile: minimal
-          toolchain: nightly
+          toolchain: stable
          override: true
          components: rustfmt
      - name: Cache dependencies
-        uses: Swatinem/rust-cache@v1.3.0
+        uses: Swatinem/rust-cache@v2.0.0
      - name: Run cargo fmt
        run: cargo fmt --all -- --check
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -1,28 +1,26 @@
 # Contributing

-First, thank you for contributing to MeiliSearch! The goal of this document is to provide everything you need to start contributing to MeiliSearch.
+First, thank you for contributing to Meilisearch! The goal of this document is to provide everything you need to start contributing to Meilisearch.
+
+Remember that there are many ways to contribute other than writing code: writing [tutorials or blog posts](https://github.com/meilisearch/awesome-meilisearch), improving [the documentation](https://github.com/meilisearch/documentation), submitting [bug reports](https://github.com/meilisearch/meilisearch/issues/new?assignees=&labels=&template=bug_report.md&title=) and [feature requests](https://github.com/meilisearch/product/discussions/categories/feedback-feature-proposal)...
+
+The code in this repository is only concerned with managing multiple indexes, handling the update store, and exposing an HTTP API. Search and indexation are the domain of our core engine, [`milli`](https://github.com/meilisearch/milli), while tokenization is handled by [our `charabia` library](https://github.com/meilisearch/charabia/).
+
+If Meilisearch does not offer optimized support for your language, please consider contributing to `charabia` by following the [CONTRIBUTING.md file](https://github.com/meilisearch/charabia/blob/main/CONTRIBUTING.md) and integrating your intended normalizer/segmenter.
+
+## Table of Contents

- [Hacktoberfest](#hacktoberfest)
 - [Assumptions](#assumptions)
 - [How to Contribute](#how-to-contribute)
 - [Development Workflow](#development-workflow)
 - [Git Guidelines](#git-guidelines)
-
-## Hacktoberfest
-
-It's [Hacktoberfest month](https://blog.meilisearch.com/contribute-hacktoberfest-2021/)! 🥳
-
-🚀 If your PR gets accepted it will count into your participation to Hacktoberfest!
-
-✅ To be accepted it has either to have been merged, approved or tagged with the `hacktoberfest-accepted` label.
-
-🧐 Don't forget to check the [quality standards](https://hacktoberfest.digitalocean.com/resources/qualitystandards)! Low-quality PRs might get marked as `spam` or `invalid`, and will not count toward your participation in Hacktoberfest.
+- [Release Process (for internal team only)](#release-process-for-internal-team-only)

 ## Assumptions

-1. **You're familiar with [Github](https://github.com) and the [Pull Requests](https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/about-pull-requests)(PR) workflow.**
-2. **You've read the MeiliSearch [documentation](https://docs.meilisearch.com).**
-3. **You know about the [MeiliSearch community](https://docs.meilisearch.com/learn/what_is_meilisearch/contact.html).
+1. **You're familiar with [GitHub](https://github.com) and the [Pull Requests](https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/about-pull-requests)(PR) workflow.**
+2. **You've read the Meilisearch [documentation](https://docs.meilisearch.com).**
+3. **You know about the [Meilisearch community](https://docs.meilisearch.com/learn/what_is_meilisearch/contact.html).
   Please use this for help.**

 ## How to Contribute
@ -30,21 +28,21 @@ It's [Hacktoberfest month](https://blog.meilisearch.com/contribute-hacktoberfest
 1. Ensure your change has an issue! Find an
   [existing issue](https://github.com/meilisearch/meilisearch/issues/) or [open a new issue](https://github.com/meilisearch/meilisearch/issues/new).
   * This is where you can get a feel if the change will be accepted or not.
-2. Once approved, [fork the MeiliSearch repository](https://help.github.com/en/github/getting-started-with-github/fork-a-repo) in your own Github account.
+2. Once approved, [fork the Meilisearch repository](https://help.github.com/en/github/getting-started-with-github/fork-a-repo) in your own GitHub account.
 3. [Create a new Git branch](https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/creating-and-deleting-branches-within-your-repository)
 4. Review the [Development Workflow](#development-workflow) section that describes the steps to maintain the repository.
 5. Make your changes on your branch.
-6. [Submit the branch as a Pull Request](https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/creating-a-pull-request-from-a-fork) pointing to the `main` branch of the MeiliSearch repository. A maintainer should comment and/or review your Pull Request within a few days. Although depending on the circumstances, it may take longer.
+6. [Submit the branch as a Pull Request](https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/creating-a-pull-request-from-a-fork) pointing to the `main` branch of the Meilisearch repository. A maintainer should comment and/or review your Pull Request within a few days. Although depending on the circumstances, it may take longer.

 ## Development Workflow

-### Setup and run MeiliSearch
+### Setup and run Meilisearch

 ```bash
 cargo run --release
 ```

-We recommend using the `--release` flag to test the full performance of MeiliSearch.
+We recommend using the `--release` flag to test the full performance of Meilisearch.

 ### Test

@ -52,6 +50,8 @@ We recommend using the `--release` flag to test the full performance of MeiliSea
 cargo test
 ```

+This command will be triggered to each PR as a requirement for merging it.
+
 If you get a "Too many open files" error you might want to increase the open file limit using this command:

 ```bash
@ -76,7 +76,7 @@ As minimal requirements, your commit message should:

 We don't follow any other convention, but if you want to use one, we recommend [the Chris Beams one](https://chris.beams.io/posts/git-commit/).

-### Github Pull Requests
+### GitHub Pull Requests

 Some notes on GitHub PRs:

@ -86,6 +86,29 @@ Some notes on GitHub PRs:
  The draft PRs are recommended when you want to show that you are working on something and make your work visible.
 - The branch related to the PR must be **up-to-date with `main`** before merging. Fortunately, this project uses [Bors](https://github.com/bors-ng/bors-ng) to automatically enforce this requirement without the PR author having to rebase manually.

+## Release Process (for internal team only)
+
+Meilisearch tools follow the [Semantic Versioning Convention](https://semver.org/).
+
+### Automation to rebase and Merge the PRs
+
+This project integrates a bot that helps us manage pull requests merging.<br>
+_[Read more about this](https://github.com/meilisearch/integration-guides/blob/main/resources/bors.md)._
+
+### How to Publish a new Release
+
+The full Meilisearch release process is described in [this guide](https://github.com/meilisearch/core-team/blob/main/resources/meilisearch-release.md). Please follow it carefully before doing any release.
+
+### Release assets
+
+For each release, the following assets are created:
+- Binaries for differents platforms (Linux, MacOS, Windows and ARM architectures) are attached to the GitHub release
+- Binaries are pushed to HomeBrew and APT (not published for RC)
+- Docker tags are created/updated:
+  - `vX.Y.Z`
+  - `vX.Y` (not published for RC)
+  - `latest` (not published for RC)
+
 <hr>

 Thank you again for reading this through, we can not wait to begin to work with you if you made your way through this contributing guide ❤️
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/Cargo.toml
+++ b/Cargo.toml
@ -1,10 +1,18 @@
 [workspace]
+resolver = "2"
 members = [
    "meilisearch-http",
-    "meilisearch-error",
+    "meilisearch-types",
    "meilisearch-lib",
+    "meilisearch-auth",
+    "permissive-json-pointer",
 ]
-resolver = "2"

-[patch.crates-io]
-pest = { git = "https://github.com/pest-parser/pest.git", rev = "51fd1d49f1041f7839975664ef71fe15c7dcaf67" }
+[profile.release]
+codegen-units = 1
+
+[profile.dev.package.flate2]
+opt-level = 3
+
+[profile.dev.package.milli]
+opt-level = 3
--- a/58
+++ b/58
@ -1,54 +1,46 @@
 # Compile
-FROM    alpine:3.14 AS compiler
+FROM    rust:alpine3.16 AS compiler

-RUN     apk update --quiet \
-        && apk add -q --no-cache curl build-base
-
-RUN     curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
+RUN     apk add -q --update-cache --no-cache build-base openssl-dev

 WORKDIR /meilisearch

-COPY    Cargo.lock .
-COPY    Cargo.toml .
-
-COPY    meilisearch-error/Cargo.toml meilisearch-error/
-COPY    meilisearch-http/Cargo.toml meilisearch-http/
-COPY    meilisearch-lib/Cargo.toml meilisearch-lib/
-
-ENV     RUSTFLAGS="-C target-feature=-crt-static"
-
-# Create dummy main.rs files for each workspace member to be able to compile all the dependencies
-RUN     find . -type d -name "meilisearch-*" | xargs -I{} sh -c 'mkdir {}/src; echo "fn main() { }" > {}/src/main.rs;'
-# Use `cargo build` instead of `cargo vendor` because we need to not only download but compile dependencies too
-RUN     $HOME/.cargo/bin/cargo build --release
-# Cleanup dummy main.rs files
-RUN     find . -path "*/src/main.rs" -delete
-
 ARG     COMMIT_SHA
 ARG     COMMIT_DATE
 ENV     COMMIT_SHA=${COMMIT_SHA} COMMIT_DATE=${COMMIT_DATE}
+ENV     RUSTFLAGS="-C target-feature=-crt-static"

 COPY    . .
-RUN     $HOME/.cargo/bin/cargo build --release
+RUN     set -eux; \
+        apkArch="$(apk --print-arch)"; \
+        if [ "$apkArch" = "aarch64" ]; then \
+            export JEMALLOC_SYS_WITH_LG_PAGE=16; \
+        fi && \
+        cargo build --release

 # Run
-FROM    alpine:3.14
+FROM    alpine:3.16

-ARG     USER=meili
-ENV     HOME /home/${USER}
 ENV     MEILI_HTTP_ADDR 0.0.0.0:7700
 ENV     MEILI_SERVER_PROVIDER docker

-# download runtime deps as root and create ${USER}
 RUN     apk update --quiet \
-        && apk add -q --no-cache libgcc tini curl \
-        && adduser -D ${USER}
-WORKDIR ${HOME}
-USER    ${USER}
-# copy file as ${USER} to ${HOME}
-COPY    --from=compiler /meilisearch/target/release/meilisearch .
+        && apk add -q --no-cache libgcc tini curl
+
+# add meilisearch to the `/bin` so you can run it from anywhere and it's easy
+# to find.
+COPY    --from=compiler /meilisearch/target/release/meilisearch /bin/meilisearch
+# To stay compatible with the older version of the container (pre v0.27.0) we're
+# going to symlink the meilisearch binary in the path to `/meilisearch`
+RUN     ln -s /bin/meilisearch /meilisearch
+
+# This directory should hold all the data related to meilisearch so we're going
+# to move our PWD in there.
+# We don't want to put the meilisearch binary
+WORKDIR /meili_data
+

 EXPOSE  7700/tcp

 ENTRYPOINT ["tini", "--"]
-CMD     ./meilisearch
+CMD     /bin/meilisearch
--- a/2
+++ b/2
@ -1,6 +1,6 @@
 MIT License

-Copyright (c) 2019-2021 Meili SAS
+Copyright (c) 2019-2022 Meili SAS

 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
--- a/README.md
+++ b/README.md
@ -1,205 +1,103 @@
 <p align="center">
-  <img src="assets/logo.svg" alt="MeiliSearch" width="200" height="200" />
+  <img src="assets/meilisearch-logo-light.svg?sanitize=true#gh-light-mode-only">
+  <img src="assets/meilisearch-logo-dark.svg?sanitize=true#gh-dark-mode-only">
 </p>

-<h1 align="center">MeiliSearch</h1>
-
 <h4 align="center">
  <a href="https://www.meilisearch.com">Website</a> |
  <a href="https://roadmap.meilisearch.com/tabs/1-under-consideration">Roadmap</a> |
  <a href="https://blog.meilisearch.com">Blog</a> |
-  <a href="https://fr.linkedin.com/company/meilisearch">LinkedIn</a> |
-  <a href="https://twitter.com/meilisearch">Twitter</a> |
  <a href="https://docs.meilisearch.com">Documentation</a> |
-  <a href="https://docs.meilisearch.com/faq/">FAQ</a>
+  <a href="https://docs.meilisearch.com/faq/">FAQ</a> |
+  <a href="https://slack.meilisearch.com">Slack</a>
 </h4>

 <p align="center">
-  <a href="https://github.com/meilisearch/MeiliSearch/actions"><img src="https://github.com/meilisearch/MeiliSearch/workflows/Cargo%20test/badge.svg" alt="Build Status"></a>
-  <a href="https://deps.rs/repo/github/meilisearch/MeiliSearch"><img src="https://deps.rs/repo/github/meilisearch/MeiliSearch/status.svg" alt="Dependency status"></a>
-  <a href="https://github.com/meilisearch/MeiliSearch/blob/main/LICENSE"><img src="https://img.shields.io/badge/license-MIT-informational" alt="License"></a>
-  <a href="https://slack.meilisearch.com"><img src="https://img.shields.io/badge/slack-MeiliSearch-blue.svg?logo=slack" alt="Slack"></a>
-  <a href="https://github.com/meilisearch/MeiliSearch/discussions" alt="Discussions"><img src="https://img.shields.io/badge/github-discussions-red" /></a>
+  <a href="https://github.com/meilisearch/meilisearch/actions"><img src="https://github.com/meilisearch/meilisearch/workflows/Cargo%20test/badge.svg" alt="Build Status"></a>
+  <a href="https://deps.rs/repo/github/meilisearch/meilisearch"><img src="https://deps.rs/repo/github/meilisearch/meilisearch/status.svg" alt="Dependency status"></a>
+  <a href="https://github.com/meilisearch/meilisearch/blob/main/LICENSE"><img src="https://img.shields.io/badge/license-MIT-informational" alt="License"></a>
  <a href="https://app.bors.tech/repositories/26457"><img src="https://bors.tech/images/badge_small.svg" alt="Bors enabled"></a>
 </p>

-<p align="center">⚡ Lightning Fast, Ultra Relevant, and Typo-Tolerant Search Engine 🔍</p>
+<p align="center">⚡ A lightning-fast search engine that fits effortlessly into your apps, websites, and workflow 🔍</p>

-**MeiliSearch** is a powerful, fast, open-source, easy to use and deploy search engine. Both searching and indexing are highly customizable. Features such as typo-tolerance, filters, and synonyms are provided out-of-the-box.
-For more information about features go to [our documentation](https://docs.meilisearch.com/).
+Meilisearch helps you shape a delightful search experience in a snap, offering features that work out-of-the-box to speed up your workflow.

-<p align="center">
-  <img src="assets/trumen-fast.gif" alt="Web interface gif" />
+<p align="center" name="demo">
+  <a href="https://where2watch.meilisearch.com/#gh-light-mode-only" target="_blank">
+    <img src="assets/demo-light.gif#gh-light-mode-only" alt="A bright colored application for finding movies screening near the user">
+  </a>
+  <a href="https://where2watch.meilisearch.com/#gh-dark-mode-only" target="_blank">
+    <img src="assets/demo-dark.gif#gh-dark-mode-only" alt="A dark colored application for finding movies screening near the user">
+  </a>
 </p>

+🔥 [**Try it!**](https://where2watch.meilisearch.com/) 🔥
+
 ## ✨ Features
-* Search-as-you-type experience (answers < 50 milliseconds)
-* Full-text search
-* Typo tolerant (understands typos and misspelling)
-* Faceted search and filters
-* Supports hanzi (Chinese characters)
-* Supports synonyms
-* Easy to install, deploy, and maintain
-* Whole documents are returned
-* Highly customizable
-* RESTful API

-## Getting started
+- **Search-as-you-type:** find search results in less than 50 milliseconds
+- **[Typo tolerance](https://docs.meilisearch.com/learn/getting_started/customizing_relevancy.html#typo-tolerance):** get relevant matches even when queries contain typos and misspellings
+- **[Filtering and faceted search](https://docs.meilisearch.com/learn/advanced/filtering_and_faceted_search.html):** enhance your user's search experience with custom filters and build a faceted search interface in a few lines of code
+- **[Sorting](https://docs.meilisearch.com/learn/advanced/sorting.html):** sort results based on price, date, or pretty much anything else your users need
+- **[Synonym support](https://docs.meilisearch.com/learn/getting_started/customizing_relevancy.html#synonyms):** configure synonyms to include more relevant content in your search results
+- **[Geosearch](https://docs.meilisearch.com/learn/advanced/geosearch.html):** filter and sort documents based on geographic data
+- **[Extensive language support](https://docs.meilisearch.com/learn/what_is_meilisearch/language.html):** search datasets in any language, with optimized support for Chinese, Japanese, Hebrew, and languages using the Latin alphabet
+- **[Security management](https://docs.meilisearch.com/learn/security/master_api_keys.html):** control which users can access what data with API keys that allow fine-grained permissions handling
+- **[Multi-Tenancy](https://docs.meilisearch.com/learn/security/tenant_tokens.html):** personalize search results for any number of application tenants
+- **Highly Customizable:** customize Meilisearch to your specific needs or use our out-of-the-box and hassle-free presets
+- **[RESTful API](https://docs.meilisearch.com/reference/api/overview.html):** integrate Meilisearch in your technical stack with our plugins and SDKs
+- **Easy to install, deploy, and maintain**

-### Deploy the Server
+## 📖 Documentation

-#### Homebrew (Mac OS)
+You can consult Meilisearch's documentation at [https://docs.meilisearch.com](https://docs.meilisearch.com/).

-```bash
-brew update && brew install meilisearch
-meilisearch
-```
+## 🚀 Getting started

-#### Docker
+For basic instructions on how to set up Meilisearch, add documents to an index, and search for documents, take a look at our [Quick Start](https://docs.meilisearch.com/learn/getting_started/quick_start.html) guide.

-```bash
-docker run -p 7700:7700 -v "$(pwd)/data.ms:/data.ms" getmeili/meilisearch
-```
+You may also want to check out [Meilisearch 101](https://docs.meilisearch.com/learn/getting_started/filtering_and_sorting.html) for an introduction to some of Meilisearch's most popular features.

-#### Announcing a cloud-hosted MeiliSearch
+## ☁️ Meilisearch cloud

-Join the closed beta by filling out this [form](https://meilisearch.typeform.com/to/FtnzvZfh).
+Join the closed beta for Meilisearch cloud by filling out [this form](https://meilisearch.typeform.com/to/VI2cI2rv).

-#### Try MeiliSearch in our Sandbox
+## 🧰 SDKs & integration tools

-Create a MeiliSearch instance in [MeiliSearch Sandbox](https://sandbox.meilisearch.com/). This instance is free, and will be active for 48 hours.
+Install one of our SDKs in your project for seamless integration between Meilisearch and your favorite language or framework!

-#### Run on Digital Ocean
+Take a look at the complete [Meilisearch integration list](https://docs.meilisearch.com/learn/what_is_meilisearch/sdks.html).

-[![DigitalOcean Marketplace](assets/do-btn-blue.svg)](https://marketplace.digitalocean.com/apps/meilisearch?action=deploy&refcode=7c67bd97e101)
+![Logos belonging to different languages and frameworks supported by Meilisearch, including React, Ruby on Rails, Go, Rust, and PHP](assets/integrations.png)

-#### Deploy on Platform.sh
+## ⚙️ Advanced usage

-<a href="https://console.platform.sh/projects/create-project?template=https://raw.githubusercontent.com/platformsh/template-builder/master/templates/meilisearch/.platform.template.yaml&utm_content=meilisearch&utm_source=github&utm_medium=button&utm_campaign=deploy_on_platform">
-    <img src="https://platform.sh/images/deploy/lg-blue.svg" alt="Deploy on Platform.sh" width="180px" />
-</a>
+Experienced users will want to keep our [API Reference](https://docs.meilisearch.com/reference/api) close at hand.

-#### APT (Debian & Ubuntu)
+We also offer a wide range of dedicated guides to all Meilisearch features, such as [filtering](https://docs.meilisearch.com/learn/advanced/filtering_and_faceted_search.html), [sorting](https://docs.meilisearch.com/learn/advanced/sorting.html), [geosearch](https://docs.meilisearch.com/learn/advanced/geosearch.html), [API keys](https://docs.meilisearch.com/learn/security/master_api_keys.html), and [tenant tokens](https://docs.meilisearch.com/learn/security/tenant_tokens.html).

-```bash
-echo "deb [trusted=yes] https://apt.fury.io/meilisearch/ /" > /etc/apt/sources.list.d/fury.list
-apt update && apt install meilisearch-http
-meilisearch
-```
+Finally, for more in-depth information, refer to our articles explaining fundamental Meilisearch concepts such as [documents](https://docs.meilisearch.com/learn/core_concepts/documents.html) and [indexes](https://docs.meilisearch.com/learn/core_concepts/indexes.html).

-#### Download the binary (Linux & Mac OS)
+## 📊 Telemetry

-```bash
-curl -L https://install.meilisearch.com | sh
-./meilisearch
-```
+Meilisearch collects **anonymized** data from users to help us improve our product. You can [deactivate this](https://docs.meilisearch.com/learn/what_is_meilisearch/telemetry.html#how-to-disable-data-collection) whenever you want.

-#### Compile and run it from sources
+To request deletion of collected data, please write to us at [privacy@meilisearch.com](mailto:privacy@meilisearch.com). Don't forget to include your `Instance UID` in the message, as this helps us quickly find and delete your data.

-If you have the latest stable Rust toolchain installed on your local system, clone the repository and change it to your working directory.
+If you want to know more about the kind of data we collect and what we use it for, check the [telemetry section](https://docs.meilisearch.com/learn/what_is_meilisearch/telemetry.html) of our documentation.

-```bash
-git clone https://github.com/meilisearch/MeiliSearch.git
-cd MeiliSearch
-cargo run --release
-```
+## 📫 Get in touch!

-### Create an Index and Upload Some Documents
+Meilisearch is a search engine created by [Meili](https://www.welcometothejungle.com/en/companies/meilisearch), a software development company based in France and with team members all over the world. Want to know more about us? [Check out our blog!](https://blog.meilisearch.com/)

-Let's create an index! If you need a sample dataset, use [this movie database](https://www.notion.so/meilisearch/A-movies-dataset-to-test-Meili-1cbf7c9cfa4247249c40edfa22d7ca87#b5ae399b81834705ba5420ac70358a65). You can also find it in the `datasets/` directory.
+🗞 [Subscribe to our newsletter](https://meilisearch.us2.list-manage.com/subscribe?u=27870f7b71c908a8b359599fb&id=79582d828e) if you don't want to miss any updates! We promise we won't clutter your mailbox: we only send one edition every two months.

-```bash
-curl -L 'https://bit.ly/2PAcw9l' -o movies.json
-```
+💌 Want to make a suggestion or give feedback? Here are some of the channels where you can reach us:

-Now, you're ready to index some data.
+- For feature requests, please visit our [product repository](https://github.com/meilisearch/product/discussions)
+- Found a bug? Open an [issue](https://github.com/meilisearch/meilisearch/issues)!
+- Want to be part of our Slack community? [Join us!](https://slack.meilisearch.com/)
+- For everything else, please check [this page listing some of the other places where you can find us](https://docs.meilisearch.com/learn/what_is_meilisearch/contact.html)

-```bash
-curl -i -X POST 'http://127.0.0.1:7700/indexes/movies/documents' \
-  --header 'content-type: application/json' \
-  --data-binary @movies.json
-```
-
-### Search for Documents
-
-#### In command line
-
-The search engine is now aware of your documents and can serve those via an HTTP server.
-
-The [`jq` command-line tool](https://stedolan.github.io/jq/) can greatly help you read the server responses.
-
-```bash
-curl 'http://127.0.0.1:7700/indexes/movies/search?q=botman+robin&limit=2' | jq
-```
-
-```json
-{
-  "hits": [
-    {
-      "id": "415",
-      "title": "Batman & Robin",
-      "poster": "https://image.tmdb.org/t/p/w1280/79AYCcxw3kSKbhGpx1LiqaCAbwo.jpg",
-      "overview": "Along with crime-fighting partner Robin and new recruit Batgirl, Batman battles the dual threat of frosty genius Mr. Freeze and homicidal horticulturalist Poison Ivy. Freeze plans to put Gotham City on ice, while Ivy tries to drive a wedge between the dynamic duo.",
-      "release_date": 866768400
-    },
-    {
-      "id": "411736",
-      "title": "Batman: Return of the Caped Crusaders",
-      "poster": "https://image.tmdb.org/t/p/w1280/GW3IyMW5Xgl0cgCN8wu96IlNpD.jpg",
-      "overview": "Adam West and Burt Ward returns to their iconic roles of Batman and Robin. Featuring the voices of Adam West, Burt Ward, and Julie Newmar, the film sees the superheroes going up against classic villains like The Joker, The Riddler, The Penguin and Catwoman, both in Gotham City… and in space.",
-      "release_date": 1475888400
-    }
-  ],
-  "nbHits": 8,
-  "exhaustiveNbHits": false,
-  "query": "botman robin",
-  "limit": 2,
-  "offset": 0,
-  "processingTimeMs": 2
-}
-```
-
-#### Use the Web Interface
-
-We also deliver an **out-of-the-box [web interface](https://github.com/meilisearch/mini-dashboard)** in which you can test MeiliSearch interactively.
-
-You can access the web interface in your web browser at the root of the server. The default URL is [http://127.0.0.1:7700](http://127.0.0.1:7700). All you need to do is open your web browser and enter MeiliSearch’s address to visit it. This will lead you to a web page with a search bar that will allow you to search in the selected index.
-
-| [See the gif above](#demo)
-
-## Documentation
-
-Now that your MeiliSearch server is up and running, you can learn more about how to tune your search engine in [the documentation](https://docs.meilisearch.com).
-
-## Contributing
-
-Hey! We're glad you're thinking about contributing to MeiliSearch! Feel free to pick an [issue labeled as `good first issue`](https://github.com/meilisearch/MeiliSearch/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22), and to ask any question you need. Some points might not be clear and we are available to help you!
-
-Also, we recommend following the [CONTRIBUTING](./CONTRIBUTING.md) to create your PR.
-
-## Core engine and tokenizer
-
-The code in this repository is only concerned with managing multiple indexes, handling the update store, and exposing an HTTP API.
-
-Search and indexation are the domain of our core engine, [`milli`](https://github.com/meilisearch/milli), while tokenization is handled by [our `tokenizer` library](https://github.com/meilisearch/tokenizer/).
-## Telemetry
-
-MeiliSearch collects anonymous data regarding general usage.
-This helps us better understand developers' usage of MeiliSearch features.
-
-To find out more on what information we're retrieving, please see our documentation on [Telemetry](https://docs.meilisearch.com/learn/what_is_meilisearch/telemetry.html).
-
-This program is optional, you can disable these analytics by using the `MEILI_NO_ANALYTICS` env variable.
-
-## Feature request
-
-The feature requests are not managed in this repository. Please visit our [dedicated repository](https://github.com/meilisearch/product) to see our work about the MeiliSearch product.
-
-If you have a feature request or any feedback about an existing feature, please open [a discussion](https://github.com/meilisearch/product/discussions).
-Also, feel free to participate in the current discussions, we are looking forward to reading your comments.
-
-## 💌 Contact
-
-Please visit [this page](https://docs.meilisearch.com/learn/what_is_meilisearch/contact.html#contact-us).
-
-MeiliSearch is developed by [Meili](https://www.meilisearch.com), a young company. To know more about us, you can [read our blog](https://blog.meilisearch.com). Any suggestion or feedback is highly appreciated. Thank you for your support!
+Thank you for your support!
--- a/SECURITY.md
+++ b/SECURITY.md
@ -1,16 +1,16 @@
 # Security

-MeiliSearch takes the security of our software products and services seriously.
+Meilisearch takes the security of our software products and services seriously.

-If you believe you have found a security vulnerability in any MeiliSearch-owned repository, please report it to us as described below.
+If you believe you have found a security vulnerability in any Meilisearch-owned repository, please report it to us as described below.

-## Suported versions
+## Supported versions

-As long as we are pre-v1.0, only the latest version of MeiliSearch will be supported with security updates. 
+As long as we are pre-v1.0, only the latest version of Meilisearch will be supported with security updates.

 ## Reporting security issues

-⚠️ Please do not report security vulnerabilities through public GitHub issues. ⚠️ 
+⚠️ Please do not report security vulnerabilities through public GitHub issues. ⚠️

 Instead, please kindly email us at security@meilisearch.com

--- a/assets/demo-dark.gif
+++ b/assets/demo-dark.gif
--- a/assets/demo-light.gif
+++ b/assets/demo-light.gif
--- a/assets/integrations.png
+++ b/assets/integrations.png
--- a/assets/logo.svg
+++ b/assets/logo.svg
@ -1,17 +1,19 @@
-<svg width="360" height="360" viewBox="0 0 360 360" fill="none" xmlns="http://www.w3.org/2000/svg">
-<g id="logo_main">
-<rect id="Rectangle" x="107.333" y="0.150146" width="274.315" height="274.315" rx="98.8334" transform="rotate(23 107.333 0.150146)" fill="url(#paint0_linear)"/>
-<path id="Rectangle_2" fill-rule="evenodd" clip-rule="evenodd" d="M61.3296 230.199C46.2224 194.608 38.6688 176.813 38.208 160.329C37.5286 136.025 47.0175 112.539 64.3891 95.5282C76.1718 83.9904 93.9669 76.4368 129.557 61.3296C165.147 46.2224 182.943 38.6688 199.427 38.208C223.731 37.5286 247.217 47.0175 264.228 64.3891C275.766 76.1718 283.319 93.9669 298.426 129.557C313.534 165.147 321.087 182.943 321.548 199.427C322.227 223.731 312.738 247.217 295.367 264.228C283.584 275.766 265.789 283.319 230.199 298.426C194.608 313.534 176.813 321.087 160.329 321.548C136.025 322.227 112.539 312.738 95.5282 295.367C83.9903 283.584 76.4368 265.789 61.3296 230.199Z" fill="url(#paint1_linear)"/>
-<path id="m" fill-rule="evenodd" clip-rule="evenodd" d="M219.568 130.748C242.363 130.748 259.263 147.451 259.263 174.569V229.001H227.232V179.678C227.232 166.119 220.747 159.634 210.136 159.634C205.223 159.634 200.311 161.796 195.595 167.494C195.791 169.852 195.988 172.21 195.988 174.569V229.001H164.154V179.678C164.154 166.119 157.472 159.634 147.057 159.634C142.145 159.634 137.429 161.992 132.712 168.084V229.001H100.878V133.695H132.712V139.394C139.197 133.892 145.878 130.748 156.49 130.748C168.477 130.748 178.695 135.267 185.769 143.52C195.791 134.678 205.42 130.748 219.568 130.748Z" fill="white"/>
-</g>
+<svg width="300" height="300" viewBox="0 0 300 300" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M0 237L55.426 96.7678C63.2367 77.0063 82.499 64 103.955 64H137.371L81.9447 204.232C74.1341 223.993 54.8717 237 33.4156 237H0Z" fill="url(#paint0_linear_1_898)"/>
+<path d="M81.3123 237L136.738 96.7682C144.549 77.0067 163.811 64.0004 185.267 64.0004H218.683L163.257 204.232C155.446 223.994 136.184 237 114.728 237H81.3123Z" fill="url(#paint1_linear_1_898)"/>
+<path d="M162.629 237L218.055 96.7682C225.866 77.0067 245.128 64.0004 266.584 64.0004H300L244.574 204.232C236.763 223.994 217.501 237 196.045 237H162.629Z" fill="url(#paint2_linear_1_898)"/>
 <defs>
-<linearGradient id="paint0_linear" x1="-13.6248" y1="129.208" x2="244.49" y2="403.522" gradientUnits="userSpaceOnUse">
-<stop stop-color="#E41359"/>
-<stop offset="1" stop-color="#F23C79"/>
+<linearGradient id="paint0_linear_1_898" x1="300.001" y1="50.7858" x2="1.63474" y2="221.244" gradientUnits="userSpaceOnUse">
+<stop stop-color="#FF5CAA"/>
+<stop offset="1" stop-color="#FF4E62"/>
 </linearGradient>
-<linearGradient id="paint1_linear" x1="11.0088" y1="111.65" x2="111.65" y2="348.747" gradientUnits="userSpaceOnUse">
-<stop stop-color="#24222F"/>
-<stop offset="1" stop-color="#2B2937"/>
+<linearGradient id="paint1_linear_1_898" x1="300.001" y1="50.7858" x2="1.63474" y2="221.244" gradientUnits="userSpaceOnUse">
+<stop stop-color="#FF5CAA"/>
+<stop offset="1" stop-color="#FF4E62"/>
+</linearGradient>
+<linearGradient id="paint2_linear_1_898" x1="300.001" y1="50.7858" x2="1.63474" y2="221.244" gradientUnits="userSpaceOnUse">
+<stop stop-color="#FF5CAA"/>
+<stop offset="1" stop-color="#FF4E62"/>
 </linearGradient>
 </defs>
 </svg>
--- a/assets/meilisearch-logo-dark.svg
+++ b/assets/meilisearch-logo-dark.svg
@ -0,0 +1,30 @@
+<svg width="495" height="74" viewBox="0 0 495 74" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M181.842 42.5349C181.842 37.6137 184.201 34.715 188.718 34.715C192.965 34.715 194.381 37.7486 194.381 41.6585V62.6238H203.953V40.5799C203.953 32.3556 199.639 26.4907 191.145 26.4907C186.089 26.4907 182.516 28.0412 179.415 31.4792C177.393 28.3782 173.955 26.4907 169.168 26.4907C164.112 26.4907 160.607 28.5805 158.989 31.614V27.2996H150.158V62.6238H159.731V42.3326C159.731 37.6137 162.157 34.715 166.607 34.715C170.854 34.715 172.269 37.7486 172.269 41.6585V62.6238H181.842V42.5349Z" fill="white"/>
+<path d="M243.245 47.7256C243.245 47.7256 243.379 46.4448 243.379 44.8943C243.379 34.4454 236.301 26.4907 225.852 26.4907C215.403 26.4907 208.123 34.4454 208.123 44.8943C208.123 55.7477 215.471 63.4327 225.92 63.4327C234.077 63.4327 240.548 58.5116 242.638 51.3659H232.998C231.852 53.9276 229.088 55.2084 226.189 55.2084C221.403 55.2084 218.302 52.5793 217.628 47.7256H243.245ZM225.785 34.1757C230.234 34.1757 233.133 36.8722 233.807 40.8495H217.763C218.572 36.8048 221.403 34.1757 225.785 34.1757Z" fill="white"/>
+<path d="M244.791 35.524H249.038V62.6238H258.61V27.2996H244.791V35.524ZM253.824 22.7156C257.195 22.7156 259.622 20.3561 259.622 16.9855C259.622 13.6149 257.195 11.188 253.824 11.188C250.454 11.188 248.027 13.6149 248.027 16.9855C248.027 20.3561 250.454 22.7156 253.824 22.7156Z" fill="white"/>
+<path d="M278.432 54.3995C278.163 54.3995 277.758 54.4669 277.152 54.4669C274.994 54.4669 274.725 53.4557 274.725 51.9726V12.0644H265.152V52.6467C265.152 59.6576 267.849 62.7586 275.466 62.7586C276.747 62.7586 277.96 62.6238 278.432 62.5564V54.3995Z" fill="white"/>
+<path d="M279.521 35.524H283.768V62.6238H293.341V27.2996H279.521V35.524ZM288.555 22.7156C291.925 22.7156 294.352 20.3561 294.352 16.9855C294.352 13.6149 291.925 11.188 288.555 11.188C285.184 11.188 282.757 13.6149 282.757 16.9855C282.757 20.3561 285.184 22.7156 288.555 22.7156Z" fill="white"/>
+<path d="M312.557 62.9937C321.86 62.9937 326.242 58.0726 326.242 52.8819C326.242 38.4556 305.007 46.4777 305.007 36.9725C305.007 33.8716 307.636 31.2425 312.962 31.2425C318.422 31.2425 320.984 34.2086 321.388 37.9163H326.175C325.77 33.2648 322.602 27.0629 313.097 27.0629C304.94 27.0629 300.356 31.9166 300.356 37.1748C300.356 51.264 321.591 43.1745 321.591 53.0167C321.591 56.4547 318.355 58.8142 312.557 58.8142C306.625 58.8142 303.659 55.848 303.322 51.4662H298.468C298.873 57.4659 302.648 62.9937 312.557 62.9937Z" fill="white"/>
+<path d="M364.256 46.4103C364.256 46.4103 364.324 45.3317 364.324 44.5901C364.324 34.8827 358.054 27.0629 347.808 27.0629C337.494 27.0629 330.955 35.4894 330.955 44.9946C330.955 54.6346 337.022 62.9937 347.875 62.9937C356.032 62.9937 361.695 58.0052 363.717 51.4662H358.729C357.245 55.6458 353.201 58.6794 347.943 58.6794C340.729 58.6794 336.213 53.3538 335.741 46.4103H364.256ZM347.808 31.3773C354.549 31.3773 358.931 35.8939 359.538 42.5004H335.876C336.685 36.1636 341.134 31.3773 347.808 31.3773Z" fill="white"/>
+<path d="M394.037 45.871V49.1068C394.037 54.9717 389.79 59.0164 381.634 59.0164C376.578 59.0164 373.814 56.9266 373.814 52.41C373.814 50.118 374.892 48.3652 376.578 47.4215C378.33 46.4777 380.69 45.871 394.037 45.871ZM381.094 62.9937C387.027 62.9937 391.813 61.1062 394.24 57.1963V62.1848H398.824V39.7364C398.824 32.1188 394.442 27.0629 384.532 27.0629C375.027 27.0629 370.848 31.8492 369.971 37.9837H374.623C375.566 33.13 379.274 31.1751 384.33 31.1751C390.802 31.1751 394.037 33.8716 394.037 39.669V41.8936C383.184 41.8936 378.667 42.0959 375.297 43.4441C371.387 44.9946 369.095 48.4327 369.095 52.5448C369.095 58.5445 372.937 62.9937 381.094 62.9937Z" fill="white"/>
+<path d="M424.991 27.6022C424.991 27.6022 424.182 27.5348 423.845 27.5348C417.509 27.5348 414.138 30.838 412.857 33.1974V27.8718H408.273V62.1848H413.059V42.7026C413.059 35.5569 417.441 32.0514 423.306 32.0514C424.182 32.0514 424.991 32.1188 424.991 32.1188V27.6022Z" fill="white"/>
+<path d="M425.809 45.062C425.809 54.4324 432.28 62.9937 442.729 62.9937C452.032 62.9937 457.425 56.7918 458.773 49.9831H453.92C452.504 55.3087 448.594 58.6794 442.729 58.6794C435.516 58.6794 430.662 52.9493 430.662 45.062C430.662 37.1073 435.516 31.3773 442.729 31.3773C448.594 31.3773 452.504 34.7479 453.92 40.0735H458.773C457.425 33.2648 452.032 27.0629 442.729 27.0629C432.28 27.0629 425.809 35.6243 425.809 45.062Z" fill="white"/>
+<path d="M470.041 11.6254H465.255V62.1848H470.041V41.8936C470.041 34.8827 474.558 31.2425 480.355 31.2425C486.49 31.2425 489.389 35.0176 489.389 41.2195V62.1848H494.175V40.2757C494.175 32.6581 489.658 27.0629 481.164 27.0629C474.76 27.0629 471.255 30.5683 470.041 32.6581V11.6254Z" fill="white"/>
+<path d="M0.825012 73.993L24.0688 14.5224C27.3443 6.14179 35.4223 0.625977 44.4203 0.625977H58.4336L35.1899 60.0966C31.9143 68.4772 23.8363 73.993 14.8384 73.993H0.825012Z" fill="url(#paint0_linear_0_3)"/>
+<path d="M34.9246 73.9932L58.1684 14.5226C61.444 6.14197 69.5219 0.626152 78.5199 0.626152H92.5333L69.2895 60.0968C66.014 68.4774 57.936 73.9932 48.938 73.9932H34.9246Z" fill="url(#paint1_linear_0_3)"/>
+<path d="M69.0262 73.9932L92.27 14.5226C95.5456 6.14197 103.624 0.626152 112.622 0.626152H126.635L103.391 60.0968C100.116 68.4774 92.0376 73.9932 83.0396 73.9932H69.0262Z" fill="url(#paint2_linear_0_3)"/>
+<defs>
+<linearGradient id="paint0_linear_0_3" x1="126.635" y1="-4.97799" x2="0.825008" y2="66.0978" gradientUnits="userSpaceOnUse">
+<stop stop-color="#FF5CAA"/>
+<stop offset="1" stop-color="#FF4E62"/>
+</linearGradient>
+<linearGradient id="paint1_linear_0_3" x1="126.635" y1="-4.97799" x2="0.825008" y2="66.0978" gradientUnits="userSpaceOnUse">
+<stop stop-color="#FF5CAA"/>
+<stop offset="1" stop-color="#FF4E62"/>
+</linearGradient>
+<linearGradient id="paint2_linear_0_3" x1="126.635" y1="-4.97799" x2="0.825008" y2="66.0978" gradientUnits="userSpaceOnUse">
+<stop stop-color="#FF5CAA"/>
+<stop offset="1" stop-color="#FF4E62"/>
+</linearGradient>
+</defs>
+</svg>
--- a/assets/meilisearch-logo-light.svg
+++ b/assets/meilisearch-logo-light.svg
@ -0,0 +1,30 @@
+<svg width="495" height="74" viewBox="0 0 495 74" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M181.84 42.5347C181.84 37.6136 184.199 34.7149 188.716 34.7149C192.963 34.7149 194.378 37.7484 194.378 41.6584V62.6237H203.951V40.5798C203.951 32.3554 199.637 26.4906 191.143 26.4906C186.087 26.4906 182.514 28.041 179.413 31.4791C177.39 28.3781 173.952 26.4906 169.166 26.4906C164.11 26.4906 160.605 28.5804 158.987 31.6139V27.2995H150.156V62.6237H159.728V42.3325C159.728 37.6136 162.155 34.7149 166.604 34.7149C170.851 34.7149 172.267 37.7484 172.267 41.6584V62.6237H181.84V42.5347Z" fill="#21004B"/>
+<path d="M243.242 47.7255C243.242 47.7255 243.377 46.4447 243.377 44.8942C243.377 34.4452 236.299 26.4906 225.85 26.4906C215.401 26.4906 208.12 34.4452 208.12 44.8942C208.12 55.7476 215.468 63.4326 225.917 63.4326C234.074 63.4326 240.546 58.5115 242.636 51.3658H232.996C231.85 53.9274 229.086 55.2083 226.187 55.2083C221.401 55.2083 218.3 52.5792 217.626 47.7255H243.242ZM225.783 34.1756C230.232 34.1756 233.131 36.8721 233.805 40.8494H217.76C218.569 36.8047 221.401 34.1756 225.783 34.1756Z" fill="#21004B"/>
+<path d="M244.789 35.5238H249.036V62.6237H258.608V27.2995H244.789V35.5238ZM253.822 22.7155C257.193 22.7155 259.619 20.356 259.619 16.9854C259.619 13.6148 257.193 11.1879 253.822 11.1879C250.451 11.1879 248.024 13.6148 248.024 16.9854C248.024 20.356 250.451 22.7155 253.822 22.7155Z" fill="#21004B"/>
+<path d="M278.43 54.3993C278.16 54.3993 277.756 54.4667 277.149 54.4667C274.992 54.4667 274.722 53.4556 274.722 51.9725V12.0643H265.15V52.6466C265.15 59.6575 267.846 62.7585 275.464 62.7585C276.745 62.7585 277.958 62.6237 278.43 62.5562V54.3993Z" fill="#21004B"/>
+<path d="M279.519 35.5238H283.766V62.6237H293.339V27.2995H279.519V35.5238ZM288.553 22.7155C291.923 22.7155 294.35 20.356 294.35 16.9854C294.35 13.6148 291.923 11.1879 288.553 11.1879C285.182 11.1879 282.755 13.6148 282.755 16.9854C282.755 20.356 285.182 22.7155 288.553 22.7155Z" fill="#21004B"/>
+<path d="M312.557 62.9939C321.86 62.9939 326.242 58.0728 326.242 52.882C326.242 38.4557 305.007 46.4778 305.007 36.9726C305.007 33.8717 307.636 31.2426 312.962 31.2426C318.422 31.2426 320.984 34.2087 321.388 37.9164H326.175C325.77 33.265 322.602 27.063 313.097 27.063C304.94 27.063 300.356 31.9167 300.356 37.1749C300.356 51.2641 321.591 43.1746 321.591 53.0168C321.591 56.4548 318.355 58.8143 312.557 58.8143C306.625 58.8143 303.659 55.8481 303.322 51.4663H298.468C298.872 57.466 302.648 62.9939 312.557 62.9939Z" fill="#21004B"/>
+<path d="M364.256 46.4104C364.256 46.4104 364.324 45.3318 364.324 44.5903C364.324 34.8829 358.054 27.063 347.808 27.063C337.494 27.063 330.955 35.4896 330.955 44.9947C330.955 54.6347 337.022 62.9939 347.875 62.9939C356.032 62.9939 361.695 58.0053 363.717 51.4663H358.728C357.245 55.6459 353.201 58.6795 347.942 58.6795C340.729 58.6795 336.213 53.3539 335.741 46.4104H364.256ZM347.808 31.3774C354.549 31.3774 358.931 35.894 359.537 42.5005H335.876C336.685 36.1637 341.134 31.3774 347.808 31.3774Z" fill="#21004B"/>
+<path d="M394.037 45.8711V49.1069C394.037 54.9718 389.79 59.0165 381.633 59.0165C376.578 59.0165 373.814 56.9267 373.814 52.4101C373.814 50.1181 374.892 48.3654 376.578 47.4216C378.33 46.4778 380.69 45.8711 394.037 45.8711ZM381.094 62.9939C387.026 62.9939 391.813 61.1063 394.24 57.1964V62.1849H398.824V39.7366C398.824 32.1189 394.442 27.063 384.532 27.063C375.027 27.063 370.847 31.8493 369.971 37.9838H374.623C375.566 33.1301 379.274 31.1752 384.33 31.1752C390.802 31.1752 394.037 33.8717 394.037 39.6691V41.8938C383.184 41.8938 378.667 42.096 375.297 43.4442C371.387 44.9947 369.095 48.4328 369.095 52.5449C369.095 58.5446 372.937 62.9939 381.094 62.9939Z" fill="#21004B"/>
+<path d="M424.991 27.6023C424.991 27.6023 424.182 27.5349 423.845 27.5349C417.508 27.5349 414.138 30.8381 412.857 33.1975V27.872H408.273V62.1849H413.059V42.7027C413.059 35.557 417.441 32.0515 423.306 32.0515C424.182 32.0515 424.991 32.1189 424.991 32.1189V27.6023Z" fill="#21004B"/>
+<path d="M425.809 45.0621C425.809 54.4325 432.28 62.9939 442.729 62.9939C452.032 62.9939 457.425 56.7919 458.773 49.9832H453.92C452.504 55.3088 448.594 58.6795 442.729 58.6795C435.516 58.6795 430.662 52.9494 430.662 45.0621C430.662 37.1075 435.516 31.3774 442.729 31.3774C448.594 31.3774 452.504 34.748 453.92 40.0736H458.773C457.425 33.265 452.032 27.063 442.729 27.063C432.28 27.063 425.809 35.6244 425.809 45.0621Z" fill="#21004B"/>
+<path d="M470.041 11.6255H465.255V62.1849H470.041V41.8938C470.041 34.8829 474.558 31.2426 480.355 31.2426C486.49 31.2426 489.389 35.0177 489.389 41.2196V62.1849H494.175V40.2759C494.175 32.6582 489.658 27.063 481.164 27.063C474.76 27.063 471.255 30.5685 470.041 32.6582V11.6255Z" fill="#21004B"/>
+<path d="M0.824951 73.993L24.0688 14.5224C27.3443 6.14179 35.4223 0.625977 44.4202 0.625977H58.4336L35.1898 60.0966C31.9143 68.4772 23.8363 73.993 14.8383 73.993H0.824951Z" fill="url(#paint0_linear_0_15)"/>
+<path d="M34.9246 73.9932L58.1684 14.5226C61.4439 6.14197 69.5219 0.626152 78.5199 0.626152H92.5332L69.2894 60.0968C66.0139 68.4774 57.9359 73.9932 48.9379 73.9932H34.9246Z" fill="url(#paint1_linear_0_15)"/>
+<path d="M69.0262 73.9932L92.27 14.5226C95.5455 6.14197 103.623 0.626152 112.621 0.626152H126.635L103.391 60.0968C100.115 68.4774 92.0375 73.9932 83.0395 73.9932H69.0262Z" fill="url(#paint2_linear_0_15)"/>
+<defs>
+<linearGradient id="paint0_linear_0_15" x1="126.635" y1="-4.97799" x2="0.824952" y2="66.0978" gradientUnits="userSpaceOnUse">
+<stop stop-color="#FF5CAA"/>
+<stop offset="1" stop-color="#FF4E62"/>
+</linearGradient>
+<linearGradient id="paint1_linear_0_15" x1="126.635" y1="-4.97799" x2="0.824952" y2="66.0978" gradientUnits="userSpaceOnUse">
+<stop stop-color="#FF5CAA"/>
+<stop offset="1" stop-color="#FF4E62"/>
+</linearGradient>
+<linearGradient id="paint2_linear_0_15" x1="126.635" y1="-4.97799" x2="0.824952" y2="66.0978" gradientUnits="userSpaceOnUse">
+<stop stop-color="#FF5CAA"/>
+<stop offset="1" stop-color="#FF4E62"/>
+</linearGradient>
+</defs>
+</svg>
--- a/bors.toml
+++ b/bors.toml
@ -3,7 +3,8 @@ status = [
    'Tests on macos-latest',
    'Tests on windows-latest',
    'Run Clippy',
-    'Run Rustfmt'
+    'Run Rustfmt',
+    'Run tests in debug',
 ]
 pr_status = ['Milestone Check']
 # 3 hours timeout
--- a/download-latest.sh
+++ b/download-latest.sh
@ -67,20 +67,20 @@ semverLT() {
    return 1
 }

-# Get a token from https://github.com/settings/tokens to increasae rate limit (from 60 to 5000), make sure the token scope is set to 'public_repo'
-# Create GITHUB_PAT enviroment variable once you aquired the token to start using it
+# Get a token from https://github.com/settings/tokens to increase rate limit (from 60 to 5000), make sure the token scope is set to 'public_repo'
+# Create GITHUB_PAT environment variable once you acquired the token to start using it
 # Returns the tag of the latest stable release (in terms of semver and not of release date)
 get_latest() {
    temp_file='temp_file' # temp_file needed because the grep would start before the download is over

-        if [ -z "$GITHUB_PAT" ]; then
-        curl -s 'https://api.github.com/repos/meilisearch/MeiliSearch/releases' > "$temp_file" || return 1
+    if [ -z "$GITHUB_PAT" ]; then
+        curl -s 'https://api.github.com/repos/meilisearch/meilisearch/releases' > "$temp_file" || return 1
    else
-        curl -H "Authorization: token $GITHUB_PAT" -s 'https://api.github.com/repos/meilisearch/MeiliSearch/releases' > "$temp_file" || return 1
+        curl -H "Authorization: token $GITHUB_PAT" -s 'https://api.github.com/repos/meilisearch/meilisearch/releases' > "$temp_file" || return 1
    fi

    releases=$(cat "$temp_file" | \
-        grep -E "tag_name|draft|prerelease" \
+        grep -E '"tag_name":|"draft":|"prerelease":' \
        | tr -d ',"' | cut -d ':' -f2 | tr -d ' ')
        # Returns a list of [tag_name draft_boolean prerelease_boolean ...]
        # Ex: v0.10.1 false false v0.9.1-rc.1 false true v0.9.0 false false...
@ -89,7 +89,7 @@ get_latest() {
    latest=''
    current_tag=''
    for release_info in $releases; do
-        if [ $i -eq 0 ]; then # Cheking tag_name
+        if [ $i -eq 0 ]; then # Checking tag_name
            if echo "$release_info" | grep -q "$GREP_SEMVER_REGEXP"; then # If it's not an alpha or beta release
                current_tag=$release_info
            else
@ -120,7 +120,7 @@ get_latest() {
    done

    rm -f "$temp_file"
-    echo $latest
+    return 0
 }

 # Gets the OS by setting the $os variable
@ -148,11 +148,18 @@ get_os() {
 get_archi() {
    architecture=$(uname -m)
    case "$architecture" in
-    'x86_64' | 'amd64' | 'arm64')
+    'x86_64' | 'amd64' )
        archi='amd64'
        ;;
+    'arm64')
+        if [ $os = 'macos' ]; then # MacOS M1
+            archi='amd64'
+        else
+            archi='aarch64'
+        fi
+        ;;
    'aarch64')
-        archi='armv8'
+        archi='aarch64'
        ;;
    *)
        return 1
@ -161,7 +168,7 @@ get_archi() {
 }

 success_usage() {
-    printf "$GREEN%s\n$DEFAULT" "MeiliSearch $latest binary successfully downloaded as '$binary_name' file."
+    printf "$GREEN%s\n$DEFAULT" "Meilisearch $latest binary successfully downloaded as '$binary_name' file."
    echo ''
    echo 'Run it:'
    echo '    $ ./meilisearch'
@ -169,47 +176,65 @@ success_usage() {
    echo '    $ ./meilisearch --help'
 }

-failure_usage() {
-    printf "$RED%s\n$DEFAULT" 'ERROR: MeiliSearch binary is not available for your OS distribution or your architecture yet.'
+not_available_failure_usage() {
+    printf "$RED%s\n$DEFAULT" 'ERROR: Meilisearch binary is not available for your OS distribution or your architecture yet.'
    echo ''
    echo 'However, you can easily compile the binary from the source files.'
    echo 'Follow the steps at the page ("Source" tab): https://docs.meilisearch.com/learn/getting_started/installation.html'
 }

+fetch_release_failure_usage() {
+    echo ''
+    printf "$RED%s\n$DEFAULT" 'ERROR: Impossible to get the latest stable version of Meilisearch.'
+    echo 'Please let us know about this issue: https://github.com/meilisearch/meilisearch/issues/new/choose'
+}
+
 # MAIN
-latest="$(get_latest)"
+
+# Fill $latest variable
+if ! get_latest; then
+    fetch_release_failure_usage # TO CHANGE
+    exit 1
+fi

 if [ "$latest" = '' ]; then
-    echo ''
-    echo 'Impossible to get the latest stable version of MeiliSearch.'
-    echo 'Please let us know about this issue: https://github.com/meilisearch/meilisearch-swift/issues/new/choose'
+    fetch_release_failure_usage
    exit 1
 fi

+# Fill $os variable
 if ! get_os; then
-    failure_usage
+    not_available_failure_usage
    exit 1
 fi

+# Fill $archi variable
 if ! get_archi; then
-    failure_usage
+    not_available_failure_usage
    exit 1
 fi

-echo "Downloading MeiliSearch binary $latest for $os, architecture $archi..."
+echo "Downloading Meilisearch binary $latest for $os, architecture $archi..."
 case "$os" in
    'windows')
        release_file="meilisearch-$os-$archi.exe"
-		binary_name='meilisearch.exe'
+        binary_name='meilisearch.exe'

        ;;
-	*)
-		release_file="meilisearch-$os-$archi"
-		binary_name='meilisearch'
+    *)
+        release_file="meilisearch-$os-$archi"
+        binary_name='meilisearch'

 esac
-link="https://github.com/meilisearch/MeiliSearch/releases/download/$latest/$release_file"
-curl -OL "$link"
+
+# Fetch the Meilisearch binary
+link="https://github.com/meilisearch/meilisearch/releases/download/$latest/$release_file"
+curl --fail -OL "$link"
+if [ $? -ne 0 ]; then
+    fetch_release_failure_usage
+    exit 1
+fi
+
 mv "$release_file" "$binary_name"
 chmod 744 "$binary_name"
 success_usage
--- a/grafana-dashboards/dashboard.json
+++ b/grafana-dashboards/dashboard.json
--- a/meilisearch-auth/Cargo.toml
+++ b/meilisearch-auth/Cargo.toml
@ -0,0 +1,17 @@
+[package]
+name = "meilisearch-auth"
+version = "0.29.3"
+edition = "2021"
+
+[dependencies]
+enum-iterator = "0.7.0"
+hmac = "0.12.1"
+meilisearch-types = { path = "../meilisearch-types" }
+milli = { git = "https://github.com/meilisearch/milli.git", tag = "v0.33.6" }
+rand = "0.8.4"
+serde = { version = "1.0.136", features = ["derive"] }
+serde_json = { version = "1.0.85", features = ["preserve_order"] }
+sha2 = "0.10.2"
+thiserror = "1.0.30"
+time = { version = "0.3.7", features = ["serde-well-known", "formatting", "parsing", "macros"] }
+uuid = { version = "1.1.2", features = ["serde", "v4"] }
--- a/meilisearch-auth/src/action.rs
+++ b/meilisearch-auth/src/action.rs
@ -0,0 +1,134 @@
+use enum_iterator::IntoEnumIterator;
+use serde::{Deserialize, Serialize};
+use std::hash::Hash;
+
+#[derive(IntoEnumIterator, Copy, Clone, Serialize, Deserialize, Debug, Eq, PartialEq, Hash)]
+#[repr(u8)]
+pub enum Action {
+    #[serde(rename = "*")]
+    All = 0,
+    #[serde(rename = "search")]
+    Search,
+    #[serde(rename = "documents.*")]
+    DocumentsAll,
+    #[serde(rename = "documents.add")]
+    DocumentsAdd,
+    #[serde(rename = "documents.get")]
+    DocumentsGet,
+    #[serde(rename = "documents.delete")]
+    DocumentsDelete,
+    #[serde(rename = "indexes.*")]
+    IndexesAll,
+    #[serde(rename = "indexes.create")]
+    IndexesAdd,
+    #[serde(rename = "indexes.get")]
+    IndexesGet,
+    #[serde(rename = "indexes.update")]
+    IndexesUpdate,
+    #[serde(rename = "indexes.delete")]
+    IndexesDelete,
+    #[serde(rename = "tasks.*")]
+    TasksAll,
+    #[serde(rename = "tasks.get")]
+    TasksGet,
+    #[serde(rename = "settings.*")]
+    SettingsAll,
+    #[serde(rename = "settings.get")]
+    SettingsGet,
+    #[serde(rename = "settings.update")]
+    SettingsUpdate,
+    #[serde(rename = "stats.*")]
+    StatsAll,
+    #[serde(rename = "stats.get")]
+    StatsGet,
+    #[serde(rename = "metrics.*")]
+    MetricsAll,
+    #[serde(rename = "metrics.get")]
+    MetricsGet,
+    #[serde(rename = "dumps.*")]
+    DumpsAll,
+    #[serde(rename = "dumps.create")]
+    DumpsCreate,
+    #[serde(rename = "version")]
+    Version,
+    #[serde(rename = "keys.create")]
+    KeysAdd,
+    #[serde(rename = "keys.get")]
+    KeysGet,
+    #[serde(rename = "keys.update")]
+    KeysUpdate,
+    #[serde(rename = "keys.delete")]
+    KeysDelete,
+}
+
+impl Action {
+    pub const fn from_repr(repr: u8) -> Option<Self> {
+        use actions::*;
+        match repr {
+            ALL => Some(Self::All),
+            SEARCH => Some(Self::Search),
+            DOCUMENTS_ALL => Some(Self::DocumentsAll),
+            DOCUMENTS_ADD => Some(Self::DocumentsAdd),
+            DOCUMENTS_GET => Some(Self::DocumentsGet),
+            DOCUMENTS_DELETE => Some(Self::DocumentsDelete),
+            INDEXES_ALL => Some(Self::IndexesAll),
+            INDEXES_CREATE => Some(Self::IndexesAdd),
+            INDEXES_GET => Some(Self::IndexesGet),
+            INDEXES_UPDATE => Some(Self::IndexesUpdate),
+            INDEXES_DELETE => Some(Self::IndexesDelete),
+            TASKS_ALL => Some(Self::TasksAll),
+            TASKS_GET => Some(Self::TasksGet),
+            SETTINGS_ALL => Some(Self::SettingsAll),
+            SETTINGS_GET => Some(Self::SettingsGet),
+            SETTINGS_UPDATE => Some(Self::SettingsUpdate),
+            STATS_ALL => Some(Self::StatsAll),
+            STATS_GET => Some(Self::StatsGet),
+            METRICS_ALL => Some(Self::MetricsAll),
+            METRICS_GET => Some(Self::MetricsGet),
+            DUMPS_ALL => Some(Self::DumpsAll),
+            DUMPS_CREATE => Some(Self::DumpsCreate),
+            VERSION => Some(Self::Version),
+            KEYS_CREATE => Some(Self::KeysAdd),
+            KEYS_GET => Some(Self::KeysGet),
+            KEYS_UPDATE => Some(Self::KeysUpdate),
+            KEYS_DELETE => Some(Self::KeysDelete),
+            _otherwise => None,
+        }
+    }
+
+    pub const fn repr(&self) -> u8 {
+        *self as u8
+    }
+}
+
+pub mod actions {
+    use super::Action::*;
+
+    pub(crate) const ALL: u8 = All.repr();
+    pub const SEARCH: u8 = Search.repr();
+    pub const DOCUMENTS_ALL: u8 = DocumentsAll.repr();
+    pub const DOCUMENTS_ADD: u8 = DocumentsAdd.repr();
+    pub const DOCUMENTS_GET: u8 = DocumentsGet.repr();
+    pub const DOCUMENTS_DELETE: u8 = DocumentsDelete.repr();
+    pub const INDEXES_ALL: u8 = IndexesAll.repr();
+    pub const INDEXES_CREATE: u8 = IndexesAdd.repr();
+    pub const INDEXES_GET: u8 = IndexesGet.repr();
+    pub const INDEXES_UPDATE: u8 = IndexesUpdate.repr();
+    pub const INDEXES_DELETE: u8 = IndexesDelete.repr();
+    pub const TASKS_ALL: u8 = TasksAll.repr();
+    pub const TASKS_GET: u8 = TasksGet.repr();
+    pub const SETTINGS_ALL: u8 = SettingsAll.repr();
+    pub const SETTINGS_GET: u8 = SettingsGet.repr();
+    pub const SETTINGS_UPDATE: u8 = SettingsUpdate.repr();
+    pub const STATS_ALL: u8 = StatsAll.repr();
+    pub const STATS_GET: u8 = StatsGet.repr();
+    pub const METRICS_ALL: u8 = MetricsAll.repr();
+    pub const METRICS_GET: u8 = MetricsGet.repr();
+    pub const DUMPS_ALL: u8 = DumpsAll.repr();
+    pub const DUMPS_CREATE: u8 = DumpsCreate.repr();
+    pub const VERSION: u8 = Version.repr();
+    pub const KEYS_CREATE: u8 = KeysAdd.repr();
+    pub const KEYS_GET: u8 = KeysGet.repr();
+    pub const KEYS_UPDATE: u8 = KeysUpdate.repr();
+    pub const KEYS_DELETE: u8 = KeysDelete.repr();
+}
--- a/meilisearch-auth/src/dump.rs
+++ b/meilisearch-auth/src/dump.rs
@ -0,0 +1,47 @@
+use serde_json::Deserializer;
+
+use std::fs::File;
+use std::io::BufReader;
+use std::io::Write;
+use std::path::Path;
+
+use crate::{AuthController, HeedAuthStore, Result};
+
+const KEYS_PATH: &str = "keys";
+
+impl AuthController {
+    pub fn dump(src: impl AsRef<Path>, dst: impl AsRef<Path>) -> Result<()> {
+        let mut store = HeedAuthStore::new(&src)?;
+
+        // do not attempt to close the database on drop!
+        store.set_drop_on_close(false);
+
+        let keys_file_path = dst.as_ref().join(KEYS_PATH);
+
+        let keys = store.list_api_keys()?;
+        let mut keys_file = File::create(&keys_file_path)?;
+        for key in keys {
+            serde_json::to_writer(&mut keys_file, &key)?;
+            keys_file.write_all(b"\n")?;
+        }
+
+        Ok(())
+    }
+
+    pub fn load_dump(src: impl AsRef<Path>, dst: impl AsRef<Path>) -> Result<()> {
+        let store = HeedAuthStore::new(&dst)?;
+
+        let keys_file_path = src.as_ref().join(KEYS_PATH);
+
+        if !keys_file_path.exists() {
+            return Ok(());
+        }
+
+        let reader = BufReader::new(File::open(&keys_file_path)?);
+        for key in Deserializer::from_reader(reader).into_iter() {
+            store.put_api_key(key?)?;
+        }
+
+        Ok(())
+    }
+}
--- a/meilisearch-auth/src/error.rs
+++ b/meilisearch-auth/src/error.rs
@ -0,0 +1,60 @@
+use std::error::Error;
+
+use meilisearch_types::error::{Code, ErrorCode};
+use meilisearch_types::internal_error;
+use serde_json::Value;
+
+pub type Result<T> = std::result::Result<T, AuthControllerError>;
+
+#[derive(Debug, thiserror::Error)]
+pub enum AuthControllerError {
+    #[error("`{0}` field is mandatory.")]
+    MissingParameter(&'static str),
+    #[error("`actions` field value `{0}` is invalid. It should be an array of string representing action names.")]
+    InvalidApiKeyActions(Value),
+    #[error("`indexes` field value `{0}` is invalid. It should be an array of string representing index names.")]
+    InvalidApiKeyIndexes(Value),
+    #[error("`expiresAt` field value `{0}` is invalid. It should follow the RFC 3339 format to represents a date or datetime in the future or specified as a null value. e.g. 'YYYY-MM-DD' or 'YYYY-MM-DD HH:MM:SS'.")]
+    InvalidApiKeyExpiresAt(Value),
+    #[error("`description` field value `{0}` is invalid. It should be a string or specified as a null value.")]
+    InvalidApiKeyDescription(Value),
+    #[error(
+        "`name` field value `{0}` is invalid. It should be a string or specified as a null value."
+    )]
+    InvalidApiKeyName(Value),
+    #[error("`uid` field value `{0}` is invalid. It should be a valid UUID v4 string or omitted.")]
+    InvalidApiKeyUid(Value),
+    #[error("API key `{0}` not found.")]
+    ApiKeyNotFound(String),
+    #[error("`uid` field value `{0}` is already an existing API key.")]
+    ApiKeyAlreadyExists(String),
+    #[error("The `{0}` field cannot be modified for the given resource.")]
+    ImmutableField(String),
+    #[error("Internal error: {0}")]
+    Internal(Box<dyn Error + Send + Sync + 'static>),
+}
+
+internal_error!(
+    AuthControllerError: milli::heed::Error,
+    std::io::Error,
+    serde_json::Error,
+    std::str::Utf8Error
+);
+
+impl ErrorCode for AuthControllerError {
+    fn error_code(&self) -> Code {
+        match self {
+            Self::MissingParameter(_) => Code::MissingParameter,
+            Self::InvalidApiKeyActions(_) => Code::InvalidApiKeyActions,
+            Self::InvalidApiKeyIndexes(_) => Code::InvalidApiKeyIndexes,
+            Self::InvalidApiKeyExpiresAt(_) => Code::InvalidApiKeyExpiresAt,
+            Self::InvalidApiKeyDescription(_) => Code::InvalidApiKeyDescription,
+            Self::InvalidApiKeyName(_) => Code::InvalidApiKeyName,
+            Self::ApiKeyNotFound(_) => Code::ApiKeyNotFound,
+            Self::InvalidApiKeyUid(_) => Code::InvalidApiKeyUid,
+            Self::ApiKeyAlreadyExists(_) => Code::ApiKeyAlreadyExists,
+            Self::ImmutableField(_) => Code::ImmutableField,
+            Self::Internal(_) => Code::Internal,
+        }
+    }
+}
--- a/meilisearch-auth/src/key.rs
+++ b/meilisearch-auth/src/key.rs
@ -0,0 +1,201 @@
+use crate::action::Action;
+use crate::error::{AuthControllerError, Result};
+use crate::store::KeyId;
+
+use meilisearch_types::index_uid::IndexUid;
+use meilisearch_types::star_or::StarOr;
+use serde::{Deserialize, Serialize};
+use serde_json::{from_value, Value};
+use time::format_description::well_known::Rfc3339;
+use time::macros::{format_description, time};
+use time::{Date, OffsetDateTime, PrimitiveDateTime};
+use uuid::Uuid;
+
+#[derive(Debug, Deserialize, Serialize)]
+pub struct Key {
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub description: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub name: Option<String>,
+    pub uid: KeyId,
+    pub actions: Vec<Action>,
+    pub indexes: Vec<StarOr<IndexUid>>,
+    #[serde(with = "time::serde::rfc3339::option")]
+    pub expires_at: Option<OffsetDateTime>,
+    #[serde(with = "time::serde::rfc3339")]
+    pub created_at: OffsetDateTime,
+    #[serde(with = "time::serde::rfc3339")]
+    pub updated_at: OffsetDateTime,
+}
+
+impl Key {
+    pub fn create_from_value(value: Value) -> Result<Self> {
+        let name = match value.get("name") {
+            None | Some(Value::Null) => None,
+            Some(des) => from_value(des.clone())
+                .map(Some)
+                .map_err(|_| AuthControllerError::InvalidApiKeyName(des.clone()))?,
+        };
+
+        let description = match value.get("description") {
+            None | Some(Value::Null) => None,
+            Some(des) => from_value(des.clone())
+                .map(Some)
+                .map_err(|_| AuthControllerError::InvalidApiKeyDescription(des.clone()))?,
+        };
+
+        let uid = value.get("uid").map_or_else(
+            || Ok(Uuid::new_v4()),
+            |uid| {
+                from_value(uid.clone())
+                    .map_err(|_| AuthControllerError::InvalidApiKeyUid(uid.clone()))
+            },
+        )?;
+
+        let actions = value
+            .get("actions")
+            .map(|act| {
+                from_value(act.clone())
+                    .map_err(|_| AuthControllerError::InvalidApiKeyActions(act.clone()))
+            })
+            .ok_or(AuthControllerError::MissingParameter("actions"))??;
+
+        let indexes = value
+            .get("indexes")
+            .map(|ind| {
+                from_value(ind.clone())
+                    .map_err(|_| AuthControllerError::InvalidApiKeyIndexes(ind.clone()))
+            })
+            .ok_or(AuthControllerError::MissingParameter("indexes"))??;
+
+        let expires_at = value
+            .get("expiresAt")
+            .map(parse_expiration_date)
+            .ok_or(AuthControllerError::MissingParameter("expiresAt"))??;
+
+        let created_at = OffsetDateTime::now_utc();
+        let updated_at = created_at;
+
+        Ok(Self {
+            name,
+            description,
+            uid,
+            actions,
+            indexes,
+            expires_at,
+            created_at,
+            updated_at,
+        })
+    }
+
+    pub fn update_from_value(&mut self, value: Value) -> Result<()> {
+        if let Some(des) = value.get("description") {
+            let des = from_value(des.clone())
+                .map_err(|_| AuthControllerError::InvalidApiKeyDescription(des.clone()));
+            self.description = des?;
+        }
+
+        if let Some(des) = value.get("name") {
+            let des = from_value(des.clone())
+                .map_err(|_| AuthControllerError::InvalidApiKeyName(des.clone()));
+            self.name = des?;
+        }
+
+        if value.get("uid").is_some() {
+            return Err(AuthControllerError::ImmutableField("uid".to_string()));
+        }
+
+        if value.get("actions").is_some() {
+            return Err(AuthControllerError::ImmutableField("actions".to_string()));
+        }
+
+        if value.get("indexes").is_some() {
+            return Err(AuthControllerError::ImmutableField("indexes".to_string()));
+        }
+
+        if value.get("expiresAt").is_some() {
+            return Err(AuthControllerError::ImmutableField("expiresAt".to_string()));
+        }
+
+        if value.get("createdAt").is_some() {
+            return Err(AuthControllerError::ImmutableField("createdAt".to_string()));
+        }
+
+        if value.get("updatedAt").is_some() {
+            return Err(AuthControllerError::ImmutableField("updatedAt".to_string()));
+        }
+
+        self.updated_at = OffsetDateTime::now_utc();
+
+        Ok(())
+    }
+
+    pub(crate) fn default_admin() -> Self {
+        let now = OffsetDateTime::now_utc();
+        let uid = Uuid::new_v4();
+        Self {
+            name: Some("Default Admin API Key".to_string()),
+            description: Some("Use it for anything that is not a search operation. Caution! Do not expose it on a public frontend".to_string()),
+            uid,
+            actions: vec![Action::All],
+            indexes: vec![StarOr::Star],
+            expires_at: None,
+            created_at: now,
+            updated_at: now,
+        }
+    }
+
+    pub(crate) fn default_search() -> Self {
+        let now = OffsetDateTime::now_utc();
+        let uid = Uuid::new_v4();
+        Self {
+            name: Some("Default Search API Key".to_string()),
+            description: Some("Use it to search from the frontend".to_string()),
+            uid,
+            actions: vec![Action::Search],
+            indexes: vec![StarOr::Star],
+            expires_at: None,
+            created_at: now,
+            updated_at: now,
+        }
+    }
+}
+
+fn parse_expiration_date(value: &Value) -> Result<Option<OffsetDateTime>> {
+    match value {
+        Value::String(string) => OffsetDateTime::parse(string, &Rfc3339)
+            .or_else(|_| {
+                PrimitiveDateTime::parse(
+                    string,
+                    format_description!(
+                        "[year repr:full base:calendar]-[month repr:numerical]-[day]T[hour]:[minute]:[second]"
+                    ),
+                ).map(|datetime| datetime.assume_utc())
+            })
+            .or_else(|_| {
+                PrimitiveDateTime::parse(
+                    string,
+                    format_description!(
+                        "[year repr:full base:calendar]-[month repr:numerical]-[day] [hour]:[minute]:[second]"
+                    ),
+                ).map(|datetime| datetime.assume_utc())
+            })
+            .or_else(|_| {
+                    Date::parse(string, format_description!(
+                        "[year repr:full base:calendar]-[month repr:numerical]-[day]"
+                    )).map(|date| PrimitiveDateTime::new(date, time!(00:00)).assume_utc())
+            })
+            .map_err(|_| AuthControllerError::InvalidApiKeyExpiresAt(value.clone()))
+            // check if the key is already expired.
+            .and_then(|d| {
+                if d > OffsetDateTime::now_utc() {
+                    Ok(d)
+                } else {
+                    Err(AuthControllerError::InvalidApiKeyExpiresAt(value.clone()))
+                }
+            })
+            .map(Option::Some),
+        Value::Null => Ok(None),
+        _otherwise => Err(AuthControllerError::InvalidApiKeyExpiresAt(value.clone())),
+    }
+}
--- a/meilisearch-auth/src/lib.rs
+++ b/meilisearch-auth/src/lib.rs
@ -0,0 +1,255 @@
+mod action;
+mod dump;
+pub mod error;
+mod key;
+mod store;
+
+use std::collections::{HashMap, HashSet};
+use std::ops::Deref;
+use std::path::Path;
+use std::sync::Arc;
+
+use serde::{Deserialize, Serialize};
+use serde_json::Value;
+use time::OffsetDateTime;
+use uuid::Uuid;
+
+pub use action::{actions, Action};
+use error::{AuthControllerError, Result};
+pub use key::Key;
+use meilisearch_types::star_or::StarOr;
+use store::generate_key_as_hexa;
+pub use store::open_auth_store_env;
+use store::HeedAuthStore;
+
+#[derive(Clone)]
+pub struct AuthController {
+    store: Arc<HeedAuthStore>,
+    master_key: Option<String>,
+}
+
+impl AuthController {
+    pub fn new(db_path: impl AsRef<Path>, master_key: &Option<String>) -> Result<Self> {
+        let store = HeedAuthStore::new(db_path)?;
+
+        if store.is_empty()? {
+            generate_default_keys(&store)?;
+        }
+
+        Ok(Self {
+            store: Arc::new(store),
+            master_key: master_key.clone(),
+        })
+    }
+
+    pub fn create_key(&self, value: Value) -> Result<Key> {
+        let key = Key::create_from_value(value)?;
+        match self.store.get_api_key(key.uid)? {
+            Some(_) => Err(AuthControllerError::ApiKeyAlreadyExists(
+                key.uid.to_string(),
+            )),
+            None => self.store.put_api_key(key),
+        }
+    }
+
+    pub fn update_key(&self, uid: Uuid, value: Value) -> Result<Key> {
+        let mut key = self.get_key(uid)?;
+        key.update_from_value(value)?;
+        self.store.put_api_key(key)
+    }
+
+    pub fn get_key(&self, uid: Uuid) -> Result<Key> {
+        self.store
+            .get_api_key(uid)?
+            .ok_or_else(|| AuthControllerError::ApiKeyNotFound(uid.to_string()))
+    }
+
+    pub fn get_optional_uid_from_encoded_key(&self, encoded_key: &[u8]) -> Result<Option<Uuid>> {
+        match &self.master_key {
+            Some(master_key) => self
+                .store
+                .get_uid_from_encoded_key(encoded_key, master_key.as_bytes()),
+            None => Ok(None),
+        }
+    }
+
+    pub fn get_uid_from_encoded_key(&self, encoded_key: &str) -> Result<Uuid> {
+        self.get_optional_uid_from_encoded_key(encoded_key.as_bytes())?
+            .ok_or_else(|| AuthControllerError::ApiKeyNotFound(encoded_key.to_string()))
+    }
+
+    pub fn get_key_filters(
+        &self,
+        uid: Uuid,
+        search_rules: Option<SearchRules>,
+    ) -> Result<AuthFilter> {
+        let mut filters = AuthFilter::default();
+        let key = self
+            .store
+            .get_api_key(uid)?
+            .ok_or_else(|| AuthControllerError::ApiKeyNotFound(uid.to_string()))?;
+
+        if !key.indexes.iter().any(|i| i == &StarOr::Star) {
+            filters.search_rules = match search_rules {
+                // Intersect search_rules with parent key authorized indexes.
+                Some(search_rules) => SearchRules::Map(
+                    key.indexes
+                        .into_iter()
+                        .filter_map(|index| {
+                            search_rules.get_index_search_rules(index.deref()).map(
+                                |index_search_rules| {
+                                    (String::from(index), Some(index_search_rules))
+                                },
+                            )
+                        })
+                        .collect(),
+                ),
+                None => SearchRules::Set(key.indexes.into_iter().map(String::from).collect()),
+            };
+        } else if let Some(search_rules) = search_rules {
+            filters.search_rules = search_rules;
+        }
+
+        filters.allow_index_creation = self.is_key_authorized(uid, Action::IndexesAdd, None)?;
+
+        Ok(filters)
+    }
+
+    pub fn list_keys(&self) -> Result<Vec<Key>> {
+        self.store.list_api_keys()
+    }
+
+    pub fn delete_key(&self, uid: Uuid) -> Result<()> {
+        if self.store.delete_api_key(uid)? {
+            Ok(())
+        } else {
+            Err(AuthControllerError::ApiKeyNotFound(uid.to_string()))
+        }
+    }
+
+    pub fn get_master_key(&self) -> Option<&String> {
+        self.master_key.as_ref()
+    }
+
+    /// Generate a valid key from a key id using the current master key.
+    /// Returns None if no master key has been set.
+    pub fn generate_key(&self, uid: Uuid) -> Option<String> {
+        self.master_key
+            .as_ref()
+            .map(|master_key| generate_key_as_hexa(uid, master_key.as_bytes()))
+    }
+
+    /// Check if the provided key is authorized to make a specific action
+    /// without checking if the key is valid.
+    pub fn is_key_authorized(
+        &self,
+        uid: Uuid,
+        action: Action,
+        index: Option<&str>,
+    ) -> Result<bool> {
+        match self
+            .store
+            // check if the key has access to all indexes.
+            .get_expiration_date(uid, action, None)?
+            .or(match index {
+                // else check if the key has access to the requested index.
+                Some(index) => {
+                    self.store
+                        .get_expiration_date(uid, action, Some(index.as_bytes()))?
+                }
+                // or to any index if no index has been requested.
+                None => self.store.prefix_first_expiration_date(uid, action)?,
+            }) {
+            // check expiration date.
+            Some(Some(exp)) => Ok(OffsetDateTime::now_utc() < exp),
+            // no expiration date.
+            Some(None) => Ok(true),
+            // action or index forbidden.
+            None => Ok(false),
+        }
+    }
+}
+
+pub struct AuthFilter {
+    pub search_rules: SearchRules,
+    pub allow_index_creation: bool,
+}
+
+impl Default for AuthFilter {
+    fn default() -> Self {
+        Self {
+            search_rules: SearchRules::default(),
+            allow_index_creation: true,
+        }
+    }
+}
+
+/// Transparent wrapper around a list of allowed indexes with the search rules to apply for each.
+#[derive(Debug, Serialize, Deserialize, Clone)]
+#[serde(untagged)]
+pub enum SearchRules {
+    Set(HashSet<String>),
+    Map(HashMap<String, Option<IndexSearchRules>>),
+}
+
+impl Default for SearchRules {
+    fn default() -> Self {
+        Self::Set(Some("*".to_string()).into_iter().collect())
+    }
+}
+
+impl SearchRules {
+    pub fn is_index_authorized(&self, index: &str) -> bool {
+        match self {
+            Self::Set(set) => set.contains("*") || set.contains(index),
+            Self::Map(map) => map.contains_key("*") || map.contains_key(index),
+        }
+    }
+
+    pub fn get_index_search_rules(&self, index: &str) -> Option<IndexSearchRules> {
+        match self {
+            Self::Set(set) => {
+                if set.contains("*") || set.contains(index) {
+                    Some(IndexSearchRules::default())
+                } else {
+                    None
+                }
+            }
+            Self::Map(map) => map
+                .get(index)
+                .or_else(|| map.get("*"))
+                .map(|isr| isr.clone().unwrap_or_default()),
+        }
+    }
+}
+
+impl IntoIterator for SearchRules {
+    type Item = (String, IndexSearchRules);
+    type IntoIter = Box<dyn Iterator<Item = Self::Item>>;
+
+    fn into_iter(self) -> Self::IntoIter {
+        match self {
+            Self::Set(array) => {
+                Box::new(array.into_iter().map(|i| (i, IndexSearchRules::default())))
+            }
+            Self::Map(map) => {
+                Box::new(map.into_iter().map(|(i, isr)| (i, isr.unwrap_or_default())))
+            }
+        }
+    }
+}
+
+/// Contains the rules to apply on the top of the search query for a specific index.
+///
+/// filter: search filter to apply in addition to query filters.
+#[derive(Debug, Serialize, Deserialize, Default, Clone)]
+pub struct IndexSearchRules {
+    pub filter: Option<serde_json::Value>,
+}
+
+fn generate_default_keys(store: &HeedAuthStore) -> Result<()> {
+    store.put_api_key(Key::default_admin())?;
+    store.put_api_key(Key::default_search())?;
+
+    Ok(())
+}
--- a/meilisearch-auth/src/store.rs
+++ b/meilisearch-auth/src/store.rs
@ -0,0 +1,322 @@
+use std::borrow::Cow;
+use std::cmp::Reverse;
+use std::collections::HashSet;
+use std::convert::TryFrom;
+use std::convert::TryInto;
+use std::fs::create_dir_all;
+use std::ops::Deref;
+use std::path::Path;
+use std::str;
+use std::sync::Arc;
+
+use enum_iterator::IntoEnumIterator;
+use hmac::{Hmac, Mac};
+use meilisearch_types::star_or::StarOr;
+use milli::heed::types::{ByteSlice, DecodeIgnore, SerdeJson};
+use milli::heed::{Database, Env, EnvOpenOptions, RwTxn};
+use sha2::Sha256;
+use time::OffsetDateTime;
+use uuid::fmt::Hyphenated;
+use uuid::Uuid;
+
+use super::error::Result;
+use super::{Action, Key};
+
+const AUTH_STORE_SIZE: usize = 1_073_741_824; //1GiB
+const AUTH_DB_PATH: &str = "auth";
+const KEY_DB_NAME: &str = "api-keys";
+const KEY_ID_ACTION_INDEX_EXPIRATION_DB_NAME: &str = "keyid-action-index-expiration";
+
+pub type KeyId = Uuid;
+
+#[derive(Clone)]
+pub struct HeedAuthStore {
+    env: Arc<Env>,
+    keys: Database<ByteSlice, SerdeJson<Key>>,
+    action_keyid_index_expiration: Database<KeyIdActionCodec, SerdeJson<Option<OffsetDateTime>>>,
+    should_close_on_drop: bool,
+}
+
+impl Drop for HeedAuthStore {
+    fn drop(&mut self) {
+        if self.should_close_on_drop && Arc::strong_count(&self.env) == 1 {
+            self.env.as_ref().clone().prepare_for_closing();
+        }
+    }
+}
+
+pub fn open_auth_store_env(path: &Path) -> milli::heed::Result<milli::heed::Env> {
+    let mut options = EnvOpenOptions::new();
+    options.map_size(AUTH_STORE_SIZE); // 1GB
+    options.max_dbs(2);
+    options.open(path)
+}
+
+impl HeedAuthStore {
+    pub fn new(path: impl AsRef<Path>) -> Result<Self> {
+        let path = path.as_ref().join(AUTH_DB_PATH);
+        create_dir_all(&path)?;
+        let env = Arc::new(open_auth_store_env(path.as_ref())?);
+        let keys = env.create_database(Some(KEY_DB_NAME))?;
+        let action_keyid_index_expiration =
+            env.create_database(Some(KEY_ID_ACTION_INDEX_EXPIRATION_DB_NAME))?;
+        Ok(Self {
+            env,
+            keys,
+            action_keyid_index_expiration,
+            should_close_on_drop: true,
+        })
+    }
+
+    pub fn set_drop_on_close(&mut self, v: bool) {
+        self.should_close_on_drop = v;
+    }
+
+    pub fn is_empty(&self) -> Result<bool> {
+        let rtxn = self.env.read_txn()?;
+
+        Ok(self.keys.len(&rtxn)? == 0)
+    }
+
+    pub fn put_api_key(&self, key: Key) -> Result<Key> {
+        let uid = key.uid;
+        let mut wtxn = self.env.write_txn()?;
+
+        self.keys.put(&mut wtxn, uid.as_bytes(), &key)?;
+
+        // delete key from inverted database before refilling it.
+        self.delete_key_from_inverted_db(&mut wtxn, &uid)?;
+        // create inverted database.
+        let db = self.action_keyid_index_expiration;
+
+        let mut actions = HashSet::new();
+        for action in &key.actions {
+            match action {
+                Action::All => actions.extend(Action::into_enum_iter()),
+                Action::DocumentsAll => {
+                    actions.extend(
+                        [
+                            Action::DocumentsGet,
+                            Action::DocumentsDelete,
+                            Action::DocumentsAdd,
+                        ]
+                        .iter(),
+                    );
+                }
+                Action::IndexesAll => {
+                    actions.extend(
+                        [
+                            Action::IndexesAdd,
+                            Action::IndexesDelete,
+                            Action::IndexesGet,
+                            Action::IndexesUpdate,
+                        ]
+                        .iter(),
+                    );
+                }
+                Action::SettingsAll => {
+                    actions.extend([Action::SettingsGet, Action::SettingsUpdate].iter());
+                }
+                Action::DumpsAll => {
+                    actions.insert(Action::DumpsCreate);
+                }
+                Action::TasksAll => {
+                    actions.insert(Action::TasksGet);
+                }
+                Action::StatsAll => {
+                    actions.insert(Action::StatsGet);
+                }
+                Action::MetricsAll => {
+                    actions.insert(Action::MetricsGet);
+                }
+                other => {
+                    actions.insert(*other);
+                }
+            }
+        }
+
+        let no_index_restriction = key.indexes.contains(&StarOr::Star);
+        for action in actions {
+            if no_index_restriction {
+                // If there is no index restriction we put None.
+                db.put(&mut wtxn, &(&uid, &action, None), &key.expires_at)?;
+            } else {
+                // else we create a key for each index.
+                for index in key.indexes.iter() {
+                    db.put(
+                        &mut wtxn,
+                        &(&uid, &action, Some(index.deref().as_bytes())),
+                        &key.expires_at,
+                    )?;
+                }
+            }
+        }
+
+        wtxn.commit()?;
+
+        Ok(key)
+    }
+
+    pub fn get_api_key(&self, uid: Uuid) -> Result<Option<Key>> {
+        let rtxn = self.env.read_txn()?;
+        self.keys.get(&rtxn, uid.as_bytes()).map_err(|e| e.into())
+    }
+
+    pub fn get_uid_from_encoded_key(
+        &self,
+        encoded_key: &[u8],
+        master_key: &[u8],
+    ) -> Result<Option<Uuid>> {
+        let rtxn = self.env.read_txn()?;
+        let uid = self
+            .keys
+            .remap_data_type::<DecodeIgnore>()
+            .iter(&rtxn)?
+            .filter_map(|res| match res {
+                Ok((uid, _)) => {
+                    let (uid, _) = try_split_array_at(uid)?;
+                    let uid = Uuid::from_bytes(*uid);
+                    if generate_key_as_hexa(uid, master_key).as_bytes() == encoded_key {
+                        Some(uid)
+                    } else {
+                        None
+                    }
+                }
+                Err(_) => None,
+            })
+            .next();
+
+        Ok(uid)
+    }
+
+    pub fn delete_api_key(&self, uid: Uuid) -> Result<bool> {
+        let mut wtxn = self.env.write_txn()?;
+        let existing = self.keys.delete(&mut wtxn, uid.as_bytes())?;
+        self.delete_key_from_inverted_db(&mut wtxn, &uid)?;
+        wtxn.commit()?;
+
+        Ok(existing)
+    }
+
+    pub fn list_api_keys(&self) -> Result<Vec<Key>> {
+        let mut list = Vec::new();
+        let rtxn = self.env.read_txn()?;
+        for result in self.keys.remap_key_type::<DecodeIgnore>().iter(&rtxn)? {
+            let (_, content) = result?;
+            list.push(content);
+        }
+        list.sort_unstable_by_key(|k| Reverse(k.created_at));
+        Ok(list)
+    }
+
+    pub fn get_expiration_date(
+        &self,
+        uid: Uuid,
+        action: Action,
+        index: Option<&[u8]>,
+    ) -> Result<Option<Option<OffsetDateTime>>> {
+        let rtxn = self.env.read_txn()?;
+        let tuple = (&uid, &action, index);
+        Ok(self.action_keyid_index_expiration.get(&rtxn, &tuple)?)
+    }
+
+    pub fn prefix_first_expiration_date(
+        &self,
+        uid: Uuid,
+        action: Action,
+    ) -> Result<Option<Option<OffsetDateTime>>> {
+        let rtxn = self.env.read_txn()?;
+        let tuple = (&uid, &action, None);
+        let exp = self
+            .action_keyid_index_expiration
+            .prefix_iter(&rtxn, &tuple)?
+            .next()
+            .transpose()?
+            .map(|(_, expiration)| expiration);
+
+        Ok(exp)
+    }
+
+    fn delete_key_from_inverted_db(&self, wtxn: &mut RwTxn, key: &KeyId) -> Result<()> {
+        let mut iter = self
+            .action_keyid_index_expiration
+            .remap_types::<ByteSlice, DecodeIgnore>()
+            .prefix_iter_mut(wtxn, key.as_bytes())?;
+        while iter.next().transpose()?.is_some() {
+            // safety: we don't keep references from inside the LMDB database.
+            unsafe { iter.del_current()? };
+        }
+
+        Ok(())
+    }
+}
+
+/// Codec allowing to retrieve the expiration date of an action,
+/// optionally on a specific index, for a given key.
+pub struct KeyIdActionCodec;
+
+impl<'a> milli::heed::BytesDecode<'a> for KeyIdActionCodec {
+    type DItem = (KeyId, Action, Option<&'a [u8]>);
+
+    fn bytes_decode(bytes: &'a [u8]) -> Option<Self::DItem> {
+        let (key_id_bytes, action_bytes) = try_split_array_at(bytes)?;
+        let (action_bytes, index) = match try_split_array_at(action_bytes)? {
+            (action, []) => (action, None),
+            (action, index) => (action, Some(index)),
+        };
+        let key_id = Uuid::from_bytes(*key_id_bytes);
+        let action = Action::from_repr(u8::from_be_bytes(*action_bytes))?;
+
+        Some((key_id, action, index))
+    }
+}
+
+impl<'a> milli::heed::BytesEncode<'a> for KeyIdActionCodec {
+    type EItem = (&'a KeyId, &'a Action, Option<&'a [u8]>);
+
+    fn bytes_encode((key_id, action, index): &Self::EItem) -> Option<Cow<[u8]>> {
+        let mut bytes = Vec::new();
+
+        bytes.extend_from_slice(key_id.as_bytes());
+        let action_bytes = u8::to_be_bytes(action.repr());
+        bytes.extend_from_slice(&action_bytes);
+        if let Some(index) = index {
+            bytes.extend_from_slice(index);
+        }
+
+        Some(Cow::Owned(bytes))
+    }
+}
+
+pub fn generate_key_as_hexa(uid: Uuid, master_key: &[u8]) -> String {
+    // format uid as hyphenated allowing user to generate their own keys.
+    let mut uid_buffer = [0; Hyphenated::LENGTH];
+    let uid = uid.hyphenated().encode_lower(&mut uid_buffer);
+
+    // new_from_slice function never fail.
+    let mut mac = Hmac::<Sha256>::new_from_slice(master_key).unwrap();
+    mac.update(uid.as_bytes());
+
+    let result = mac.finalize();
+    format!("{:x}", result.into_bytes())
+}
+
+/// Divides one slice into two at an index, returns `None` if mid is out of bounds.
+pub fn try_split_at<T>(slice: &[T], mid: usize) -> Option<(&[T], &[T])> {
+    if mid <= slice.len() {
+        Some(slice.split_at(mid))
+    } else {
+        None
+    }
+}
+
+/// Divides one slice into an array and the tail at an index,
+/// returns `None` if `N` is out of bounds.
+pub fn try_split_array_at<T, const N: usize>(slice: &[T]) -> Option<(&[T; N], &[T])>
+where
+    [T; N]: for<'a> TryFrom<&'a [T]>,
+{
+    let (head, tail) = try_split_at(slice, N)?;
+    let head = head.try_into().ok()?;
+    Some((head, tail))
+}
--- a/meilisearch-error/Cargo.toml
+++ b/meilisearch-error/Cargo.toml
@ -1,9 +0,0 @@
-[package]
-name = "meilisearch-error"
-version = "0.24.0"
-authors = ["marin <postma.marin@protonmail.com>"]
-edition = "2018"
-
-[dependencies]
-actix-http = "=3.0.0-beta.10"
-serde = { version = "1.0.130", features = ["derive"] }
--- a/meilisearch-http/Cargo.toml
+++ b/meilisearch-http/Cargo.toml
@ -1,88 +1,101 @@
 [package]
 authors = ["Quentin de Quelen <quentin@dequelen.me>", "Clément Renault <clement@meilisearch.com>"]
-description = "MeiliSearch HTTP server"
-edition = "2018"
+description = "Meilisearch HTTP server"
+edition = "2021"
 license = "MIT"
 name = "meilisearch-http"
-version = "0.24.0"
+version = "0.29.3"

 [[bin]]
 name = "meilisearch"
 path = "src/main.rs"

 [build-dependencies]
-actix-web-static-files = { git = "https://github.com/MarinPostma/actix-web-static-files.git", rev = "39d8006", optional = true }
-anyhow = { version = "1.0.43", optional = true }
-cargo_toml = { version = "0.9", optional = true }
+anyhow = { version = "1.0.62", optional = true }
+cargo_toml = { version = "0.11.4", optional = true }
 hex = { version = "0.4.3", optional = true }
-reqwest = { version = "0.11.4", features = ["blocking", "rustls-tls"], default-features = false, optional = true }
-sha-1 = { version = "0.9.8", optional = true }
-tempfile = { version = "3.2.0", optional = true }
-vergen = { version = "5.1.15", default-features = false, features = ["git"] }
+reqwest = { version = "0.11.9", features = ["blocking", "rustls-tls"], default-features = false, optional = true }
+sha-1 = { version = "0.10.0", optional = true }
+static-files = { version = "0.2.3", optional = true }
+tempfile = { version = "3.3.0", optional = true }
+vergen = { version = "7.0.0", default-features = false, features = ["git"] }
 zip = { version = "0.5.13", optional = true }

 [dependencies]
-actix-cors = { git = "https://github.com/MarinPostma/actix-extras.git", rev = "963ac94d" }
-actix-web = { version = "4.0.0-beta.9", features = ["rustls"] }
-actix-web-static-files = { git = "https://github.com/MarinPostma/actix-web-static-files.git", rev = "39d8006", optional = true }
-anyhow = { version = "1.0.43", features = ["backtrace"] }
-async-stream = "0.3.2"
-async-trait = "0.1.51"
-arc-swap = "1.3.2"
-byte-unit = { version = "4.0.12", default-features = false, features = ["std"] }
+actix-cors = "0.6.1"
+actix-web = { version = "4.0.1", default-features = false, features = ["macros", "compress-brotli", "compress-gzip", "cookies", "rustls"] }
+actix-web-static-files = { git = "https://github.com/kilork/actix-web-static-files.git", rev = "2d3b6160", optional = true }
+anyhow = { version = "1.0.62", features = ["backtrace"] }
+async-stream = "0.3.3"
+async-trait = "0.1.52"
+bstr = "0.2.17"
+byte-unit = { version = "4.0.14", default-features = false, features = ["std", "serde"] }
 bytes = "1.1.0"
-chrono = { version = "0.4.19", features = ["serde"] }
-crossbeam-channel = "0.5.1"
+clap = { version = "3.1.6", features = ["derive", "env"] }
+crossbeam-channel = "0.5.2"
 either = "1.6.1"
 env_logger = "0.9.0"
-flate2 = "1.0.21"
+flate2 = "1.0.22"
 fst = "0.4.7"
-futures = "0.3.17"
-futures-util = "0.3.17"
-heed = { git = "https://github.com/Kerollmops/heed", tag = "v0.12.1" }
-http = "0.2.4"
-indexmap = { version = "1.7.0", features = ["serde-1"] }
-itertools = "0.10.1"
+futures = "0.3.21"
+futures-util = "0.3.21"
+http = "0.2.6"
+indexmap = { version = "1.8.0", features = ["serde-1"] }
+itertools = "0.10.3"
+jsonwebtoken = "8.0.1"
 log = "0.4.14"
+meilisearch-auth = { path = "../meilisearch-auth" }
+meilisearch-types = { path = "../meilisearch-types" }
 meilisearch-lib = { path = "../meilisearch-lib" }
-meilisearch-error = { path = "../meilisearch-error" }
-meilisearch-tokenizer = { git = "https://github.com/meilisearch/tokenizer.git", tag = "v0.2.5" }
+mimalloc = { version = "0.1.29", default-features = false }
 mime = "0.3.16"
-num_cpus = "1.13.0"
-once_cell = "1.8.0"
-parking_lot = "0.11.2"
-platform-dirs = "0.3.0"
-rand = "0.8.4"
-rayon = "1.5.1"
-regex = "1.5.4"
-rustls = "0.19.1"
-segment = { version = "0.1.2", optional = true }
-serde = { version = "1.0.130", features = ["derive"] }
-serde_json = { version = "1.0.67", features = ["preserve_order"] }
-sha2 = "0.9.6"
-siphasher = "0.3.7"
-slice-group-by = "0.2.6"
-structopt = "0.3.23"
-tar = "0.4.37"
-tempfile = "3.2.0"
-thiserror = "1.0.28"
-tokio = { version = "1.11.0", features = ["full"] }
-uuid = { version = "0.8.2", features = ["serde"] }
-walkdir = "2.3.2"
+num_cpus = "1.13.1"
 obkv = "0.2.0"
-pin-project = "1.0.8"
-sysinfo = "0.20.2"
-tokio-stream = "0.1.7"
+once_cell = "1.10.0"
+parking_lot = "0.12.0"
+pin-project-lite = "0.2.8"
+platform-dirs = "0.3.0"
+rand = "0.8.5"
+rayon = "1.5.1"
+regex = "1.5.5"
+reqwest = { version = "0.11.4", features = ["rustls-tls", "json"], default-features = false }
+rustls = "0.20.4"
+rustls-pemfile = "0.3.0"
+segment = { version = "0.2.0", optional = true }
+serde = { version = "1.0.136", features = ["derive"] }
+serde-cs = "0.2.3"
+serde_json = { version = "1.0.85", features = ["preserve_order"] }
+sha2 = "0.10.2"
+siphasher = "0.3.10"
+slice-group-by = "0.3.0"
+static-files = { version = "0.2.3", optional = true }
+sysinfo = "0.23.5"
+tar = "0.4.38"
+tempfile = "3.3.0"
+thiserror = "1.0.30"
+time = { version = "0.3.7", features = ["serde-well-known", "formatting", "parsing", "macros"] }
+tokio = { version = "1.17.0", features = ["full"] }
+tokio-stream = "0.1.8"
+uuid = { version = "1.1.2", features = ["serde", "v4"] }
+walkdir = "2.3.2"
+prometheus = { version = "0.13.0", features = ["process"], optional = true }
+lazy_static = "1.4.0"

 [dev-dependencies]
-actix-rt = "2.2.0"
-paste = "1.0.5"
-serde_url_params = "0.2.1"
+actix-rt = "2.7.0"
+assert-json-diff = "2.0.1"
+manifest-dir-macros = "0.1.14"
+maplit = "1.0.2"
 urlencoding = "2.1.0"
+yaup = "0.2.0"

 [features]
+default = ["analytics", "mini-dashboard"]
+metrics = ["prometheus"]
+analytics = ["segment"]
 mini-dashboard = [
    "actix-web-static-files",
+    "static-files",
    "anyhow",
    "cargo_toml",
    "hex",
@ -91,12 +104,7 @@ mini-dashboard = [
    "tempfile",
    "zip",
 ]
-analytics = ["segment"]
-default = ["analytics", "mini-dashboard"]
-
-[target.'cfg(target_os = "linux")'.dependencies]
-tikv-jemallocator = "0.4.1"

 [package.metadata.mini-dashboard]
-assets-url = "https://github.com/meilisearch/mini-dashboard/releases/download/v0.1.4/build.zip"
-sha1 = "750e8a8e56cfa61fbf9ead14b08a5f17ad3f3d37"
+assets-url = "https://github.com/meilisearch/mini-dashboard/releases/download/v0.2.2/build.zip"
+sha1 = "c69feffc6b590e38a46981a85c47f48905d4082a"
--- a/meilisearch-http/build.rs
+++ b/meilisearch-http/build.rs
@ -16,11 +16,11 @@ mod mini_dashboard {
    use std::io::{Cursor, Read, Write};
    use std::path::PathBuf;

-    use actix_web_static_files::resource_dir;
    use anyhow::Context;
    use cargo_toml::Manifest;
    use reqwest::blocking::get;
    use sha1::{Digest, Sha1};
+    use static_files::resource_dir;

    pub fn setup_mini_dashboard() -> anyhow::Result<()> {
        let cargo_manifest_dir = PathBuf::from(env::var("CARGO_MANIFEST_DIR").unwrap());
--- a/meilisearch-http/src/analytics/mock_analytics.rs
+++ b/meilisearch-http/src/analytics/mock_analytics.rs
@ -18,7 +18,7 @@ impl SearchAggregator {
        Self::default()
    }

-    pub fn finish(&mut self, _: &dyn Any) {}
+    pub fn succeed(&mut self, _: &dyn Any) {}
 }

 impl MockAnalytics {
--- a/meilisearch-http/src/analytics/mod.rs
+++ b/meilisearch-http/src/analytics/mod.rs
@ -29,12 +29,12 @@ pub type SegmentAnalytics = segment_analytics::SegmentAnalytics;
 #[cfg(all(not(debug_assertions), feature = "analytics"))]
 pub type SearchAggregator = segment_analytics::SearchAggregator;

-/// The MeiliSearch config dir:
-/// `~/.config/MeiliSearch` on *NIX or *BSD.
+/// The Meilisearch config dir:
+/// `~/.config/Meilisearch` on *NIX or *BSD.
 /// `~/Library/ApplicationSupport` on macOS.
 /// `%APPDATA` (= `C:\Users%USERNAME%\AppData\Roaming`) on windows.
 static MEILISEARCH_CONFIG_PATH: Lazy<Option<PathBuf>> =
-    Lazy::new(|| AppDirs::new(Some("MeiliSearch"), false).map(|appdir| appdir.config_dir));
+    Lazy::new(|| AppDirs::new(Some("Meilisearch"), false).map(|appdir| appdir.config_dir));

 fn config_user_id_path(db_path: &Path) -> Option<PathBuf> {
    db_path
@ -44,13 +44,13 @@ fn config_user_id_path(db_path: &Path) -> Option<PathBuf> {
            path.join("instance-uid")
                .display()
                .to_string()
-                .replace("/", "-")
+                .replace('/', "-")
        })
        .zip(MEILISEARCH_CONFIG_PATH.as_ref())
        .map(|(filename, config_path)| config_path.join(filename.trim_start_matches('-')))
 }

-/// Look for the instance-uid in the `data.ms` or in `~/.config/MeiliSearch/path-to-db-instance-uid`
+/// Look for the instance-uid in the `data.ms` or in `~/.config/Meilisearch/path-to-db-instance-uid`
 fn find_user_id(db_path: &Path) -> Option<String> {
    fs::read_to_string(db_path.join("instance-uid"))
        .ok()
@ -61,7 +61,7 @@ pub trait Analytics: Sync + Send {
    /// The method used to publish most analytics that do not need to be batched every hours
    fn publish(&self, event_name: String, send: Value, request: Option<&HttpRequest>);

-    /// This method should be called to aggergate a get search
+    /// This method should be called to aggregate a get search
    fn get_search(&self, aggregate: SearchAggregator);

    /// This method should be called to aggregate a post search
--- a/meilisearch-http/src/analytics/segment_analytics.rs
+++ b/meilisearch-http/src/analytics/segment_analytics.rs
@ -1,13 +1,17 @@
-use std::collections::{HashMap, HashSet};
+use std::collections::{BinaryHeap, HashMap, HashSet};
 use std::fs;
-use std::path::Path;
+use std::path::{Path, PathBuf};
 use std::sync::Arc;
 use std::time::{Duration, Instant};

 use actix_web::http::header::USER_AGENT;
 use actix_web::HttpRequest;
 use http::header::CONTENT_TYPE;
-use meilisearch_lib::index::{SearchQuery, SearchResult};
+use meilisearch_auth::SearchRules;
+use meilisearch_lib::index::{
+    SearchQuery, SearchResult, DEFAULT_CROP_LENGTH, DEFAULT_CROP_MARKER,
+    DEFAULT_HIGHLIGHT_POST_TAG, DEFAULT_HIGHLIGHT_PRE_TAG,
+};
 use meilisearch_lib::index_controller::Stats;
 use meilisearch_lib::MeiliSearch;
 use once_cell::sync::Lazy;
@ -16,6 +20,7 @@ use segment::message::{Identify, Track, User};
 use segment::{AutoBatcher, Batcher, HttpClient};
 use serde_json::{json, Value};
 use sysinfo::{DiskExt, System, SystemExt};
+use time::OffsetDateTime;
 use tokio::select;
 use tokio::sync::mpsc::{self, Receiver, Sender};
 use uuid::Uuid;
@ -26,6 +31,8 @@ use crate::Opt;

 use super::{config_user_id_path, MEILISEARCH_CONFIG_PATH};

+const ANALYTICS_HEADER: &str = "X-Meilisearch-Client";
+
 /// Write the instance-uid in the `data.ms` and in `~/.config/MeiliSearch/path-to-db-instance-uid`. Ignore the errors.
 fn write_user_id(db_path: &Path, user_id: &str) {
    let _ = fs::write(db_path.join("instance-uid"), user_id.as_bytes());
@ -38,12 +45,13 @@ fn write_user_id(db_path: &Path, user_id: &str) {
    }
 }

-const SEGMENT_API_KEY: &str = "vHi89WrNDckHSQssyUJqLvIyp2QFITSC";
+const SEGMENT_API_KEY: &str = "P3FWhhEsJiEDCuEHpmcN9DHcK4hVfBvb";

 pub fn extract_user_agents(request: &HttpRequest) -> Vec<String> {
    request
        .headers()
-        .get(USER_AGENT)
+        .get(ANALYTICS_HEADER)
+        .or_else(|| request.headers().get(USER_AGENT))
        .map(|header| header.to_str().ok())
        .flatten()
        .unwrap_or("unknown")
@ -73,9 +81,44 @@ impl SegmentAnalytics {
        let user_id = user_id.unwrap_or_else(|| Uuid::new_v4().to_string());
        write_user_id(&opt.db_path, &user_id);

-        let client = HttpClient::default();
+        let client = reqwest::Client::builder()
+            .connect_timeout(Duration::from_secs(10))
+            .build();
+
+        // if reqwest throws an error we won't be able to send analytics
+        if client.is_err() {
+            return super::MockAnalytics::new(opt);
+        }
+
+        let client = HttpClient::new(
+            client.unwrap(),
+            "https://telemetry.meilisearch.com".to_string(),
+        );
        let user = User::UserId { user_id };
-        let batcher = AutoBatcher::new(client, Batcher::new(None), SEGMENT_API_KEY.to_string());
+        let mut batcher = AutoBatcher::new(client, Batcher::new(None), SEGMENT_API_KEY.to_string());
+
+        // If Meilisearch is Launched for the first time:
+        // 1. Send an event Launched associated to the user `total_launch`.
+        // 2. Batch an event Launched with the real instance-id and send it in one hour.
+        if first_time_run {
+            let _ = batcher
+                .push(Track {
+                    user: User::UserId {
+                        user_id: "total_launch".to_string(),
+                    },
+                    event: "Launched".to_string(),
+                    ..Default::default()
+                })
+                .await;
+            let _ = batcher.flush().await;
+            let _ = batcher
+                .push(Track {
+                    user: user.clone(),
+                    event: "Launched".to_string(),
+                    ..Default::default()
+                })
+                .await;
+        }

        let (sender, inbox) = mpsc::channel(100); // How many analytics can we bufferize

@ -95,10 +138,6 @@ impl SegmentAnalytics {
            sender,
            user: user.clone(),
        };
-        // batch the launched for the first time track event
-        if first_time_run {
-            this.publish("Launched".to_string(), json!({}), None);
-        }

        (Arc::new(this), user.to_string())
    }
@ -106,11 +145,7 @@ impl SegmentAnalytics {

 impl super::Analytics for SegmentAnalytics {
    fn publish(&self, event_name: String, mut send: Value, request: Option<&HttpRequest>) {
-        let user_agent = request
-            .map(|req| req.headers().get(USER_AGENT))
-            .flatten()
-            .map(|header| header.to_str().unwrap_or("unknown"))
-            .map(|s| s.split(';').map(str::trim).collect::<Vec<&str>>());
+        let user_agent = request.map(|req| extract_user_agents(req));

        send["user-agent"] = json!(user_agent);
        let event = Track {
@ -187,14 +222,34 @@ impl Segment {
                    "kernel_version": kernel_version,
                    "cores": sys.processors().len(),
                    "ram_size": sys.total_memory(),
-                    "disk_size": sys.disks().iter().map(|disk| disk.available_space()).max(),
+                    "disk_size": sys.disks().iter().map(|disk| disk.total_space()).max(),
                    "server_provider": std::env::var("MEILI_SERVER_PROVIDER").ok(),
            })
        });
-        let infos = json!({
-            "env": opt.env.clone(),
-            "has_snapshot": opt.schedule_snapshot,
-        });
+        // The infos are all cli option except every option containing sensitive information.
+        // We consider an information as sensible if it contains a path, an address or a key.
+        let infos = {
+            // First we see if any sensitive fields were used.
+            let db_path = opt.db_path != PathBuf::from("./data.ms");
+            let import_dump = opt.import_dump.is_some();
+            let dumps_dir = opt.dumps_dir != PathBuf::from("dumps/");
+            let import_snapshot = opt.import_snapshot.is_some();
+            let snapshots_dir = opt.snapshot_dir != PathBuf::from("snapshots/");
+            let http_addr = opt.http_addr != "127.0.0.1:7700";
+
+            let mut infos = serde_json::to_value(opt).unwrap();
+
+            // Then we overwrite all sensitive field with a boolean representing if
+            // the feature was used or not.
+            infos["db_path"] = json!(db_path);
+            infos["import_dump"] = json!(import_dump);
+            infos["dumps_dir"] = json!(dumps_dir);
+            infos["import_snapshot"] = json!(import_snapshot);
+            infos["snapshot_dir"] = json!(snapshots_dir);
+            infos["http_addr"] = json!(http_addr);
+
+            infos
+        };

        let number_of_documents = stats
            .indexes
@ -216,7 +271,9 @@ impl Segment {

    async fn run(mut self, meilisearch: MeiliSearch) {
        const INTERVAL: Duration = Duration::from_secs(60 * 60); // one hour
-        let mut interval = tokio::time::interval(INTERVAL);
+                                                                 // The first batch must be sent after one hour.
+        let mut interval =
+            tokio::time::interval_at(tokio::time::Instant::now() + INTERVAL, INTERVAL);

        loop {
            select! {
@ -238,7 +295,7 @@ impl Segment {
    }

    async fn tick(&mut self, meilisearch: MeiliSearch) {
-        if let Ok(stats) = meilisearch.get_all_stats().await {
+        if let Ok(stats) = meilisearch.get_all_stats(&SearchRules::default()).await {
            let _ = self
                .batcher
                .push(Identify {
@ -254,9 +311,9 @@ impl Segment {
                .await;
        }
        let get_search = std::mem::take(&mut self.get_search_aggregator)
-            .into_event(&self.user, "Document Searched GET");
+            .into_event(&self.user, "Documents Searched GET");
        let post_search = std::mem::take(&mut self.post_search_aggregator)
-            .into_event(&self.user, "Document Searched POST");
+            .into_event(&self.user, "Documents Searched POST");
        let add_documents = std::mem::take(&mut self.add_documents_aggregator)
            .into_event(&self.user, "Documents Added");
        let update_documents = std::mem::take(&mut self.update_documents_aggregator)
@ -280,13 +337,15 @@ impl Segment {

 #[derive(Default)]
 pub struct SearchAggregator {
+    timestamp: Option<OffsetDateTime>,
+
    // context
    user_agents: HashSet<String>,

    // requests
    total_received: usize,
    total_succeeded: usize,
-    time_spent: Vec<usize>,
+    time_spent: BinaryHeap<usize>,

    // sort
    sort_with_geo_point: bool,
@ -304,19 +363,29 @@ pub struct SearchAggregator {
    used_syntax: HashMap<String, usize>,

    // q
-    // everytime a request has a q field, this field must be incremented by the number of terms
-    sum_of_terms_count: usize,
-    // everytime a request has a q field, this field must be incremented by one
-    total_number_of_q: usize,
+    // The maximum number of terms in a q request
+    max_terms_number: usize,
+
+    // everytime a search is done, we increment the counter linked to the used settings
+    matching_strategy: HashMap<String, usize>,

    // pagination
    max_limit: usize,
    max_offset: usize,
+
+    // formatting
+    highlight_pre_tag: bool,
+    highlight_post_tag: bool,
+    crop_marker: bool,
+    show_matches_position: bool,
+    crop_length: bool,
 }

 impl SearchAggregator {
    pub fn from_query(query: &SearchQuery, request: &HttpRequest) -> Self {
        let mut ret = Self::default();
+        ret.timestamp = Some(OffsetDateTime::now_utc());
+
        ret.total_received = 1;
        ret.user_agents = extract_user_agents(request).into_iter().collect();

@ -354,61 +423,96 @@ impl SearchAggregator {
        }

        if let Some(ref q) = query.q {
-            ret.total_number_of_q = 1;
-            ret.sum_of_terms_count = q.split_whitespace().count();
+            ret.max_terms_number = q.split_whitespace().count();
        }

+        ret.matching_strategy
+            .insert(format!("{:?}", query.matching_strategy), 1);
+
        ret.max_limit = query.limit;
        ret.max_offset = query.offset.unwrap_or_default();

+        ret.highlight_pre_tag = query.highlight_pre_tag != DEFAULT_HIGHLIGHT_PRE_TAG();
+        ret.highlight_post_tag = query.highlight_post_tag != DEFAULT_HIGHLIGHT_POST_TAG();
+        ret.crop_marker = query.crop_marker != DEFAULT_CROP_MARKER();
+        ret.crop_length = query.crop_length != DEFAULT_CROP_LENGTH();
+        ret.show_matches_position = query.show_matches_position;
+
        ret
    }

-    pub fn finish(&mut self, result: &SearchResult) {
-        self.total_succeeded += 1;
+    pub fn succeed(&mut self, result: &SearchResult) {
+        self.total_succeeded = self.total_succeeded.saturating_add(1);
        self.time_spent.push(result.processing_time_ms as usize);
    }

    /// Aggregate one [SearchAggregator] into another.
    pub fn aggregate(&mut self, mut other: Self) {
+        if self.timestamp.is_none() {
+            self.timestamp = other.timestamp;
+        }
+
        // context
        for user_agent in other.user_agents.into_iter() {
            self.user_agents.insert(user_agent);
        }
        // request
-        self.total_received += other.total_received;
-        self.total_succeeded += other.total_succeeded;
+        self.total_received = self.total_received.saturating_add(other.total_received);
+        self.total_succeeded = self.total_succeeded.saturating_add(other.total_succeeded);
        self.time_spent.append(&mut other.time_spent);
        // sort
        self.sort_with_geo_point |= other.sort_with_geo_point;
-        self.sort_sum_of_criteria_terms += other.sort_sum_of_criteria_terms;
-        self.sort_total_number_of_criteria += other.sort_total_number_of_criteria;
+        self.sort_sum_of_criteria_terms = self
+            .sort_sum_of_criteria_terms
+            .saturating_add(other.sort_sum_of_criteria_terms);
+        self.sort_total_number_of_criteria = self
+            .sort_total_number_of_criteria
+            .saturating_add(other.sort_total_number_of_criteria);
        // filter
        self.filter_with_geo_radius |= other.filter_with_geo_radius;
-        self.filter_sum_of_criteria_terms += other.filter_sum_of_criteria_terms;
-        self.filter_total_number_of_criteria += other.filter_total_number_of_criteria;
+        self.filter_sum_of_criteria_terms = self
+            .filter_sum_of_criteria_terms
+            .saturating_add(other.filter_sum_of_criteria_terms);
+        self.filter_total_number_of_criteria = self
+            .filter_total_number_of_criteria
+            .saturating_add(other.filter_total_number_of_criteria);
        for (key, value) in other.used_syntax.into_iter() {
-            *self.used_syntax.entry(key).or_insert(0) += value;
+            let used_syntax = self.used_syntax.entry(key).or_insert(0);
+            *used_syntax = used_syntax.saturating_add(value);
        }
        // q
-        self.sum_of_terms_count += other.sum_of_terms_count;
-        self.total_number_of_q += other.total_number_of_q;
+        self.max_terms_number = self.max_terms_number.max(other.max_terms_number);
+
+        for (key, value) in other.matching_strategy.into_iter() {
+            let matching_strategy = self.matching_strategy.entry(key).or_insert(0);
+            *matching_strategy = matching_strategy.saturating_add(value);
+        }
        // pagination
        self.max_limit = self.max_limit.max(other.max_limit);
        self.max_offset = self.max_offset.max(other.max_offset);
+
+        self.highlight_pre_tag |= other.highlight_pre_tag;
+        self.highlight_post_tag |= other.highlight_post_tag;
+        self.crop_marker |= other.crop_marker;
+        self.show_matches_position |= other.show_matches_position;
+        self.crop_length |= other.crop_length;
    }

-    pub fn into_event(mut self, user: &User, event_name: &str) -> Option<Track> {
+    pub fn into_event(self, user: &User, event_name: &str) -> Option<Track> {
        if self.total_received == 0 {
            None
        } else {
+            // the index of the 99th percentage of value
            let percentile_99th = 0.99 * (self.total_succeeded as f64 - 1.) + 1.;
-            self.time_spent.drain(percentile_99th as usize..);
+            // we get all the values in a sorted manner
+            let time_spent = self.time_spent.into_sorted_vec();
+            // We are only interested by the slowest value of the 99th fastest results
+            let time_spent = time_spent.get(percentile_99th as usize);

            let properties = json!({
                "user-agent": self.user_agents,
                "requests": {
-                    "99th_response_time":  format!("{:.2}", self.time_spent.iter().sum::<usize>() as f64 / self.time_spent.len() as f64),
+                    "99th_response_time":  time_spent.map(|t| format!("{:.2}", t)),
                    "total_succeeded": self.total_succeeded,
                    "total_failed": self.total_received.saturating_sub(self.total_succeeded), // just to be sure we never panics
                    "total_received": self.total_received,
@ -423,15 +527,24 @@ impl SearchAggregator {
                   "most_used_syntax": self.used_syntax.iter().max_by_key(|(_, v)| *v).map(|(k, _)| json!(k)).unwrap_or_else(|| json!(null)),
                },
                "q": {
-                   "avg_terms_number": format!("{:.2}", self.sum_of_terms_count as f64 / self.total_number_of_q as f64),
+                   "max_terms_number": self.max_terms_number,
+                   "most_used_matching_strategy": self.matching_strategy.iter().max_by_key(|(_, v)| *v).map(|(k, _)| json!(k)).unwrap_or_else(|| json!(null)),
                },
                "pagination": {
                   "max_limit": self.max_limit,
                   "max_offset": self.max_offset,
                },
+                "formatting": {
+                    "highlight_pre_tag": self.highlight_pre_tag,
+                    "highlight_post_tag": self.highlight_post_tag,
+                    "crop_marker": self.crop_marker,
+                    "show_matches_position": self.show_matches_position,
+                    "crop_length": self.crop_length,
+                },
            });

            Some(Track {
+                timestamp: self.timestamp,
                user: user.clone(),
                event: event_name.to_string(),
                properties,
@ -443,6 +556,8 @@ impl SearchAggregator {

 #[derive(Default)]
 pub struct DocumentsAggregator {
+    timestamp: Option<OffsetDateTime>,
+
    // set to true when at least one request was received
    updated: bool,

@ -461,6 +576,7 @@ impl DocumentsAggregator {
        request: &HttpRequest,
    ) -> Self {
        let mut ret = Self::default();
+        ret.timestamp = Some(OffsetDateTime::now_utc());

        ret.updated = true;
        ret.user_agents = extract_user_agents(request).into_iter().collect();
@ -470,8 +586,8 @@ impl DocumentsAggregator {
        let content_type = request
            .headers()
            .get(CONTENT_TYPE)
-            .map(|s| s.to_str().unwrap_or("unkown"))
-            .unwrap()
+            .and_then(|s| s.to_str().ok())
+            .unwrap_or("unknown")
            .to_string();
        ret.content_types.insert(content_type);
        ret.index_creation = index_creation;
@ -481,15 +597,19 @@ impl DocumentsAggregator {

    /// Aggregate one [DocumentsAggregator] into another.
    pub fn aggregate(&mut self, other: Self) {
+        if self.timestamp.is_none() {
+            self.timestamp = other.timestamp;
+        }
+
        self.updated |= other.updated;
        // we can't create a union because there is no `into_union` method
-        for user_agent in other.user_agents.into_iter() {
+        for user_agent in other.user_agents {
            self.user_agents.insert(user_agent);
        }
-        for primary_key in other.primary_keys.into_iter() {
+        for primary_key in other.primary_keys {
            self.primary_keys.insert(primary_key);
        }
-        for content_type in other.content_types.into_iter() {
+        for content_type in other.content_types {
            self.content_types.insert(content_type);
        }
        self.index_creation |= other.index_creation;
@ -507,6 +627,7 @@ impl DocumentsAggregator {
            });

            Some(Track {
+                timestamp: self.timestamp,
                user: user.clone(),
                event: event_name.to_string(),
                properties,
--- a/meilisearch-http/src/error.rs
+++ b/meilisearch-http/src/error.rs
@ -1,13 +1,6 @@
-use std::error::Error;
-use std::fmt;
-
 use actix_web as aweb;
-use actix_web::body::Body;
-use actix_web::http::StatusCode;
-use actix_web::HttpResponseBuilder;
 use aweb::error::{JsonPayloadError, QueryPayloadError};
-use meilisearch_error::{Code, ErrorCode};
-use serde::{Deserialize, Serialize};
+use meilisearch_types::error::{Code, ErrorCode, ResponseError};

 #[derive(Debug, thiserror::Error)]
 pub enum MeilisearchHttpError {
@ -36,71 +29,18 @@ impl From<MeilisearchHttpError> for aweb::Error {
    }
 }

-#[derive(Debug, Serialize, Deserialize, Clone)]
-#[serde(rename_all = "camelCase")]
-pub struct ResponseError {
-    #[serde(skip)]
-    code: StatusCode,
-    message: String,
-    #[serde(rename = "code")]
-    error_code: String,
-    #[serde(rename = "type")]
-    error_type: String,
-    #[serde(rename = "link")]
-    error_link: String,
-}
-
-impl fmt::Display for ResponseError {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        self.message.fmt(f)
-    }
-}
-
-impl<T> From<T> for ResponseError
-where
-    T: ErrorCode,
-{
-    fn from(other: T) -> Self {
-        Self {
-            code: other.http_status(),
-            message: other.to_string(),
-            error_code: other.error_name(),
-            error_type: other.error_type(),
-            error_link: other.error_url(),
-        }
-    }
-}
-
-impl aweb::error::ResponseError for ResponseError {
-    fn error_response(&self) -> aweb::HttpResponse<Body> {
-        let json = serde_json::to_vec(self).unwrap();
-        HttpResponseBuilder::new(self.status_code())
-            .content_type("application/json")
-            .body(json)
-    }
-
-    fn status_code(&self) -> StatusCode {
-        self.code
-    }
-}
-
-impl fmt::Display for PayloadError {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        match self {
-            PayloadError::Json(e) => e.fmt(f),
-            PayloadError::Query(e) => e.fmt(f),
-        }
-    }
-}
-
-#[derive(Debug)]
+#[derive(Debug, thiserror::Error)]
 pub enum PayloadError {
+    #[error("{0}")]
    Json(JsonPayloadError),
+    #[error("{0}")]
    Query(QueryPayloadError),
+    #[error("The json payload provided is malformed. `{0}`.")]
+    MalformedPayload(serde_json::error::Error),
+    #[error("A json payload is missing.")]
+    MissingPayload,
 }

-impl Error for PayloadError {}
-
 impl ErrorCode for PayloadError {
    fn error_code(&self) -> Code {
        match self {
@ -110,7 +50,8 @@ impl ErrorCode for PayloadError {
                JsonPayloadError::Payload(aweb::error::PayloadError::Overflow) => {
                    Code::PayloadTooLarge
                }
-                JsonPayloadError::Deserialize(_) | JsonPayloadError::Payload(_) => Code::BadRequest,
+                JsonPayloadError::Payload(_) => Code::BadRequest,
+                JsonPayloadError::Deserialize(_) => Code::BadRequest,
                JsonPayloadError::Serialize(_) => Code::Internal,
                _ => Code::Internal,
            },
@ -118,13 +59,29 @@ impl ErrorCode for PayloadError {
                QueryPayloadError::Deserialize(_) => Code::BadRequest,
                _ => Code::Internal,
            },
+            PayloadError::MissingPayload => Code::MissingPayload,
+            PayloadError::MalformedPayload(_) => Code::MalformedPayload,
        }
    }
 }

 impl From<JsonPayloadError> for PayloadError {
    fn from(other: JsonPayloadError) -> Self {
-        Self::Json(other)
+        match other {
+            JsonPayloadError::Deserialize(e)
+                if e.classify() == serde_json::error::Category::Eof
+                    && e.line() == 1
+                    && e.column() == 0 =>
+            {
+                Self::MissingPayload
+            }
+            JsonPayloadError::Deserialize(e)
+                if e.classify() != serde_json::error::Category::Data =>
+            {
+                Self::MalformedPayload(e)
+            }
+            _ => Self::Json(other),
+        }
    }
 }

--- a/meilisearch-http/src/extractors/authentication/error.rs
+++ b/meilisearch-http/src/extractors/authentication/error.rs
@ -1,25 +1,22 @@
-use meilisearch_error::{Code, ErrorCode};
+use meilisearch_types::error::{Code, ErrorCode};

 #[derive(Debug, thiserror::Error)]
 pub enum AuthenticationError {
-    #[error("You must have an authorization token")]
+    #[error("The Authorization header is missing. It must use the bearer authorization method.")]
    MissingAuthorizationHeader,
-    #[error("Invalid API key")]
-    InvalidToken(String),
+    #[error("The provided API key is invalid.")]
+    InvalidToken,
    // Triggered on configuration error.
-    #[error("Irretrievable state")]
+    #[error("An internal error has occurred. `Irretrievable state`.")]
    IrretrievableState,
-    #[error("Unknown authentication policy")]
-    UnknownPolicy,
 }

 impl ErrorCode for AuthenticationError {
    fn error_code(&self) -> Code {
        match self {
            AuthenticationError::MissingAuthorizationHeader => Code::MissingAuthorizationHeader,
-            AuthenticationError::InvalidToken(_) => Code::InvalidToken,
+            AuthenticationError::InvalidToken => Code::InvalidToken,
            AuthenticationError::IrretrievableState => Code::Internal,
-            AuthenticationError::UnknownPolicy => Code::Internal,
        }
    }
 }
--- a/meilisearch-http/src/extractors/authentication/mod.rs
+++ b/meilisearch-http/src/extractors/authentication/mod.rs
@ -1,84 +1,81 @@
 mod error;

-use std::any::{Any, TypeId};
-use std::collections::HashMap;
 use std::marker::PhantomData;
 use std::ops::Deref;
+use std::pin::Pin;

 use actix_web::FromRequest;
+pub use error::AuthenticationError;
 use futures::future::err;
-use futures::future::{ok, Ready};
+use futures::Future;
+use meilisearch_auth::{AuthController, AuthFilter};
+use meilisearch_types::error::{Code, ResponseError};

-use crate::error::ResponseError;
-use error::AuthenticationError;
-
-macro_rules! create_policies {
-    ($($name:ident), *) => {
-        pub mod policies {
-            use std::collections::HashSet;
-            use crate::extractors::authentication::Policy;
-
-            $(
-                #[derive(Debug, Default)]
-                pub struct $name {
-                    inner: HashSet<Vec<u8>>
-                }
-
-                impl $name {
-                    pub fn new() -> Self {
-                        Self { inner: HashSet::new() }
-                    }
-
-                    pub fn add(&mut self, token: Vec<u8>) {
-                        self.inner.insert(token);
-                    }
-                }
-
-                impl Policy for $name {
-                    fn authenticate(&self, token: &[u8]) -> bool {
-                        self.inner.contains(token)
-                    }
-                }
-            )*
-        }
-    };
-}
-
-create_policies!(Public, Private, Admin);
-
-/// Instanciate a `Policies`, filled with the given policies.
-macro_rules! init_policies {
-    ($($name:ident), *) => {
-        {
-            let mut policies = crate::extractors::authentication::Policies::new();
-            $(
-                let policy = $name::new();
-                policies.insert(policy);
-            )*
-            policies
-        }
-    };
-}
-
-/// Adds user to all specified policies.
-macro_rules! create_users {
-    ($policies:ident, $($user:expr => { $($policy:ty), * }), *) => {
-        {
-            $(
-                $(
-                    $policies.get_mut::<$policy>().map(|p| p.add($user.to_owned()));
-                )*
-            )*
-        }
-    };
-}
-
-pub struct GuardedData<T, D> {
+pub struct GuardedData<P, D> {
    data: D,
-    _marker: PhantomData<T>,
+    filters: AuthFilter,
+    _marker: PhantomData<P>,
 }

-impl<T, D> Deref for GuardedData<T, D> {
+impl<P, D> GuardedData<P, D> {
+    pub fn filters(&self) -> &AuthFilter {
+        &self.filters
+    }
+
+    async fn auth_bearer(
+        auth: AuthController,
+        token: String,
+        index: Option<String>,
+        data: Option<D>,
+    ) -> Result<Self, ResponseError>
+    where
+        P: Policy + 'static,
+    {
+        match Self::authenticate(auth, token, index).await? {
+            Some(filters) => match data {
+                Some(data) => Ok(Self {
+                    data,
+                    filters,
+                    _marker: PhantomData,
+                }),
+                None => Err(AuthenticationError::IrretrievableState.into()),
+            },
+            None => Err(AuthenticationError::InvalidToken.into()),
+        }
+    }
+
+    async fn auth_token(auth: AuthController, data: Option<D>) -> Result<Self, ResponseError>
+    where
+        P: Policy + 'static,
+    {
+        match Self::authenticate(auth, String::new(), None).await? {
+            Some(filters) => match data {
+                Some(data) => Ok(Self {
+                    data,
+                    filters,
+                    _marker: PhantomData,
+                }),
+                None => Err(AuthenticationError::IrretrievableState.into()),
+            },
+            None => Err(AuthenticationError::MissingAuthorizationHeader.into()),
+        }
+    }
+
+    async fn authenticate(
+        auth: AuthController,
+        token: String,
+        index: Option<String>,
+    ) -> Result<Option<AuthFilter>, ResponseError>
+    where
+        P: Policy + 'static,
+    {
+        tokio::task::spawn_blocking(move || P::authenticate(auth, token.as_ref(), index.as_deref()))
+            .await
+            .map_err(|e| ResponseError::from_msg(e.to_string(), Code::Internal))
+    }
+}
+
+impl<P, D> Deref for GuardedData<P, D> {
    type Target = D;

    fn deref(&self) -> &Self::Target {
@ -86,98 +83,172 @@ impl<T, D> Deref for GuardedData<T, D> {
    }
 }

-pub trait Policy {
-    fn authenticate(&self, token: &[u8]) -> bool;
-}
-
-#[derive(Debug)]
-pub struct Policies {
-    inner: HashMap<TypeId, Box<dyn Any>>,
-}
-
-impl Policies {
-    pub fn new() -> Self {
-        Self {
-            inner: HashMap::new(),
-        }
-    }
-
-    pub fn insert<S: Policy + 'static>(&mut self, policy: S) {
-        self.inner.insert(TypeId::of::<S>(), Box::new(policy));
-    }
-
-    pub fn get<S: Policy + 'static>(&self) -> Option<&S> {
-        self.inner
-            .get(&TypeId::of::<S>())
-            .and_then(|p| p.downcast_ref::<S>())
-    }
-
-    pub fn get_mut<S: Policy + 'static>(&mut self) -> Option<&mut S> {
-        self.inner
-            .get_mut(&TypeId::of::<S>())
-            .and_then(|p| p.downcast_mut::<S>())
-    }
-}
-
-impl Default for Policies {
-    fn default() -> Self {
-        Self::new()
-    }
-}
-
-pub enum AuthConfig {
-    NoAuth,
-    Auth(Policies),
-}
-
-impl Default for AuthConfig {
-    fn default() -> Self {
-        Self::NoAuth
-    }
-}
-
 impl<P: Policy + 'static, D: 'static + Clone> FromRequest for GuardedData<P, D> {
-    type Config = AuthConfig;
-
    type Error = ResponseError;

-    type Future = Ready<Result<Self, Self::Error>>;
+    type Future = Pin<Box<dyn Future<Output = Result<Self, Self::Error>>>>;

    fn from_request(
        req: &actix_web::HttpRequest,
        _payload: &mut actix_web::dev::Payload,
    ) -> Self::Future {
-        match req.app_data::<Self::Config>() {
-            Some(config) => match config {
-                AuthConfig::NoAuth => match req.app_data::<D>().cloned() {
-                    Some(data) => ok(Self {
-                        data,
-                        _marker: PhantomData,
-                    }),
-                    None => err(AuthenticationError::IrretrievableState.into()),
-                },
-                AuthConfig::Auth(policies) => match policies.get::<P>() {
-                    Some(policy) => match req.headers().get("x-meili-api-key") {
-                        Some(token) => {
-                            if policy.authenticate(token.as_bytes()) {
-                                match req.app_data::<D>().cloned() {
-                                    Some(data) => ok(Self {
-                                        data,
-                                        _marker: PhantomData,
-                                    }),
-                                    None => err(AuthenticationError::IrretrievableState.into()),
-                                }
-                            } else {
-                                let token = token.to_str().unwrap_or("unknown").to_string();
-                                err(AuthenticationError::InvalidToken(token).into())
-                            }
+        match req.app_data::<AuthController>().cloned() {
+            Some(auth) => match req
+                .headers()
+                .get("Authorization")
+                .map(|type_token| type_token.to_str().unwrap_or_default().splitn(2, ' '))
+            {
+                Some(mut type_token) => match type_token.next() {
+                    Some("Bearer") => {
+                        // TODO: find a less hardcoded way?
+                        let index = req.match_info().get("index_uid");
+                        match type_token.next() {
+                            Some(token) => Box::pin(Self::auth_bearer(
+                                auth,
+                                token.to_string(),
+                                index.map(String::from),
+                                req.app_data::<D>().cloned(),
+                            )),
+                            None => Box::pin(err(AuthenticationError::InvalidToken.into())),
                        }
-                        None => err(AuthenticationError::MissingAuthorizationHeader.into()),
-                    },
-                    None => err(AuthenticationError::UnknownPolicy.into()),
+                    }
+                    _otherwise => {
+                        Box::pin(err(AuthenticationError::MissingAuthorizationHeader.into()))
+                    }
                },
+                None => Box::pin(Self::auth_token(auth, req.app_data::<D>().cloned())),
            },
-            None => err(AuthenticationError::IrretrievableState.into()),
+            None => Box::pin(err(AuthenticationError::IrretrievableState.into())),
        }
    }
 }
+
+pub trait Policy {
+    fn authenticate(auth: AuthController, token: &str, index: Option<&str>) -> Option<AuthFilter>;
+}
+
+pub mod policies {
+    use jsonwebtoken::{decode, Algorithm, DecodingKey, Validation};
+    use serde::{Deserialize, Serialize};
+    use time::OffsetDateTime;
+    use uuid::Uuid;
+
+    use crate::extractors::authentication::Policy;
+    use meilisearch_auth::{Action, AuthController, AuthFilter, SearchRules};
+    // reexport actions in policies in order to be used in routes configuration.
+    pub use meilisearch_auth::actions;
+
+    fn tenant_token_validation() -> Validation {
+        let mut validation = Validation::default();
+        validation.validate_exp = false;
+        validation.required_spec_claims.remove("exp");
+        validation.algorithms = vec![Algorithm::HS256, Algorithm::HS384, Algorithm::HS512];
+        validation
+    }
+
+    /// Extracts the key id used to sign the payload, without performing any validation.
+    fn extract_key_id(token: &str) -> Option<Uuid> {
+        let mut validation = tenant_token_validation();
+        validation.insecure_disable_signature_validation();
+        let dummy_key = DecodingKey::from_secret(b"secret");
+        let token_data = decode::<Claims>(token, &dummy_key, &validation).ok()?;
+
+        // get token fields without validating it.
+        let Claims { api_key_uid, .. } = token_data.claims;
+        Some(api_key_uid)
+    }
+
+    fn is_keys_action(action: u8) -> bool {
+        use actions::*;
+        matches!(action, KEYS_GET | KEYS_CREATE | KEYS_UPDATE | KEYS_DELETE)
+    }
+
+    pub struct ActionPolicy<const A: u8>;
+
+    impl<const A: u8> Policy for ActionPolicy<A> {
+        fn authenticate(
+            auth: AuthController,
+            token: &str,
+            index: Option<&str>,
+        ) -> Option<AuthFilter> {
+            // authenticate if token is the master key.
+            // master key can only have access to keys routes.
+            // if master key is None only keys routes are inaccessible.
+            if auth
+                .get_master_key()
+                .map_or_else(|| !is_keys_action(A), |mk| mk == token)
+            {
+                return Some(AuthFilter::default());
+            }
+
+            // Tenant token
+            if let Some(filters) = ActionPolicy::<A>::authenticate_tenant_token(&auth, token, index)
+            {
+                return Some(filters);
+            } else if let Some(action) = Action::from_repr(A) {
+                // API key
+                if let Ok(Some(uid)) = auth.get_optional_uid_from_encoded_key(token.as_bytes()) {
+                    if let Ok(true) = auth.is_key_authorized(uid, action, index) {
+                        return auth.get_key_filters(uid, None).ok();
+                    }
+                }
+            }
+
+            None
+        }
+    }
+
+    impl<const A: u8> ActionPolicy<A> {
+        fn authenticate_tenant_token(
+            auth: &AuthController,
+            token: &str,
+            index: Option<&str>,
+        ) -> Option<AuthFilter> {
+            // Only search action can be accessed by a tenant token.
+            if A != actions::SEARCH {
+                return None;
+            }
+
+            let uid = extract_key_id(token)?;
+            // check if parent key is authorized to do the action.
+            if auth.is_key_authorized(uid, Action::Search, index).ok()? {
+                // Check if tenant token is valid.
+                let key = auth.generate_key(uid)?;
+                let data = decode::<Claims>(
+                    token,
+                    &DecodingKey::from_secret(key.as_bytes()),
+                    &tenant_token_validation(),
+                )
+                .ok()?;
+
+                // Check index access if an index restriction is provided.
+                if let Some(index) = index {
+                    if !data.claims.search_rules.is_index_authorized(index) {
+                        return None;
+                    }
+                }
+
+                // Check if token is expired.
+                if let Some(exp) = data.claims.exp {
+                    if OffsetDateTime::now_utc().unix_timestamp() > exp {
+                        return None;
+                    }
+                }
+
+                return auth
+                    .get_key_filters(uid, Some(data.claims.search_rules))
+                    .ok();
+            }
+
+            None
+        }
+    }
+
+    #[derive(Debug, Serialize, Deserialize)]
+    #[serde(rename_all = "camelCase")]
+    struct Claims {
+        search_rules: SearchRules,
+        exp: Option<i64>,
+        api_key_uid: Uuid,
+    }
+}
--- a/meilisearch-http/src/extractors/mod.rs
+++ b/meilisearch-http/src/extractors/mod.rs
@ -1,3 +1,4 @@
 pub mod payload;
 #[macro_use]
 pub mod authentication;
+pub mod sequential_extractor;
--- a/meilisearch-http/src/extractors/payload.rs
+++ b/meilisearch-http/src/extractors/payload.rs
@ -28,8 +28,6 @@ impl Default for PayloadConfig {
 }

 impl FromRequest for Payload {
-    type Config = PayloadConfig;
-
    type Error = PayloadError;

    type Future = Ready<Result<Payload, Self::Error>>;
@ -39,7 +37,7 @@ impl FromRequest for Payload {
        let limit = req
            .app_data::<PayloadConfig>()
            .map(|c| c.limit)
-            .unwrap_or(Self::Config::default().limit);
+            .unwrap_or(PayloadConfig::default().limit);
        ready(Ok(Payload {
            payload: payload.take(),
            limit,
--- a/meilisearch-http/src/extractors/sequential_extractor.rs
+++ b/meilisearch-http/src/extractors/sequential_extractor.rs
@ -0,0 +1,148 @@
+#![allow(non_snake_case)]
+use std::{future::Future, pin::Pin, task::Poll};
+
+use actix_web::{dev::Payload, FromRequest, Handler, HttpRequest};
+use pin_project_lite::pin_project;
+
+/// `SeqHandler` is an actix `Handler` that enforces that extractors errors are returned in the
+/// same order as they are defined in the wrapped handler. This is needed because, by default, actix
+/// resolves the extractors concurrently, whereas we always need the authentication extractor to
+/// throw first.
+#[derive(Clone)]
+pub struct SeqHandler<H>(pub H);
+
+pub struct SeqFromRequest<T>(T);
+
+/// This macro implements `FromRequest` for arbitrary arity handler, except for one, which is
+/// useless anyway.
+macro_rules! gen_seq {
+    ($ty:ident; $($T:ident)+) => {
+        pin_project! {
+            pub struct $ty<$($T: FromRequest), +> {
+                $(
+                #[pin]
+                $T: ExtractFuture<$T::Future, $T, $T::Error>,
+                )+
+            }
+        }
+
+        impl<$($T: FromRequest), +> Future for $ty<$($T),+> {
+            type Output = Result<SeqFromRequest<($($T),+)>, actix_web::Error>;
+
+            fn poll(self: Pin<&mut Self>, cx: &mut std::task::Context<'_>) -> Poll<Self::Output> {
+                let mut this = self.project();
+
+                let mut count_fut = 0;
+                let mut count_finished = 0;
+
+                $(
+                count_fut += 1;
+                match this.$T.as_mut().project() {
+                    ExtractProj::Future { fut } => match fut.poll(cx) {
+                        Poll::Ready(Ok(output)) => {
+                            count_finished += 1;
+                            let _ = this
+                                .$T
+                                .as_mut()
+                                .project_replace(ExtractFuture::Done { output });
+                        }
+                        Poll::Ready(Err(error)) => {
+                            count_finished += 1;
+                            let _ = this
+                                .$T
+                                .as_mut()
+                                .project_replace(ExtractFuture::Error { error });
+                        }
+                        Poll::Pending => (),
+                    },
+                    ExtractProj::Done { .. } => count_finished += 1,
+                    ExtractProj::Error { .. } => {
+                        // short circuit if all previous are finished and we had an error.
+                        if count_finished == count_fut {
+                            match this.$T.project_replace(ExtractFuture::Empty) {
+                                ExtractReplaceProj::Error { error } => {
+                                    return Poll::Ready(Err(error.into()))
+                                }
+                                _ => unreachable!("Invalid future state"),
+                            }
+                        } else {
+                            count_finished += 1;
+                        }
+                    }
+                    ExtractProj::Empty => unreachable!("From request polled after being finished. {}", stringify!($T)),
+                }
+                )+
+
+                if count_fut == count_finished {
+                    let result = (
+                        $(
+                            match this.$T.project_replace(ExtractFuture::Empty) {
+                                ExtractReplaceProj::Done { output } => output,
+                                ExtractReplaceProj::Error { error } => return Poll::Ready(Err(error.into())),
+                                _ => unreachable!("Invalid future state"),
+                            },
+                        )+
+                    );
+
+                    Poll::Ready(Ok(SeqFromRequest(result)))
+                } else {
+                    Poll::Pending
+                }
+            }
+        }
+
+        impl<$($T: FromRequest,)+> FromRequest for SeqFromRequest<($($T,)+)> {
+            type Error = actix_web::Error;
+
+            type Future = $ty<$($T),+>;
+
+            fn from_request(req: &HttpRequest, payload: &mut Payload) -> Self::Future {
+                $ty {
+                $(
+                    $T: ExtractFuture::Future {
+                        fut: $T::from_request(req, payload),
+                    },
+                )+
+                }
+            }
+        }
+
+    impl<Han, $($T: FromRequest),+> Handler<SeqFromRequest<($($T),+)>> for SeqHandler<Han>
+    where
+        Han: Handler<($($T),+)>,
+    {
+        type Output = Han::Output;
+        type Future = Han::Future;
+
+        fn call(&self, args: SeqFromRequest<($($T),+)>) -> Self::Future {
+            self.0.call(args.0)
+        }
+    }
+    };
+}
+
+// Not working for a single argument, but then, it is not really necessary.
+// gen_seq! { SeqFromRequestFut1; A }
+gen_seq! { SeqFromRequestFut2; A B }
+gen_seq! { SeqFromRequestFut3; A B C }
+gen_seq! { SeqFromRequestFut4; A B C D }
+gen_seq! { SeqFromRequestFut5; A B C D E }
+gen_seq! { SeqFromRequestFut6; A B C D E F }
+
+pin_project! {
+    #[project = ExtractProj]
+    #[project_replace = ExtractReplaceProj]
+    enum ExtractFuture<Fut, Res, Err> {
+        Future {
+            #[pin]
+            fut: Fut,
+        },
+        Done {
+            output: Res,
+        },
+        Error {
+            error: Err,
+        },
+        Empty,
+    }
+}
--- a/meilisearch-http/src/helpers/env.rs
+++ b/meilisearch-http/src/helpers/env.rs
@ -1,16 +0,0 @@
-use walkdir::WalkDir;
-
-pub trait EnvSizer {
-    fn size(&self) -> u64;
-}
-
-impl EnvSizer for heed::Env {
-    fn size(&self) -> u64 {
-        WalkDir::new(self.path())
-            .into_iter()
-            .filter_map(|entry| entry.ok())
-            .filter_map(|entry| entry.metadata().ok())
-            .filter(|metadata| metadata.is_file())
-            .fold(0, |acc, m| acc + m.len())
-    }
-}
--- a/meilisearch-http/src/helpers/mod.rs
+++ b/meilisearch-http/src/helpers/mod.rs
@ -1,3 +0,0 @@
-mod env;
-
-pub use env::EnvSizer;
--- a/meilisearch-http/src/lib.rs
+++ b/meilisearch-http/src/lib.rs
@ -1,17 +1,22 @@
 #![allow(rustdoc::private_intra_doc_links)]
 #[macro_use]
 pub mod error;
+pub mod analytics;
+pub mod task;
 #[macro_use]
 pub mod extractors;
-pub mod analytics;
-pub mod helpers;
 pub mod option;
 pub mod routes;
-use std::sync::Arc;
+
+#[cfg(feature = "metrics")]
+pub mod metrics;
+#[cfg(feature = "metrics")]
+pub mod route_metrics;
+
+use std::sync::{atomic::AtomicBool, Arc};
 use std::time::Duration;

 use crate::error::MeilisearchHttpError;
-use crate::extractors::authentication::AuthConfig;
 use actix_web::error::JsonPayloadError;
 use analytics::Analytics;
 use error::PayloadError;
@ -20,45 +25,33 @@ pub use option::Opt;

 use actix_web::{web, HttpRequest};

-use extractors::authentication::policies::*;
 use extractors::payload::PayloadConfig;
+use meilisearch_auth::AuthController;
 use meilisearch_lib::MeiliSearch;
-use sha2::Digest;

-#[derive(Clone)]
-pub struct ApiKeys {
-    pub public: Option<String>,
-    pub private: Option<String>,
-    pub master: Option<String>,
-}
-
-impl ApiKeys {
-    pub fn generate_missing_api_keys(&mut self) {
-        if let Some(master_key) = &self.master {
-            if self.private.is_none() {
-                let key = format!("{}-private", master_key);
-                let sha = sha2::Sha256::digest(key.as_bytes());
-                self.private = Some(format!("{:x}", sha));
-            }
-            if self.public.is_none() {
-                let key = format!("{}-public", master_key);
-                let sha = sha2::Sha256::digest(key.as_bytes());
-                self.public = Some(format!("{:x}", sha));
-            }
-        }
-    }
-}
+pub static AUTOBATCHING_ENABLED: AtomicBool = AtomicBool::new(false);

 pub fn setup_meilisearch(opt: &Opt) -> anyhow::Result<MeiliSearch> {
    let mut meilisearch = MeiliSearch::builder();
+
+    // disable autobatching?
+    AUTOBATCHING_ENABLED.store(
+        !opt.scheduler_options.disable_auto_batching,
+        std::sync::atomic::Ordering::Relaxed,
+    );
+
    meilisearch
        .set_max_index_size(opt.max_index_size.get_bytes() as usize)
-        .set_max_update_store_size(opt.max_udb_size.get_bytes() as usize)
+        .set_max_task_store_size(opt.max_task_db_size.get_bytes() as usize)
+        // snapshot
        .set_ignore_missing_snapshot(opt.ignore_missing_snapshot)
        .set_ignore_snapshot_if_db_exists(opt.ignore_snapshot_if_db_exists)
-        .set_dump_dst(opt.dumps_dir.clone())
        .set_snapshot_interval(Duration::from_secs(opt.snapshot_interval_sec))
-        .set_snapshot_dir(opt.snapshot_dir.clone());
+        .set_snapshot_dir(opt.snapshot_dir.clone())
+        // dump
+        .set_ignore_missing_dump(opt.ignore_missing_dump)
+        .set_ignore_dump_if_db_exists(opt.ignore_dump_if_db_exists)
+        .set_dump_dst(opt.dumps_dir.clone());

    if let Some(ref path) = opt.import_snapshot {
        meilisearch.set_import_snapshot(path.clone());
@ -72,18 +65,24 @@ pub fn setup_meilisearch(opt: &Opt) -> anyhow::Result<MeiliSearch> {
        meilisearch.set_schedule_snapshot();
    }

-    meilisearch.build(opt.db_path.clone(), opt.indexer_options.clone())
+    meilisearch.build(
+        opt.db_path.clone(),
+        opt.indexer_options.clone(),
+        opt.scheduler_options.clone(),
+    )
 }

 pub fn configure_data(
    config: &mut web::ServiceConfig,
    data: MeiliSearch,
+    auth: AuthController,
    opt: &Opt,
    analytics: Arc<dyn Analytics>,
 ) {
    let http_payload_size_limit = opt.http_payload_size_limit.get_bytes() as usize;
    config
        .app_data(data)
+        .app_data(auth)
        .app_data(web::Data::from(analytics))
        .app_data(
            web::JsonConfig::default()
@ -109,37 +108,10 @@ pub fn configure_data(
        );
 }

-pub fn configure_auth(config: &mut web::ServiceConfig, opts: &Opt) {
-    let mut keys = ApiKeys {
-        master: opts.master_key.clone(),
-        private: None,
-        public: None,
-    };
-
-    keys.generate_missing_api_keys();
-
-    let auth_config = if let Some(ref master_key) = keys.master {
-        let private_key = keys.private.as_ref().unwrap();
-        let public_key = keys.public.as_ref().unwrap();
-        let mut policies = init_policies!(Public, Private, Admin);
-        create_users!(
-            policies,
-            master_key.as_bytes() => { Admin, Private, Public },
-            private_key.as_bytes() => { Private, Public },
-            public_key.as_bytes() => { Public }
-        );
-        AuthConfig::Auth(policies)
-    } else {
-        AuthConfig::NoAuth
-    };
-
-    config.app_data(auth_config).app_data(keys);
-}
-
 #[cfg(feature = "mini-dashboard")]
 pub fn dashboard(config: &mut web::ServiceConfig, enable_frontend: bool) {
    use actix_web::HttpResponse;
-    use actix_web_static_files::Resource;
+    use static_files::Resource;

    mod generated {
        include!(concat!(env!("OUT_DIR"), "/generated.rs"));
@ -154,13 +126,13 @@ pub fn dashboard(config: &mut web::ServiceConfig, enable_frontend: bool) {
            } = resource;
            // Redirect index.html to /
            if path == "index.html" {
-                config.service(web::resource("/").route(
-                    web::get().to(move || HttpResponse::Ok().content_type(mime_type).body(data)),
-                ));
+                config.service(web::resource("/").route(web::get().to(move || async move {
+                    HttpResponse::Ok().content_type(mime_type).body(data)
+                })));
            } else {
-                config.service(web::resource(path).route(
-                    web::get().to(move || HttpResponse::Ok().content_type(mime_type).body(data)),
-                ));
+                config.service(web::resource(path).route(web::get().to(move || async move {
+                    HttpResponse::Ok().content_type(mime_type).body(data)
+                })));
            }
        }
    } else {
@ -173,26 +145,44 @@ pub fn dashboard(config: &mut web::ServiceConfig, _enable_frontend: bool) {
    config.service(web::resource("/").route(web::get().to(routes::running)));
 }

+#[cfg(feature = "metrics")]
+pub fn configure_metrics_route(config: &mut web::ServiceConfig, enable_metrics_route: bool) {
+    if enable_metrics_route {
+        config.service(
+            web::resource("/metrics").route(web::get().to(crate::route_metrics::get_metrics)),
+        );
+    }
+}
+
 #[macro_export]
 macro_rules! create_app {
-    ($data:expr, $enable_frontend:expr, $opt:expr, $analytics:expr) => {{
+    ($data:expr, $auth:expr, $enable_frontend:expr, $opt:expr, $analytics:expr) => {{
        use actix_cors::Cors;
+        use actix_web::dev::Service;
+        use actix_web::middleware::Condition;
        use actix_web::middleware::TrailingSlash;
        use actix_web::App;
        use actix_web::{middleware, web};
-        use meilisearch_http::error::{MeilisearchHttpError, ResponseError};
+        use meilisearch_http::error::MeilisearchHttpError;
        use meilisearch_http::routes;
-        use meilisearch_http::{configure_auth, configure_data, dashboard};
+        use meilisearch_http::{configure_data, dashboard};
+        #[cfg(feature = "metrics")]
+        use meilisearch_http::{configure_metrics_route, metrics, route_metrics};
+        use meilisearch_types::error::ResponseError;

-        App::new()
-            .configure(|s| configure_data(s, $data.clone(), &$opt, $analytics))
-            .configure(|s| configure_auth(s, &$opt))
+        let app = App::new()
+            .configure(|s| configure_data(s, $data.clone(), $auth.clone(), &$opt, $analytics))
            .configure(routes::configure)
-            .configure(|s| dashboard(s, $enable_frontend))
+            .configure(|s| dashboard(s, $enable_frontend));
+
+        #[cfg(feature = "metrics")]
+        let app = app.configure(|s| configure_metrics_route(s, $opt.enable_metrics_route));
+
+        let app = app
            .wrap(
                Cors::default()
                    .send_wildcard()
-                    .allowed_headers(vec!["content-type", "x-meili-api-key"])
+                    .allow_any_header()
                    .allow_any_origin()
                    .allow_any_method()
                    .max_age(86_400), // 24h
@ -201,6 +191,14 @@ macro_rules! create_app {
            .wrap(middleware::Compress::default())
            .wrap(middleware::NormalizePath::new(
                middleware::TrailingSlash::Trim,
-            ))
+            ));
+
+        #[cfg(feature = "metrics")]
+        let app = app.wrap(Condition::new(
+            $opt.enable_metrics_route,
+            route_metrics::RouteMetrics,
+        ));
+
+        app
    }};
 }
--- a/meilisearch-http/src/main.rs
+++ b/meilisearch-http/src/main.rs
@ -1,16 +1,17 @@
 use std::env;
 use std::sync::Arc;

+use actix_web::http::KeepAlive;
 use actix_web::HttpServer;
+use clap::Parser;
+use meilisearch_auth::AuthController;
 use meilisearch_http::analytics;
 use meilisearch_http::analytics::Analytics;
 use meilisearch_http::{create_app, setup_meilisearch, Opt};
 use meilisearch_lib::MeiliSearch;
-use structopt::StructOpt;

-#[cfg(target_os = "linux")]
 #[global_allocator]
-static ALLOC: tikv_jemallocator::Jemalloc = tikv_jemallocator::Jemalloc;
+static ALLOC: mimalloc::MiMalloc = mimalloc::MiMalloc;

 /// does all the setup before meilisearch is launched
 fn setup(opt: &Opt) -> anyhow::Result<()> {
@ -28,7 +29,7 @@ fn setup(opt: &Opt) -> anyhow::Result<()> {

 #[actix_web::main]
 async fn main() -> anyhow::Result<()> {
-    let opt = Opt::from_args();
+    let opt = Opt::parse();

    setup(&opt)?;

@ -46,6 +47,8 @@ async fn main() -> anyhow::Result<()> {

    let meilisearch = setup_meilisearch(&opt)?;

+    let auth_controller = AuthController::new(&opt.db_path, &opt.master_key)?;
+
    #[cfg(all(not(debug_assertions), feature = "analytics"))]
    let (analytics, user) = if !opt.no_analytics {
        analytics::SegmentAnalytics::new(&opt, &meilisearch).await
@ -57,22 +60,31 @@ async fn main() -> anyhow::Result<()> {

    print_launch_resume(&opt, &user);

-    run_http(meilisearch, opt, analytics).await?;
+    run_http(meilisearch, auth_controller, opt, analytics).await?;

    Ok(())
 }

 async fn run_http(
    data: MeiliSearch,
+    auth_controller: AuthController,
    opt: Opt,
    analytics: Arc<dyn Analytics>,
 ) -> anyhow::Result<()> {
    let _enable_dashboard = &opt.env == "development";
    let opt_clone = opt.clone();
-    let http_server =
-        HttpServer::new(move || create_app!(data, _enable_dashboard, opt_clone, analytics.clone()))
-            // Disable signals allows the server to terminate immediately when a user enter CTRL-C
-            .disable_signals();
+    let http_server = HttpServer::new(move || {
+        create_app!(
+            data,
+            auth_controller,
+            _enable_dashboard,
+            opt_clone,
+            analytics.clone()
+        )
+    })
+    // Disable signals allows the server to terminate immediately when a user enter CTRL-C
+    .disable_signals()
+    .keep_alive(KeepAlive::Os);

    if let Some(config) = opt.get_ssl_config()? {
        http_server
@ -88,22 +100,26 @@ async fn run_http(
 pub fn print_launch_resume(opt: &Opt, user: &str) {
    let commit_sha = option_env!("VERGEN_GIT_SHA").unwrap_or("unknown");
    let commit_date = option_env!("VERGEN_GIT_COMMIT_TIMESTAMP").unwrap_or("unknown");
-
+    let protocol = if opt.ssl_cert_path.is_some() && opt.ssl_key_path.is_some() {
+        "https"
+    } else {
+        "http"
+    };
    let ascii_name = r#"
-888b     d888          d8b 888 d8b  .d8888b.                                    888
-8888b   d8888          Y8P 888 Y8P d88P  Y88b                                   888
-88888b.d88888              888     Y88b.                                        888
-888Y88888P888  .d88b.  888 888 888  "Y888b.    .d88b.   8888b.  888d888 .d8888b 88888b.
-888 Y888P 888 d8P  Y8b 888 888 888     "Y88b. d8P  Y8b     "88b 888P"  d88P"    888 "88b
-888  Y8P  888 88888888 888 888 888       "888 88888888 .d888888 888    888      888  888
-888   "   888 Y8b.     888 888 888 Y88b  d88P Y8b.     888  888 888    Y88b.    888  888
-888       888  "Y8888  888 888 888  "Y8888P"   "Y8888  "Y888888 888     "Y8888P 888  888
+888b     d888          d8b 888 d8b                                            888
+8888b   d8888          Y8P 888 Y8P                                            888
+88888b.d88888              888                                                888
+888Y88888P888  .d88b.  888 888 888 .d8888b   .d88b.   8888b.  888d888 .d8888b 88888b.
+888 Y888P 888 d8P  Y8b 888 888 888 88K      d8P  Y8b     "88b 888P"  d88P"    888 "88b
+888  Y8P  888 88888888 888 888 888 "Y8888b. 88888888 .d888888 888    888      888  888
+888   "   888 Y8b.     888 888 888      X88 Y8b.     888  888 888    Y88b.    888  888
+888       888  "Y8888  888 888 888  88888P'  "Y8888  "Y888888 888     "Y8888P 888  888
 "#;

    eprintln!("{}", ascii_name);

    eprintln!("Database path:\t\t{:?}", opt.db_path);
-    eprintln!("Server listening on:\t\"http://{}\"", opt.http_addr);
+    eprintln!("Server listening on:\t\"{}://{}\"", protocol, opt.http_addr);
    eprintln!("Environment:\t\t{:?}", opt.env);
    eprintln!("Commit SHA:\t\t{:?}", commit_sha.to_string());
    eprintln!("Commit date:\t\t{:?}", commit_date.to_string());
@ -114,17 +130,17 @@ pub fn print_launch_resume(opt: &Opt, user: &str) {

    #[cfg(all(not(debug_assertions), feature = "analytics"))]
    {
-        if opt.no_analytics {
-            eprintln!("Anonymous telemetry:\t\"Disabled\"");
-        } else {
+        if !opt.no_analytics {
            eprintln!(
                "
-Thank you for using MeiliSearch!
+Thank you for using Meilisearch!

 We collect anonymized analytics to improve our product and your experience. To learn more, including how to turn off analytics, visit our dedicated documentation page: https://docs.meilisearch.com/learn/what_is_meilisearch/telemetry.html

 Anonymous telemetry:\t\"Enabled\""
            );
+        } else {
+            eprintln!("Anonymous telemetry:\t\"Disabled\"");
        }
    }

@ -135,7 +151,7 @@ Anonymous telemetry:\t\"Enabled\""
    eprintln!();

    if opt.master_key.is_some() {
-        eprintln!("A Master Key has been set. Requests to MeiliSearch won't be authorized unless you provide an authentication key.");
+        eprintln!("A Master Key has been set. Requests to Meilisearch won't be authorized unless you provide an authentication key.");
    } else {
        eprintln!("No master key found; The server will accept unidentified requests. \
            If you need some protection in development mode, please export a key: export MEILI_MASTER_KEY=xxx");
@ -144,6 +160,6 @@ Anonymous telemetry:\t\"Enabled\""
    eprintln!();
    eprintln!("Documentation:\t\thttps://docs.meilisearch.com");
    eprintln!("Source code:\t\thttps://github.com/meilisearch/meilisearch");
-    eprintln!("Contact:\t\thttps://docs.meilisearch.com/resources/contact.html or bonjour@meilisearch.com");
+    eprintln!("Contact:\t\thttps://docs.meilisearch.com/resources/contact.html");
    eprintln!();
 }
--- a/meilisearch-http/src/metrics.rs
+++ b/meilisearch-http/src/metrics.rs
@ -0,0 +1,42 @@
+use lazy_static::lazy_static;
+use prometheus::{
+    opts, register_histogram_vec, register_int_counter_vec, register_int_gauge,
+    register_int_gauge_vec,
+};
+use prometheus::{HistogramVec, IntCounterVec, IntGauge, IntGaugeVec};
+
+const HTTP_RESPONSE_TIME_CUSTOM_BUCKETS: &[f64; 14] = &[
+    0.0005, 0.0008, 0.00085, 0.0009, 0.00095, 0.001, 0.00105, 0.0011, 0.00115, 0.0012, 0.0015,
+    0.002, 0.003, 1.0,
+];
+
+lazy_static! {
+    pub static ref HTTP_REQUESTS_TOTAL: IntCounterVec = register_int_counter_vec!(
+        opts!("http_requests_total", "HTTP requests total"),
+        &["method", "path"]
+    )
+    .expect("Can't create a metric");
+    pub static ref MEILISEARCH_DB_SIZE_BYTES: IntGauge = register_int_gauge!(opts!(
+        "meilisearch_db_size_bytes",
+        "Meilisearch Db Size In Bytes"
+    ))
+    .expect("Can't create a metric");
+    pub static ref MEILISEARCH_INDEX_COUNT: IntGauge =
+        register_int_gauge!(opts!("meilisearch_index_count", "Meilisearch Index Count"))
+            .expect("Can't create a metric");
+    pub static ref MEILISEARCH_INDEX_DOCS_COUNT: IntGaugeVec = register_int_gauge_vec!(
+        opts!(
+            "meilisearch_index_docs_count",
+            "Meilisearch Index Docs Count"
+        ),
+        &["index"]
+    )
+    .expect("Can't create a metric");
+    pub static ref HTTP_RESPONSE_TIME_SECONDS: HistogramVec = register_histogram_vec!(
+        "http_response_time_seconds",
+        "HTTP response times",
+        &["method", "path"],
+        HTTP_RESPONSE_TIME_CUSTOM_BUCKETS.to_vec()
+    )
+    .expect("Can't create a metric");
+}
--- a/meilisearch-http/src/option.rs
+++ b/meilisearch-http/src/option.rs
@ -4,134 +4,174 @@ use std::path::PathBuf;
 use std::sync::Arc;

 use byte_unit::Byte;
-use meilisearch_lib::options::IndexerOpts;
-use rustls::internal::pemfile::{certs, pkcs8_private_keys, rsa_private_keys};
+use clap::Parser;
+use meilisearch_lib::options::{IndexerOpts, SchedulerConfig};
 use rustls::{
-    AllowAnyAnonymousOrAuthenticatedClient, AllowAnyAuthenticatedClient, NoClientAuth,
+    server::{
+        AllowAnyAnonymousOrAuthenticatedClient, AllowAnyAuthenticatedClient,
+        ServerSessionMemoryCache,
+    },
    RootCertStore,
 };
-use structopt::StructOpt;
+use rustls_pemfile::{certs, pkcs8_private_keys, rsa_private_keys};
+use serde::Serialize;

 const POSSIBLE_ENV: [&str; 2] = ["development", "production"];

-#[derive(Debug, Clone, StructOpt)]
+#[derive(Debug, Clone, Parser, Serialize)]
+#[clap(version)]
 pub struct Opt {
    /// The destination where the database must be created.
-    #[structopt(long, env = "MEILI_DB_PATH", default_value = "./data.ms")]
+    #[clap(long, env = "MEILI_DB_PATH", default_value = "./data.ms")]
    pub db_path: PathBuf,

    /// The address on which the http server will listen.
-    #[structopt(long, env = "MEILI_HTTP_ADDR", default_value = "127.0.0.1:7700")]
+    #[clap(long, env = "MEILI_HTTP_ADDR", default_value = "127.0.0.1:7700")]
    pub http_addr: String,

    /// The master key allowing you to do everything on the server.
-    #[structopt(long, env = "MEILI_MASTER_KEY")]
+    #[serde(skip)]
+    #[clap(long, env = "MEILI_MASTER_KEY")]
    pub master_key: Option<String>,

    /// This environment variable must be set to `production` if you are running in production.
    /// If the server is running in development mode more logs will be displayed,
    /// and the master key can be avoided which implies that there is no security on the updates routes.
    /// This is useful to debug when integrating the engine with another service.
-    #[structopt(long, env = "MEILI_ENV", default_value = "development", possible_values = &POSSIBLE_ENV)]
+    #[clap(long, env = "MEILI_ENV", default_value = "development", possible_values = &POSSIBLE_ENV)]
    pub env: String,

    /// Do not send analytics to Meili.
    #[cfg(all(not(debug_assertions), feature = "analytics"))]
-    #[structopt(long, env = "MEILI_NO_ANALYTICS")]
+    #[serde(skip)] // we can't send true
+    #[clap(long, env = "MEILI_NO_ANALYTICS")]
    pub no_analytics: bool,

    /// The maximum size, in bytes, of the main lmdb database directory
-    #[structopt(long, env = "MEILI_MAX_INDEX_SIZE", default_value = "100 GiB")]
+    #[clap(long, env = "MEILI_MAX_INDEX_SIZE", default_value = "100 GiB")]
    pub max_index_size: Byte,

    /// The maximum size, in bytes, of the update lmdb database directory
-    #[structopt(long, env = "MEILI_MAX_UDB_SIZE", default_value = "100 GiB")]
-    pub max_udb_size: Byte,
+    #[clap(long, env = "MEILI_MAX_TASK_DB_SIZE", default_value = "100 GiB")]
+    pub max_task_db_size: Byte,

    /// The maximum size, in bytes, of accepted JSON payloads
-    #[structopt(long, env = "MEILI_HTTP_PAYLOAD_SIZE_LIMIT", default_value = "100 MB")]
+    #[clap(long, env = "MEILI_HTTP_PAYLOAD_SIZE_LIMIT", default_value = "100 MB")]
    pub http_payload_size_limit: Byte,

    /// Read server certificates from CERTFILE.
    /// This should contain PEM-format certificates
    /// in the right order (the first certificate should
    /// certify KEYFILE, the last should be a root CA).
-    #[structopt(long, env = "MEILI_SSL_CERT_PATH", parse(from_os_str))]
+    #[serde(skip)]
+    #[clap(long, env = "MEILI_SSL_CERT_PATH", parse(from_os_str))]
    pub ssl_cert_path: Option<PathBuf>,

    /// Read private key from KEYFILE.  This should be a RSA
    /// private key or PKCS8-encoded private key, in PEM format.
-    #[structopt(long, env = "MEILI_SSL_KEY_PATH", parse(from_os_str))]
+    #[serde(skip)]
+    #[clap(long, env = "MEILI_SSL_KEY_PATH", parse(from_os_str))]
    pub ssl_key_path: Option<PathBuf>,

    /// Enable client authentication, and accept certificates
    /// signed by those roots provided in CERTFILE.
-    #[structopt(long, env = "MEILI_SSL_AUTH_PATH", parse(from_os_str))]
+    #[clap(long, env = "MEILI_SSL_AUTH_PATH", parse(from_os_str))]
+    #[serde(skip)]
    pub ssl_auth_path: Option<PathBuf>,

    /// Read DER-encoded OCSP response from OCSPFILE and staple to certificate.
    /// Optional
-    #[structopt(long, env = "MEILI_SSL_OCSP_PATH", parse(from_os_str))]
+    #[serde(skip)]
+    #[clap(long, env = "MEILI_SSL_OCSP_PATH", parse(from_os_str))]
    pub ssl_ocsp_path: Option<PathBuf>,

    /// Send a fatal alert if the client does not complete client authentication.
-    #[structopt(long, env = "MEILI_SSL_REQUIRE_AUTH")]
+    #[serde(skip)]
+    #[clap(long, env = "MEILI_SSL_REQUIRE_AUTH")]
    pub ssl_require_auth: bool,

    /// SSL support session resumption
-    #[structopt(long, env = "MEILI_SSL_RESUMPTION")]
+    #[serde(skip)]
+    #[clap(long, env = "MEILI_SSL_RESUMPTION")]
    pub ssl_resumption: bool,

    /// SSL support tickets.
-    #[structopt(long, env = "MEILI_SSL_TICKETS")]
+    #[serde(skip)]
+    #[clap(long, env = "MEILI_SSL_TICKETS")]
    pub ssl_tickets: bool,

    /// Defines the path of the snapshot file to import.
    /// This option will, by default, stop the process if a database already exist or if no snapshot exists at
    /// the given path. If this option is not specified no snapshot is imported.
-    #[structopt(long)]
+    #[clap(long)]
    pub import_snapshot: Option<PathBuf>,

    /// The engine will ignore a missing snapshot and not return an error in such case.
-    #[structopt(long, requires = "import-snapshot")]
+    #[clap(long, requires = "import-snapshot")]
    pub ignore_missing_snapshot: bool,

    /// The engine will skip snapshot importation and not return an error in such case.
-    #[structopt(long, requires = "import-snapshot")]
+    #[clap(long, requires = "import-snapshot")]
    pub ignore_snapshot_if_db_exists: bool,

    /// Defines the directory path where meilisearch will create snapshot each snapshot_time_gap.
-    #[structopt(long, env = "MEILI_SNAPSHOT_DIR", default_value = "snapshots/")]
+    #[clap(long, env = "MEILI_SNAPSHOT_DIR", default_value = "snapshots/")]
    pub snapshot_dir: PathBuf,

    /// Activate snapshot scheduling.
-    #[structopt(long, env = "MEILI_SCHEDULE_SNAPSHOT")]
+    #[clap(long, env = "MEILI_SCHEDULE_SNAPSHOT")]
    pub schedule_snapshot: bool,

    /// Defines time interval, in seconds, between each snapshot creation.
-    #[structopt(long, env = "MEILI_SNAPSHOT_INTERVAL_SEC", default_value = "86400")] // 24h
+    #[clap(long, env = "MEILI_SNAPSHOT_INTERVAL_SEC", default_value = "86400")] // 24h
    pub snapshot_interval_sec: u64,

-    /// Folder where dumps are created when the dump route is called.
-    #[structopt(long, env = "MEILI_DUMPS_DIR", default_value = "dumps/")]
-    pub dumps_dir: PathBuf,
-
    /// Import a dump from the specified path, must be a `.dump` file.
-    #[structopt(long, conflicts_with = "import-snapshot")]
+    #[clap(long, conflicts_with = "import-snapshot")]
    pub import_dump: Option<PathBuf>,

+    /// If the dump doesn't exists, load or create the database specified by `db-path` instead.
+    #[clap(long, requires = "import-dump")]
+    pub ignore_missing_dump: bool,
+
+    /// Ignore the dump if a database already exists, and load that database instead.
+    #[clap(long, requires = "import-dump")]
+    pub ignore_dump_if_db_exists: bool,
+
+    /// Folder where dumps are created when the dump route is called.
+    #[clap(long, env = "MEILI_DUMPS_DIR", default_value = "dumps/")]
+    pub dumps_dir: PathBuf,
+
    /// Set the log level
-    #[structopt(long, env = "MEILI_LOG_LEVEL", default_value = "info")]
+    #[clap(long, env = "MEILI_LOG_LEVEL", default_value = "info")]
    pub log_level: String,

-    #[structopt(skip)]
+    /// Enables Prometheus metrics and /metrics route.
+    #[cfg(feature = "metrics")]
+    #[clap(long, env = "MEILI_ENABLE_METRICS_ROUTE")]
+    pub enable_metrics_route: bool,
+
+    #[serde(flatten)]
+    #[clap(flatten)]
    pub indexer_options: IndexerOpts,
+
+    #[serde(flatten)]
+    #[clap(flatten)]
+    pub scheduler_options: SchedulerConfig,
 }

 impl Opt {
+    /// Wether analytics should be enabled or not.
+    #[cfg(all(not(debug_assertions), feature = "analytics"))]
+    pub fn analytics(&self) -> bool {
+        !self.no_analytics
+    }
+
    pub fn get_ssl_config(&self) -> anyhow::Result<Option<rustls::ServerConfig>> {
        if let (Some(cert_path), Some(key_path)) = (&self.ssl_cert_path, &self.ssl_key_path) {
-            let client_auth = match &self.ssl_auth_path {
+            let config = rustls::ServerConfig::builder().with_safe_defaults();
+
+            let config = match &self.ssl_auth_path {
                Some(auth_path) => {
                    let roots = load_certs(auth_path.to_path_buf())?;
                    let mut client_auth_roots = RootCertStore::empty();
@ -139,30 +179,32 @@ impl Opt {
                        client_auth_roots.add(&root).unwrap();
                    }
                    if self.ssl_require_auth {
-                        AllowAnyAuthenticatedClient::new(client_auth_roots)
+                        let verifier = AllowAnyAuthenticatedClient::new(client_auth_roots);
+                        config.with_client_cert_verifier(verifier)
                    } else {
-                        AllowAnyAnonymousOrAuthenticatedClient::new(client_auth_roots)
+                        let verifier =
+                            AllowAnyAnonymousOrAuthenticatedClient::new(client_auth_roots);
+                        config.with_client_cert_verifier(verifier)
                    }
                }
-                None => NoClientAuth::new(),
+                None => config.with_no_client_auth(),
            };

-            let mut config = rustls::ServerConfig::new(client_auth);
-            config.key_log = Arc::new(rustls::KeyLogFile::new());
-
            let certs = load_certs(cert_path.to_path_buf())?;
            let privkey = load_private_key(key_path.to_path_buf())?;
            let ocsp = load_ocsp(&self.ssl_ocsp_path)?;
-            config
-                .set_single_cert_with_ocsp_and_sct(certs, privkey, ocsp, vec![])
+            let mut config = config
+                .with_single_cert_with_ocsp_and_sct(certs, privkey, ocsp, vec![])
                .map_err(|_| anyhow::anyhow!("bad certificates/private key"))?;

+            config.key_log = Arc::new(rustls::KeyLogFile::new());
+
            if self.ssl_resumption {
-                config.set_persistence(rustls::ServerSessionMemoryCache::new(256));
+                config.session_storage = ServerSessionMemoryCache::new(256);
            }

            if self.ssl_tickets {
-                config.ticketer = rustls::Ticketer::new();
+                config.ticketer = rustls::Ticketer::new().unwrap();
            }

            Ok(Some(config))
@ -176,7 +218,9 @@ fn load_certs(filename: PathBuf) -> anyhow::Result<Vec<rustls::Certificate>> {
    let certfile =
        fs::File::open(filename).map_err(|_| anyhow::anyhow!("cannot open certificate file"))?;
    let mut reader = BufReader::new(certfile);
-    certs(&mut reader).map_err(|_| anyhow::anyhow!("cannot read certificate file"))
+    certs(&mut reader)
+        .map(|certs| certs.into_iter().map(rustls::Certificate).collect())
+        .map_err(|_| anyhow::anyhow!("cannot read certificate file"))
 }

 fn load_private_key(filename: PathBuf) -> anyhow::Result<rustls::PrivateKey> {
@ -201,10 +245,10 @@ fn load_private_key(filename: PathBuf) -> anyhow::Result<rustls::PrivateKey> {

    // prefer to load pkcs8 keys
    if !pkcs8_keys.is_empty() {
-        Ok(pkcs8_keys[0].clone())
+        Ok(rustls::PrivateKey(pkcs8_keys[0].clone()))
    } else {
        assert!(!rsa_keys.is_empty());
-        Ok(rsa_keys[0].clone())
+        Ok(rustls::PrivateKey(rsa_keys[0].clone()))
    }
 }

@ -220,3 +264,13 @@ fn load_ocsp(filename: &Option<PathBuf>) -> anyhow::Result<Vec<u8>> {

    Ok(ret)
 }
+
+#[cfg(test)]
+mod test {
+    use super::*;
+
+    #[test]
+    fn test_valid_opt() {
+        assert!(Opt::try_parse_from(Some("")).is_ok());
+    }
+}
--- a/meilisearch-http/src/route_metrics.rs
+++ b/meilisearch-http/src/route_metrics.rs
@ -0,0 +1,112 @@
+use std::future::{ready, Ready};
+
+use actix_web::http::header;
+use actix_web::HttpResponse;
+use actix_web::{
+    dev::{self, Service, ServiceRequest, ServiceResponse, Transform},
+    Error,
+};
+use futures_util::future::LocalBoxFuture;
+use meilisearch_auth::actions;
+use meilisearch_lib::MeiliSearch;
+use meilisearch_types::error::ResponseError;
+use prometheus::HistogramTimer;
+use prometheus::{Encoder, TextEncoder};
+
+use crate::extractors::authentication::policies::ActionPolicy;
+use crate::extractors::authentication::GuardedData;
+
+pub async fn get_metrics(
+    meilisearch: GuardedData<ActionPolicy<{ actions::METRICS_GET }>, MeiliSearch>,
+) -> Result<HttpResponse, ResponseError> {
+    let search_rules = &meilisearch.filters().search_rules;
+    let response = meilisearch.get_all_stats(search_rules).await?;
+
+    crate::metrics::MEILISEARCH_DB_SIZE_BYTES.set(response.database_size as i64);
+    crate::metrics::MEILISEARCH_INDEX_COUNT.set(response.indexes.len() as i64);
+
+    for (index, value) in response.indexes.iter() {
+        crate::metrics::MEILISEARCH_INDEX_DOCS_COUNT
+            .with_label_values(&[index])
+            .set(value.number_of_documents as i64);
+    }
+
+    let encoder = TextEncoder::new();
+    let mut buffer = vec![];
+    encoder
+        .encode(&prometheus::gather(), &mut buffer)
+        .expect("Failed to encode metrics");
+
+    let response = String::from_utf8(buffer).expect("Failed to convert bytes to string");
+
+    Ok(HttpResponse::Ok()
+        .insert_header(header::ContentType(mime::TEXT_PLAIN))
+        .body(response))
+}
+
+pub struct RouteMetrics;
+
+// Middleware factory is `Transform` trait from actix-service crate
+// `S` - type of the next service
+// `B` - type of response's body
+impl<S, B> Transform<S, ServiceRequest> for RouteMetrics
+where
+    S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error>,
+    S::Future: 'static,
+    B: 'static,
+{
+    type Response = ServiceResponse<B>;
+    type Error = Error;
+    type InitError = ();
+    type Transform = RouteMetricsMiddleware<S>;
+    type Future = Ready<Result<Self::Transform, Self::InitError>>;
+
+    fn new_transform(&self, service: S) -> Self::Future {
+        ready(Ok(RouteMetricsMiddleware { service }))
+    }
+}
+
+pub struct RouteMetricsMiddleware<S> {
+    service: S,
+}
+
+impl<S, B> Service<ServiceRequest> for RouteMetricsMiddleware<S>
+where
+    S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error>,
+    S::Future: 'static,
+    B: 'static,
+{
+    type Response = ServiceResponse<B>;
+    type Error = Error;
+    type Future = LocalBoxFuture<'static, Result<Self::Response, Self::Error>>;
+
+    dev::forward_ready!(service);
+
+    fn call(&self, req: ServiceRequest) -> Self::Future {
+        let mut histogram_timer: Option<HistogramTimer> = None;
+        let request_path = req.path();
+        let is_registered_resource = req.resource_map().has_resource(request_path);
+        if is_registered_resource {
+            let request_method = req.method().to_string();
+            histogram_timer = Some(
+                crate::metrics::HTTP_RESPONSE_TIME_SECONDS
+                    .with_label_values(&[&request_method, request_path])
+                    .start_timer(),
+            );
+            crate::metrics::HTTP_REQUESTS_TOTAL
+                .with_label_values(&[&request_method, request_path])
+                .inc();
+        }
+
+        let fut = self.service.call(req);
+
+        Box::pin(async move {
+            let res = fut.await?;
+
+            if let Some(histogram_timer) = histogram_timer {
+                histogram_timer.observe_duration();
+            };
+            Ok(res)
+        })
+    }
+}
--- a/meilisearch-http/src/routes/api_key.rs
+++ b/meilisearch-http/src/routes/api_key.rs
@ -0,0 +1,160 @@
+use std::str;
+
+use actix_web::{web, HttpRequest, HttpResponse};
+use serde::{Deserialize, Serialize};
+use serde_json::Value;
+use time::OffsetDateTime;
+use uuid::Uuid;
+
+use meilisearch_auth::{error::AuthControllerError, Action, AuthController, Key};
+use meilisearch_types::error::{Code, ResponseError};
+
+use crate::extractors::{
+    authentication::{policies::*, GuardedData},
+    sequential_extractor::SeqHandler,
+};
+use crate::routes::Pagination;
+
+pub fn configure(cfg: &mut web::ServiceConfig) {
+    cfg.service(
+        web::resource("")
+            .route(web::post().to(SeqHandler(create_api_key)))
+            .route(web::get().to(SeqHandler(list_api_keys))),
+    )
+    .service(
+        web::resource("/{key}")
+            .route(web::get().to(SeqHandler(get_api_key)))
+            .route(web::patch().to(SeqHandler(patch_api_key)))
+            .route(web::delete().to(SeqHandler(delete_api_key))),
+    );
+}
+
+pub async fn create_api_key(
+    auth_controller: GuardedData<ActionPolicy<{ actions::KEYS_CREATE }>, AuthController>,
+    body: web::Json<Value>,
+    _req: HttpRequest,
+) -> Result<HttpResponse, ResponseError> {
+    let v = body.into_inner();
+    let res = tokio::task::spawn_blocking(move || -> Result<_, AuthControllerError> {
+        let key = auth_controller.create_key(v)?;
+        Ok(KeyView::from_key(key, &auth_controller))
+    })
+    .await
+    .map_err(|e| ResponseError::from_msg(e.to_string(), Code::Internal))??;
+
+    Ok(HttpResponse::Created().json(res))
+}
+
+pub async fn list_api_keys(
+    auth_controller: GuardedData<ActionPolicy<{ actions::KEYS_GET }>, AuthController>,
+    paginate: web::Query<Pagination>,
+) -> Result<HttpResponse, ResponseError> {
+    let page_view = tokio::task::spawn_blocking(move || -> Result<_, AuthControllerError> {
+        let keys = auth_controller.list_keys()?;
+        let page_view = paginate.auto_paginate_sized(
+            keys.into_iter()
+                .map(|k| KeyView::from_key(k, &auth_controller)),
+        );
+
+        Ok(page_view)
+    })
+    .await
+    .map_err(|e| ResponseError::from_msg(e.to_string(), Code::Internal))??;
+
+    Ok(HttpResponse::Ok().json(page_view))
+}
+
+pub async fn get_api_key(
+    auth_controller: GuardedData<ActionPolicy<{ actions::KEYS_GET }>, AuthController>,
+    path: web::Path<AuthParam>,
+) -> Result<HttpResponse, ResponseError> {
+    let key = path.into_inner().key;
+
+    let res = tokio::task::spawn_blocking(move || -> Result<_, AuthControllerError> {
+        let uid =
+            Uuid::parse_str(&key).or_else(|_| auth_controller.get_uid_from_encoded_key(&key))?;
+        let key = auth_controller.get_key(uid)?;
+
+        Ok(KeyView::from_key(key, &auth_controller))
+    })
+    .await
+    .map_err(|e| ResponseError::from_msg(e.to_string(), Code::Internal))??;
+
+    Ok(HttpResponse::Ok().json(res))
+}
+
+pub async fn patch_api_key(
+    auth_controller: GuardedData<ActionPolicy<{ actions::KEYS_UPDATE }>, AuthController>,
+    body: web::Json<Value>,
+    path: web::Path<AuthParam>,
+) -> Result<HttpResponse, ResponseError> {
+    let key = path.into_inner().key;
+    let body = body.into_inner();
+    let res = tokio::task::spawn_blocking(move || -> Result<_, AuthControllerError> {
+        let uid =
+            Uuid::parse_str(&key).or_else(|_| auth_controller.get_uid_from_encoded_key(&key))?;
+        let key = auth_controller.update_key(uid, body)?;
+
+        Ok(KeyView::from_key(key, &auth_controller))
+    })
+    .await
+    .map_err(|e| ResponseError::from_msg(e.to_string(), Code::Internal))??;
+
+    Ok(HttpResponse::Ok().json(res))
+}
+
+pub async fn delete_api_key(
+    auth_controller: GuardedData<ActionPolicy<{ actions::KEYS_DELETE }>, AuthController>,
+    path: web::Path<AuthParam>,
+) -> Result<HttpResponse, ResponseError> {
+    let key = path.into_inner().key;
+    tokio::task::spawn_blocking(move || {
+        let uid =
+            Uuid::parse_str(&key).or_else(|_| auth_controller.get_uid_from_encoded_key(&key))?;
+        auth_controller.delete_key(uid)
+    })
+    .await
+    .map_err(|e| ResponseError::from_msg(e.to_string(), Code::Internal))??;
+
+    Ok(HttpResponse::NoContent().finish())
+}
+
+#[derive(Deserialize)]
+pub struct AuthParam {
+    key: String,
+}
+
+#[derive(Debug, Serialize)]
+#[serde(rename_all = "camelCase")]
+struct KeyView {
+    name: Option<String>,
+    description: Option<String>,
+    key: String,
+    uid: Uuid,
+    actions: Vec<Action>,
+    indexes: Vec<String>,
+    #[serde(serialize_with = "time::serde::rfc3339::option::serialize")]
+    expires_at: Option<OffsetDateTime>,
+    #[serde(serialize_with = "time::serde::rfc3339::serialize")]
+    created_at: OffsetDateTime,
+    #[serde(serialize_with = "time::serde::rfc3339::serialize")]
+    updated_at: OffsetDateTime,
+}
+
+impl KeyView {
+    fn from_key(key: Key, auth: &AuthController) -> Self {
+        let generated_key = auth.generate_key(key.uid).unwrap_or_default();
+
+        KeyView {
+            name: key.name,
+            description: key.description,
+            key: generated_key,
+            uid: key.uid,
+            actions: key.actions,
+            indexes: key.indexes.into_iter().map(String::from).collect(),
+            expires_at: key.expires_at,
+            created_at: key.created_at,
+            updated_at: key.updated_at,
+        }
+    }
+}
--- a/meilisearch-http/src/routes/dump.rs
+++ b/meilisearch-http/src/routes/dump.rs
@ -1,48 +1,27 @@
 use actix_web::{web, HttpRequest, HttpResponse};
 use log::debug;
 use meilisearch_lib::MeiliSearch;
-use serde::{Deserialize, Serialize};
+use meilisearch_types::error::ResponseError;
 use serde_json::json;

 use crate::analytics::Analytics;
-use crate::error::ResponseError;
 use crate::extractors::authentication::{policies::*, GuardedData};
+use crate::extractors::sequential_extractor::SeqHandler;
+use crate::task::SummarizedTaskView;

 pub fn configure(cfg: &mut web::ServiceConfig) {
-    cfg.service(web::resource("").route(web::post().to(create_dump)))
-        .service(web::resource("/{dump_uid}/status").route(web::get().to(get_dump_status)));
+    cfg.service(web::resource("").route(web::post().to(SeqHandler(create_dump))));
 }

 pub async fn create_dump(
-    meilisearch: GuardedData<Private, MeiliSearch>,
+    meilisearch: GuardedData<ActionPolicy<{ actions::DUMPS_CREATE }>, MeiliSearch>,
    req: HttpRequest,
    analytics: web::Data<dyn Analytics>,
 ) -> Result<HttpResponse, ResponseError> {
    analytics.publish("Dump Created".to_string(), json!({}), Some(&req));

-    let res = meilisearch.create_dump().await?;
+    let res: SummarizedTaskView = meilisearch.register_dump_task().await?.into();

    debug!("returns: {:?}", res);
    Ok(HttpResponse::Accepted().json(res))
 }
-
-#[derive(Debug, Serialize)]
-#[serde(rename_all = "camelCase")]
-struct DumpStatusResponse {
-    status: String,
-}
-
-#[derive(Deserialize)]
-struct DumpParam {
-    dump_uid: String,
-}
-
-async fn get_dump_status(
-    meilisearch: GuardedData<Private, MeiliSearch>,
-    path: web::Path<DumpParam>,
-) -> Result<HttpResponse, ResponseError> {
-    let res = meilisearch.dump_info(path.dump_uid.clone()).await?;
-
-    debug!("returns: {:?}", res);
-    Ok(HttpResponse::Ok().json(res))
-}
--- a/meilisearch-http/src/routes/indexes/documents.rs
+++ b/meilisearch-http/src/routes/indexes/documents.rs
@ -1,24 +1,38 @@
 use actix_web::error::PayloadError;
+use actix_web::http::header::CONTENT_TYPE;
 use actix_web::web::Bytes;
+use actix_web::HttpMessage;
 use actix_web::{web, HttpRequest, HttpResponse};
+use bstr::ByteSlice;
 use futures::{Stream, StreamExt};
 use log::debug;
 use meilisearch_lib::index_controller::{DocumentAdditionFormat, Update};
 use meilisearch_lib::milli::update::IndexDocumentsMethod;
 use meilisearch_lib::MeiliSearch;
+use meilisearch_types::error::ResponseError;
+use meilisearch_types::star_or::StarOr;
+use mime::Mime;
 use once_cell::sync::Lazy;
 use serde::Deserialize;
+use serde_cs::vec::CS;
 use serde_json::Value;
 use tokio::sync::mpsc;

 use crate::analytics::Analytics;
-use crate::error::{MeilisearchHttpError, ResponseError};
+use crate::error::MeilisearchHttpError;
 use crate::extractors::authentication::{policies::*, GuardedData};
 use crate::extractors::payload::Payload;
-use crate::routes::IndexParam;
+use crate::extractors::sequential_extractor::SeqHandler;
+use crate::routes::{fold_star_or, PaginationView};
+use crate::task::SummarizedTaskView;

-const DEFAULT_RETRIEVE_DOCUMENTS_OFFSET: usize = 0;
-const DEFAULT_RETRIEVE_DOCUMENTS_LIMIT: usize = 20;
+static ACCEPTED_CONTENT_TYPE: Lazy<Vec<String>> = Lazy::new(|| {
+    vec![
+        "application/json".to_string(),
+        "application/x-ndjson".to_string(),
+        "text/csv".to_string(),
+    ]
+});

 /// This is required because Payload is not Sync nor Send
 fn payload_to_stream(mut payload: Payload) -> impl Stream<Item = Result<Bytes, PayloadError>> {
@ -31,6 +45,24 @@ fn payload_to_stream(mut payload: Payload) -> impl Stream<Item = Result<Bytes, P
    tokio_stream::wrappers::ReceiverStream::new(recv)
 }

+/// Extracts the mime type from the content type and return
+/// a meilisearch error if anything bad happen.
+fn extract_mime_type(req: &HttpRequest) -> Result<Option<Mime>, MeilisearchHttpError> {
+    match req.mime_type() {
+        Ok(Some(mime)) => Ok(Some(mime)),
+        Ok(None) => Ok(None),
+        Err(_) => match req.headers().get(CONTENT_TYPE) {
+            Some(content_type) => Err(MeilisearchHttpError::InvalidContentType(
+                content_type.as_bytes().as_bstr().to_string(),
+                ACCEPTED_CONTENT_TYPE.clone(),
+            )),
+            None => Err(MeilisearchHttpError::MissingContentType(
+                ACCEPTED_CONTENT_TYPE.clone(),
+            )),
+        },
+    }
+}
+
 #[derive(Deserialize)]
 pub struct DocumentParam {
    index_uid: String,
@ -40,35 +72,45 @@ pub struct DocumentParam {
 pub fn configure(cfg: &mut web::ServiceConfig) {
    cfg.service(
        web::resource("")
-            .route(web::get().to(get_all_documents))
-            .route(web::post().to(add_documents))
-            .route(web::put().to(update_documents))
-            .route(web::delete().to(clear_all_documents)),
+            .route(web::get().to(SeqHandler(get_all_documents)))
+            .route(web::post().to(SeqHandler(add_documents)))
+            .route(web::put().to(SeqHandler(update_documents)))
+            .route(web::delete().to(SeqHandler(clear_all_documents))),
    )
    // this route needs to be before the /documents/{document_id} to match properly
-    .service(web::resource("/delete-batch").route(web::post().to(delete_documents)))
+    .service(web::resource("/delete-batch").route(web::post().to(SeqHandler(delete_documents))))
    .service(
        web::resource("/{document_id}")
-            .route(web::get().to(get_document))
-            .route(web::delete().to(delete_document)),
+            .route(web::get().to(SeqHandler(get_document)))
+            .route(web::delete().to(SeqHandler(delete_document))),
    );
 }

+#[derive(Deserialize, Debug)]
+#[serde(rename_all = "camelCase", deny_unknown_fields)]
+pub struct GetDocument {
+    fields: Option<CS<StarOr<String>>>,
+}
+
 pub async fn get_document(
-    meilisearch: GuardedData<Public, MeiliSearch>,
+    meilisearch: GuardedData<ActionPolicy<{ actions::DOCUMENTS_GET }>, MeiliSearch>,
    path: web::Path<DocumentParam>,
+    params: web::Query<GetDocument>,
 ) -> Result<HttpResponse, ResponseError> {
    let index = path.index_uid.clone();
    let id = path.document_id.clone();
+    let GetDocument { fields } = params.into_inner();
+    let attributes_to_retrieve = fields.and_then(fold_star_or);
+
    let document = meilisearch
-        .document(index, id, None as Option<Vec<String>>)
+        .document(index, id, attributes_to_retrieve)
        .await?;
    debug!("returns: {:?}", document);
    Ok(HttpResponse::Ok().json(document))
 }

 pub async fn delete_document(
-    meilisearch: GuardedData<Private, MeiliSearch>,
+    meilisearch: GuardedData<ActionPolicy<{ actions::DOCUMENTS_DELETE }>, MeiliSearch>,
    path: web::Path<DocumentParam>,
 ) -> Result<HttpResponse, ResponseError> {
    let DocumentParam {
@ -76,48 +118,42 @@ pub async fn delete_document(
        index_uid,
    } = path.into_inner();
    let update = Update::DeleteDocuments(vec![document_id]);
-    let update_status = meilisearch
-        .register_update(index_uid, update, false)
-        .await?;
-    debug!("returns: {:?}", update_status);
-    Ok(HttpResponse::Accepted().json(serde_json::json!({ "updateId": update_status.id() })))
+    let task: SummarizedTaskView = meilisearch.register_update(index_uid, update).await?.into();
+    debug!("returns: {:?}", task);
+    Ok(HttpResponse::Accepted().json(task))
 }

 #[derive(Deserialize, Debug)]
 #[serde(rename_all = "camelCase", deny_unknown_fields)]
 pub struct BrowseQuery {
-    offset: Option<usize>,
-    limit: Option<usize>,
-    attributes_to_retrieve: Option<String>,
+    #[serde(default)]
+    offset: usize,
+    #[serde(default = "crate::routes::PAGINATION_DEFAULT_LIMIT")]
+    limit: usize,
+    fields: Option<CS<StarOr<String>>>,
 }

 pub async fn get_all_documents(
-    meilisearch: GuardedData<Public, MeiliSearch>,
-    path: web::Path<IndexParam>,
+    meilisearch: GuardedData<ActionPolicy<{ actions::DOCUMENTS_GET }>, MeiliSearch>,
+    path: web::Path<String>,
    params: web::Query<BrowseQuery>,
 ) -> Result<HttpResponse, ResponseError> {
    debug!("called with params: {:?}", params);
-    let attributes_to_retrieve = params.attributes_to_retrieve.as_ref().and_then(|attrs| {
-        let mut names = Vec::new();
-        for name in attrs.split(',').map(String::from) {
-            if name == "*" {
-                return None;
-            }
-            names.push(name);
-        }
-        Some(names)
-    });
+    let BrowseQuery {
+        limit,
+        offset,
+        fields,
+    } = params.into_inner();
+    let attributes_to_retrieve = fields.and_then(fold_star_or);

-    let documents = meilisearch
-        .documents(
-            path.index_uid.clone(),
-            params.offset.unwrap_or(DEFAULT_RETRIEVE_DOCUMENTS_OFFSET),
-            params.limit.unwrap_or(DEFAULT_RETRIEVE_DOCUMENTS_LIMIT),
-            attributes_to_retrieve,
-        )
+    let (total, documents) = meilisearch
+        .documents(path.into_inner(), offset, limit, attributes_to_retrieve)
        .await?;
-    debug!("returns: {:?}", documents);
-    Ok(HttpResponse::Ok().json(documents))
+
+    let ret = PaginationView::new(offset, limit, total as usize, documents);
+
+    debug!("returns: {:?}", ret);
+    Ok(HttpResponse::Ok().json(ret))
 }

 #[derive(Deserialize, Debug)]
@ -127,92 +163,89 @@ pub struct UpdateDocumentsQuery {
 }

 pub async fn add_documents(
-    meilisearch: GuardedData<Private, MeiliSearch>,
-    path: web::Path<IndexParam>,
+    meilisearch: GuardedData<ActionPolicy<{ actions::DOCUMENTS_ADD }>, MeiliSearch>,
+    path: web::Path<String>,
    params: web::Query<UpdateDocumentsQuery>,
    body: Payload,
    req: HttpRequest,
    analytics: web::Data<dyn Analytics>,
 ) -> Result<HttpResponse, ResponseError> {
    debug!("called with params: {:?}", params);
-    let content_type = req
-        .headers()
-        .get("Content-type")
-        .map(|s| s.to_str().unwrap_or("unkown"));
    let params = params.into_inner();
+    let index_uid = path.into_inner();

    analytics.add_documents(
        &params,
-        meilisearch.get_index(path.index_uid.clone()).await.is_err(),
+        meilisearch.get_index(index_uid.clone()).await.is_err(),
        &req,
    );

-    document_addition(
-        content_type,
+    let allow_index_creation = meilisearch.filters().allow_index_creation;
+    let task = document_addition(
+        extract_mime_type(&req)?,
        meilisearch,
-        path.index_uid.clone(),
+        index_uid,
        params.primary_key,
        body,
        IndexDocumentsMethod::ReplaceDocuments,
+        allow_index_creation,
    )
-    .await
+    .await?;
+
+    Ok(HttpResponse::Accepted().json(task))
 }

 pub async fn update_documents(
-    meilisearch: GuardedData<Private, MeiliSearch>,
-    path: web::Path<IndexParam>,
+    meilisearch: GuardedData<ActionPolicy<{ actions::DOCUMENTS_ADD }>, MeiliSearch>,
+    path: web::Path<String>,
    params: web::Query<UpdateDocumentsQuery>,
    body: Payload,
    req: HttpRequest,
    analytics: web::Data<dyn Analytics>,
 ) -> Result<HttpResponse, ResponseError> {
    debug!("called with params: {:?}", params);
-    let content_type = req
-        .headers()
-        .get("Content-type")
-        .map(|s| s.to_str().unwrap_or("unkown"));
+    let index_uid = path.into_inner();

    analytics.update_documents(
        &params,
-        meilisearch.get_index(path.index_uid.clone()).await.is_err(),
+        meilisearch.get_index(index_uid.clone()).await.is_err(),
        &req,
    );

-    document_addition(
-        content_type,
+    let allow_index_creation = meilisearch.filters().allow_index_creation;
+    let task = document_addition(
+        extract_mime_type(&req)?,
        meilisearch,
-        path.into_inner().index_uid,
+        index_uid,
        params.into_inner().primary_key,
        body,
        IndexDocumentsMethod::UpdateDocuments,
+        allow_index_creation,
    )
-    .await
+    .await?;
+
+    Ok(HttpResponse::Accepted().json(task))
 }

-/// Route used when the payload type is "application/json"
-/// Used to add or replace documents
 async fn document_addition(
-    content_type: Option<&str>,
-    meilisearch: GuardedData<Private, MeiliSearch>,
+    mime_type: Option<Mime>,
+    meilisearch: GuardedData<ActionPolicy<{ actions::DOCUMENTS_ADD }>, MeiliSearch>,
    index_uid: String,
    primary_key: Option<String>,
    body: Payload,
    method: IndexDocumentsMethod,
-) -> Result<HttpResponse, ResponseError> {
-    static ACCEPTED_CONTENT_TYPE: Lazy<Vec<String>> = Lazy::new(|| {
-        vec![
-            "application/json".to_string(),
-            "application/x-ndjson".to_string(),
-            "text/csv".to_string(),
-        ]
-    });
-    let format = match content_type {
-        Some("application/json") => DocumentAdditionFormat::Json,
-        Some("application/x-ndjson") => DocumentAdditionFormat::Ndjson,
-        Some("text/csv") => DocumentAdditionFormat::Csv,
-        Some(other) => {
+    allow_index_creation: bool,
+) -> Result<SummarizedTaskView, ResponseError> {
+    let format = match mime_type
+        .as_ref()
+        .map(|m| (m.type_().as_str(), m.subtype().as_str()))
+    {
+        Some(("application", "json")) => DocumentAdditionFormat::Json,
+        Some(("application", "x-ndjson")) => DocumentAdditionFormat::Ndjson,
+        Some(("text", "csv")) => DocumentAdditionFormat::Csv,
+        Some((type_, subtype)) => {
            return Err(MeilisearchHttpError::InvalidContentType(
-                other.to_string(),
+                format!("{}/{}", type_, subtype),
                ACCEPTED_CONTENT_TYPE.clone(),
            )
            .into())
@ -229,17 +262,18 @@ async fn document_addition(
        primary_key,
        method,
        format,
+        allow_index_creation,
    };

-    let update_status = meilisearch.register_update(index_uid, update, true).await?;
+    let task = meilisearch.register_update(index_uid, update).await?.into();

-    debug!("returns: {:?}", update_status);
-    Ok(HttpResponse::Accepted().json(serde_json::json!({ "updateId": update_status.id() })))
+    debug!("returns: {:?}", task);
+    Ok(task)
 }

 pub async fn delete_documents(
-    meilisearch: GuardedData<Private, MeiliSearch>,
-    path: web::Path<IndexParam>,
+    meilisearch: GuardedData<ActionPolicy<{ actions::DOCUMENTS_DELETE }>, MeiliSearch>,
+    path: web::Path<String>,
    body: web::Json<Vec<Value>>,
 ) -> Result<HttpResponse, ResponseError> {
    debug!("called with params: {:?}", body);
@ -253,21 +287,25 @@ pub async fn delete_documents(
        .collect();

    let update = Update::DeleteDocuments(ids);
-    let update_status = meilisearch
-        .register_update(path.into_inner().index_uid, update, false)
-        .await?;
-    debug!("returns: {:?}", update_status);
-    Ok(HttpResponse::Accepted().json(serde_json::json!({ "updateId": update_status.id() })))
+    let task: SummarizedTaskView = meilisearch
+        .register_update(path.into_inner(), update)
+        .await?
+        .into();
+
+    debug!("returns: {:?}", task);
+    Ok(HttpResponse::Accepted().json(task))
 }

 pub async fn clear_all_documents(
-    meilisearch: GuardedData<Private, MeiliSearch>,
-    path: web::Path<IndexParam>,
+    meilisearch: GuardedData<ActionPolicy<{ actions::DOCUMENTS_DELETE }>, MeiliSearch>,
+    path: web::Path<String>,
 ) -> Result<HttpResponse, ResponseError> {
    let update = Update::ClearDocuments;
-    let update_status = meilisearch
-        .register_update(path.into_inner().index_uid, update, false)
-        .await?;
-    debug!("returns: {:?}", update_status);
-    Ok(HttpResponse::Accepted().json(serde_json::json!({ "updateId": update_status.id() })))
+    let task: SummarizedTaskView = meilisearch
+        .register_update(path.into_inner(), update)
+        .await?
+        .into();
+
+    debug!("returns: {:?}", task);
+    Ok(HttpResponse::Accepted().json(task))
 }
--- a/meilisearch-http/src/routes/indexes/mod.rs
+++ b/meilisearch-http/src/routes/indexes/mod.rs
@ -1,49 +1,60 @@
 use actix_web::{web, HttpRequest, HttpResponse};
-use chrono::{DateTime, Utc};
 use log::debug;
-use meilisearch_lib::index_controller::IndexSettings;
+use meilisearch_lib::index_controller::Update;
 use meilisearch_lib::MeiliSearch;
+use meilisearch_types::error::ResponseError;
 use serde::{Deserialize, Serialize};
 use serde_json::json;
+use time::OffsetDateTime;

 use crate::analytics::Analytics;
-use crate::error::ResponseError;
-use crate::extractors::authentication::{policies::*, GuardedData};
-use crate::routes::IndexParam;
+use crate::extractors::authentication::{policies::*, AuthenticationError, GuardedData};
+use crate::extractors::sequential_extractor::SeqHandler;
+use crate::task::SummarizedTaskView;
+
+use super::Pagination;

 pub mod documents;
 pub mod search;
 pub mod settings;
-pub mod updates;

 pub fn configure(cfg: &mut web::ServiceConfig) {
    cfg.service(
        web::resource("")
            .route(web::get().to(list_indexes))
-            .route(web::post().to(create_index)),
+            .route(web::post().to(SeqHandler(create_index))),
    )
    .service(
        web::scope("/{index_uid}")
            .service(
                web::resource("")
-                    .route(web::get().to(get_index))
-                    .route(web::put().to(update_index))
-                    .route(web::delete().to(delete_index)),
+                    .route(web::get().to(SeqHandler(get_index)))
+                    .route(web::patch().to(SeqHandler(update_index)))
+                    .route(web::delete().to(SeqHandler(delete_index))),
            )
-            .service(web::resource("/stats").route(web::get().to(get_index_stats)))
+            .service(web::resource("/stats").route(web::get().to(SeqHandler(get_index_stats))))
            .service(web::scope("/documents").configure(documents::configure))
            .service(web::scope("/search").configure(search::configure))
-            .service(web::scope("/updates").configure(updates::configure))
            .service(web::scope("/settings").configure(settings::configure)),
    );
 }

 pub async fn list_indexes(
-    data: GuardedData<Private, MeiliSearch>,
+    data: GuardedData<ActionPolicy<{ actions::INDEXES_GET }>, MeiliSearch>,
+    paginate: web::Query<Pagination>,
 ) -> Result<HttpResponse, ResponseError> {
-    let indexes = data.list_indexes().await?;
-    debug!("returns: {:?}", indexes);
-    Ok(HttpResponse::Ok().json(indexes))
+    let search_rules = &data.filters().search_rules;
+    let indexes: Vec<_> = data.list_indexes().await?;
+    let nb_indexes = indexes.len();
+    let iter = indexes
+        .into_iter()
+        .filter(|i| search_rules.is_index_authorized(&i.uid));
+    let ret = paginate
+        .into_inner()
+        .auto_paginate_unsized(nb_indexes, iter);
+
+    debug!("returns: {:?}", ret);
+    Ok(HttpResponse::Ok().json(ret))
 }

 #[derive(Debug, Deserialize)]
@ -54,24 +65,35 @@ pub struct IndexCreateRequest {
 }

 pub async fn create_index(
-    meilisearch: GuardedData<Private, MeiliSearch>,
+    meilisearch: GuardedData<ActionPolicy<{ actions::INDEXES_CREATE }>, MeiliSearch>,
    body: web::Json<IndexCreateRequest>,
    req: HttpRequest,
    analytics: web::Data<dyn Analytics>,
 ) -> Result<HttpResponse, ResponseError> {
-    let body = body.into_inner();
+    let IndexCreateRequest {
+        primary_key, uid, ..
+    } = body.into_inner();

-    analytics.publish(
-        "Index Created".to_string(),
-        json!({ "primary_key": body.primary_key}),
-        Some(&req),
-    );
-    let meta = meilisearch.create_index(body.uid, body.primary_key).await?;
-    Ok(HttpResponse::Created().json(meta))
+    let allow_index_creation = meilisearch.filters().search_rules.is_index_authorized(&uid);
+    if allow_index_creation {
+        analytics.publish(
+            "Index Created".to_string(),
+            json!({ "primary_key": primary_key }),
+            Some(&req),
+        );
+
+        let update = Update::CreateIndex { primary_key };
+        let task: SummarizedTaskView = meilisearch.register_update(uid, update).await?.into();
+
+        Ok(HttpResponse::Accepted().json(task))
+    } else {
+        Err(AuthenticationError::InvalidToken.into())
+    }
 }

 #[derive(Debug, Deserialize)]
 #[serde(rename_all = "camelCase", deny_unknown_fields)]
+#[allow(dead_code)]
 pub struct UpdateIndexRequest {
    uid: Option<String>,
    primary_key: Option<String>,
@ -82,23 +104,26 @@ pub struct UpdateIndexRequest {
 pub struct UpdateIndexResponse {
    name: String,
    uid: String,
-    created_at: DateTime<Utc>,
-    updated_at: DateTime<Utc>,
-    primary_key: Option<String>,
+    #[serde(serialize_with = "time::serde::rfc3339::serialize")]
+    created_at: OffsetDateTime,
+    #[serde(serialize_with = "time::serde::rfc3339::serialize")]
+    updated_at: OffsetDateTime,
+    #[serde(serialize_with = "time::serde::rfc3339::serialize")]
+    primary_key: OffsetDateTime,
 }

 pub async fn get_index(
-    meilisearch: GuardedData<Private, MeiliSearch>,
-    path: web::Path<IndexParam>,
+    meilisearch: GuardedData<ActionPolicy<{ actions::INDEXES_GET }>, MeiliSearch>,
+    path: web::Path<String>,
 ) -> Result<HttpResponse, ResponseError> {
-    let meta = meilisearch.get_index(path.index_uid.clone()).await?;
+    let meta = meilisearch.get_index(path.into_inner()).await?;
    debug!("returns: {:?}", meta);
    Ok(HttpResponse::Ok().json(meta))
 }

 pub async fn update_index(
-    meilisearch: GuardedData<Private, MeiliSearch>,
-    path: web::Path<IndexParam>,
+    meilisearch: GuardedData<ActionPolicy<{ actions::INDEXES_UPDATE }>, MeiliSearch>,
+    path: web::Path<String>,
    body: web::Json<UpdateIndexRequest>,
    req: HttpRequest,
    analytics: web::Data<dyn Analytics>,
@ -110,30 +135,43 @@ pub async fn update_index(
        json!({ "primary_key": body.primary_key}),
        Some(&req),
    );
-    let settings = IndexSettings {
-        uid: body.uid,
+
+    let update = Update::UpdateIndex {
        primary_key: body.primary_key,
    };
-    let meta = meilisearch
-        .update_index(path.into_inner().index_uid, settings)
-        .await?;
-    debug!("returns: {:?}", meta);
-    Ok(HttpResponse::Ok().json(meta))
+
+    let task: SummarizedTaskView = meilisearch
+        .register_update(path.into_inner(), update)
+        .await?
+        .into();
+
+    debug!("returns: {:?}", task);
+    Ok(HttpResponse::Accepted().json(task))
 }

 pub async fn delete_index(
-    meilisearch: GuardedData<Private, MeiliSearch>,
-    path: web::Path<IndexParam>,
+    meilisearch: GuardedData<ActionPolicy<{ actions::INDEXES_DELETE }>, MeiliSearch>,
+    path: web::Path<String>,
 ) -> Result<HttpResponse, ResponseError> {
-    meilisearch.delete_index(path.index_uid.clone()).await?;
-    Ok(HttpResponse::NoContent().finish())
+    let uid = path.into_inner();
+    let update = Update::DeleteIndex;
+    let task: SummarizedTaskView = meilisearch.register_update(uid, update).await?.into();
+
+    Ok(HttpResponse::Accepted().json(task))
 }

 pub async fn get_index_stats(
-    meilisearch: GuardedData<Private, MeiliSearch>,
-    path: web::Path<IndexParam>,
+    meilisearch: GuardedData<ActionPolicy<{ actions::STATS_GET }>, MeiliSearch>,
+    path: web::Path<String>,
+    req: HttpRequest,
+    analytics: web::Data<dyn Analytics>,
 ) -> Result<HttpResponse, ResponseError> {
-    let response = meilisearch.get_index_stats(path.index_uid.clone()).await?;
+    analytics.publish(
+        "Stats Seen".to_string(),
+        json!({ "per_index_uid": true }),
+        Some(&req),
+    );
+    let response = meilisearch.get_index_stats(path.into_inner()).await?;

    debug!("returns: {:?}", response);
    Ok(HttpResponse::Ok().json(response))
--- a/meilisearch-http/src/routes/indexes/search.rs
+++ b/meilisearch-http/src/routes/indexes/search.rs
@ -1,20 +1,25 @@
 use actix_web::{web, HttpRequest, HttpResponse};
 use log::debug;
-use meilisearch_lib::index::{default_crop_length, SearchQuery, DEFAULT_SEARCH_LIMIT};
+use meilisearch_auth::IndexSearchRules;
+use meilisearch_lib::index::{
+    MatchingStrategy, SearchQuery, DEFAULT_CROP_LENGTH, DEFAULT_CROP_MARKER,
+    DEFAULT_HIGHLIGHT_POST_TAG, DEFAULT_HIGHLIGHT_PRE_TAG, DEFAULT_SEARCH_LIMIT,
+};
 use meilisearch_lib::MeiliSearch;
+use meilisearch_types::error::ResponseError;
 use serde::Deserialize;
+use serde_cs::vec::CS;
 use serde_json::Value;

 use crate::analytics::{Analytics, SearchAggregator};
-use crate::error::ResponseError;
 use crate::extractors::authentication::{policies::*, GuardedData};
-use crate::routes::IndexParam;
+use crate::extractors::sequential_extractor::SeqHandler;

 pub fn configure(cfg: &mut web::ServiceConfig) {
    cfg.service(
        web::resource("")
-            .route(web::get().to(search_with_url_query))
-            .route(web::post().to(search_with_post)),
+            .route(web::get().to(SeqHandler(search_with_url_query)))
+            .route(web::post().to(SeqHandler(search_with_post))),
    );
 }

@ -24,36 +29,28 @@ pub struct SearchQueryGet {
    q: Option<String>,
    offset: Option<usize>,
    limit: Option<usize>,
-    attributes_to_retrieve: Option<String>,
-    attributes_to_crop: Option<String>,
-    #[serde(default = "default_crop_length")]
+    attributes_to_retrieve: Option<CS<String>>,
+    attributes_to_crop: Option<CS<String>>,
+    #[serde(default = "DEFAULT_CROP_LENGTH")]
    crop_length: usize,
-    attributes_to_highlight: Option<String>,
+    attributes_to_highlight: Option<CS<String>>,
    filter: Option<String>,
    sort: Option<String>,
    #[serde(default = "Default::default")]
-    matches: bool,
-    facets_distribution: Option<String>,
+    show_matches_position: bool,
+    facets: Option<CS<String>>,
+    #[serde(default = "DEFAULT_HIGHLIGHT_PRE_TAG")]
+    highlight_pre_tag: String,
+    #[serde(default = "DEFAULT_HIGHLIGHT_POST_TAG")]
+    highlight_post_tag: String,
+    #[serde(default = "DEFAULT_CROP_MARKER")]
+    crop_marker: String,
+    #[serde(default)]
+    matching_strategy: MatchingStrategy,
 }

 impl From<SearchQueryGet> for SearchQuery {
    fn from(other: SearchQueryGet) -> Self {
-        let attributes_to_retrieve = other
-            .attributes_to_retrieve
-            .map(|attrs| attrs.split(',').map(String::from).collect());
-
-        let attributes_to_crop = other
-            .attributes_to_crop
-            .map(|attrs| attrs.split(',').map(String::from).collect());
-
-        let attributes_to_highlight = other
-            .attributes_to_highlight
-            .map(|attrs| attrs.split(',').map(String::from).collect());
-
-        let facets_distribution = other
-            .facets_distribution
-            .map(|attrs| attrs.split(',').map(String::from).collect());
-
        let filter = match other.filter {
            Some(f) => match serde_json::from_str(&f) {
                Ok(v) => Some(v),
@ -62,20 +59,46 @@ impl From<SearchQueryGet> for SearchQuery {
            None => None,
        };

-        let sort = other.sort.map(|attr| fix_sort_query_parameters(&attr));
-
        Self {
            q: other.q,
            offset: other.offset,
-            limit: other.limit.unwrap_or(DEFAULT_SEARCH_LIMIT),
-            attributes_to_retrieve,
-            attributes_to_crop,
+            limit: other.limit.unwrap_or_else(DEFAULT_SEARCH_LIMIT),
+            attributes_to_retrieve: other
+                .attributes_to_retrieve
+                .map(|o| o.into_iter().collect()),
+            attributes_to_crop: other.attributes_to_crop.map(|o| o.into_iter().collect()),
            crop_length: other.crop_length,
-            attributes_to_highlight,
+            attributes_to_highlight: other
+                .attributes_to_highlight
+                .map(|o| o.into_iter().collect()),
            filter,
-            sort,
-            matches: other.matches,
-            facets_distribution,
+            sort: other.sort.map(|attr| fix_sort_query_parameters(&attr)),
+            show_matches_position: other.show_matches_position,
+            facets: other.facets.map(|o| o.into_iter().collect()),
+            highlight_pre_tag: other.highlight_pre_tag,
+            highlight_post_tag: other.highlight_post_tag,
+            crop_marker: other.crop_marker,
+            matching_strategy: other.matching_strategy,
+        }
+    }
+}
+
+/// Incorporate search rules in search query
+fn add_search_rules(query: &mut SearchQuery, rules: IndexSearchRules) {
+    query.filter = match (query.filter.take(), rules.filter) {
+        (None, rules_filter) => rules_filter,
+        (filter, None) => filter,
+        (Some(filter), Some(rules_filter)) => {
+            let filter = match filter {
+                Value::Array(filter) => filter,
+                filter => vec![filter],
+            };
+            let rules_filter = match rules_filter {
+                Value::Array(rules_filter) => rules_filter,
+                rules_filter => vec![rules_filter],
+            };
+
+            Some(Value::Array([filter, rules_filter].concat()))
        }
    }
 }
@ -91,10 +114,9 @@ fn fix_sort_query_parameters(sort_query: &str) -> Vec<String> {
            sort_parameters.push(current_sort.to_string());
            merge = true;
        } else if merge && !sort_parameters.is_empty() {
-            sort_parameters
-                .last_mut()
-                .unwrap()
-                .push_str(&format!(",{}", current_sort));
+            let s = sort_parameters.last_mut().unwrap();
+            s.push(',');
+            s.push_str(current_sort);
            if current_sort.ends_with("):desc") || current_sort.ends_with("):asc") {
                merge = false;
            }
@ -107,55 +129,69 @@ fn fix_sort_query_parameters(sort_query: &str) -> Vec<String> {
 }

 pub async fn search_with_url_query(
-    meilisearch: GuardedData<Public, MeiliSearch>,
-    path: web::Path<IndexParam>,
+    meilisearch: GuardedData<ActionPolicy<{ actions::SEARCH }>, MeiliSearch>,
+    path: web::Path<String>,
    params: web::Query<SearchQueryGet>,
    req: HttpRequest,
    analytics: web::Data<dyn Analytics>,
 ) -> Result<HttpResponse, ResponseError> {
    debug!("called with params: {:?}", params);
-    let query: SearchQuery = params.into_inner().into();
+    let mut query: SearchQuery = params.into_inner().into();
+
+    let index_uid = path.into_inner();
+    // Tenant token search_rules.
+    if let Some(search_rules) = meilisearch
+        .filters()
+        .search_rules
+        .get_index_search_rules(&index_uid)
+    {
+        add_search_rules(&mut query, search_rules);
+    }

    let mut aggregate = SearchAggregator::from_query(&query, &req);

-    let search_result = meilisearch
-        .search(path.into_inner().index_uid, query)
-        .await?;
-
-    // Tests that the nb_hits is always set to false
-    #[cfg(test)]
-    assert!(!search_result.exhaustive_nb_hits);
-
-    aggregate.finish(&search_result);
+    let search_result = meilisearch.search(index_uid, query).await;
+    if let Ok(ref search_result) = search_result {
+        aggregate.succeed(search_result);
+    }
    analytics.get_search(aggregate);

+    let search_result = search_result?;
+
    debug!("returns: {:?}", search_result);
    Ok(HttpResponse::Ok().json(search_result))
 }

 pub async fn search_with_post(
-    meilisearch: GuardedData<Public, MeiliSearch>,
-    path: web::Path<IndexParam>,
+    meilisearch: GuardedData<ActionPolicy<{ actions::SEARCH }>, MeiliSearch>,
+    path: web::Path<String>,
    params: web::Json<SearchQuery>,
    req: HttpRequest,
    analytics: web::Data<dyn Analytics>,
 ) -> Result<HttpResponse, ResponseError> {
-    let query = params.into_inner();
+    let mut query = params.into_inner();
    debug!("search called with params: {:?}", query);

+    let index_uid = path.into_inner();
+    // Tenant token search_rules.
+    if let Some(search_rules) = meilisearch
+        .filters()
+        .search_rules
+        .get_index_search_rules(&index_uid)
+    {
+        add_search_rules(&mut query, search_rules);
+    }
+
    let mut aggregate = SearchAggregator::from_query(&query, &req);

-    let search_result = meilisearch
-        .search(path.into_inner().index_uid, query)
-        .await?;
-
-    // Tests that the nb_hits is always set to false
-    #[cfg(test)]
-    assert!(!search_result.exhaustive_nb_hits);
-
-    aggregate.finish(&search_result);
+    let search_result = meilisearch.search(index_uid, query).await;
+    if let Ok(ref search_result) = search_result {
+        aggregate.succeed(search_result);
+    }
    analytics.post_search(aggregate);

+    let search_result = search_result?;
+
    debug!("returns: {:?}", search_result);
    Ok(HttpResponse::Ok().json(search_result))
 }
--- a/meilisearch-http/src/routes/indexes/settings.rs
+++ b/meilisearch-http/src/routes/indexes/settings.rs
@ -4,46 +4,59 @@ use actix_web::{web, HttpRequest, HttpResponse};
 use meilisearch_lib::index::{Settings, Unchecked};
 use meilisearch_lib::index_controller::Update;
 use meilisearch_lib::MeiliSearch;
+use meilisearch_types::error::ResponseError;
 use serde_json::json;

 use crate::analytics::Analytics;
-use crate::error::ResponseError;
 use crate::extractors::authentication::{policies::*, GuardedData};
+use crate::task::SummarizedTaskView;

 #[macro_export]
 macro_rules! make_setting_route {
-    ($route:literal, $type:ty, $attr:ident, $camelcase_attr:literal, $analytics_var:ident, $analytics:expr) => {
+    ($route:literal, $update_verb:ident, $type:ty, $attr:ident, $camelcase_attr:literal, $analytics_var:ident, $analytics:expr) => {
        pub mod $attr {
+            use actix_web::{web, HttpRequest, HttpResponse, Resource};
            use log::debug;
-            use actix_web::{web, HttpResponse, HttpRequest, Resource};

            use meilisearch_lib::milli::update::Setting;
-            use meilisearch_lib::{MeiliSearch, index::Settings, index_controller::Update};
+            use meilisearch_lib::{index::Settings, index_controller::Update, MeiliSearch};

-            use crate::analytics::Analytics;
-            use crate::error::ResponseError;
-            use crate::extractors::authentication::{GuardedData, policies::*};
+            use meilisearch_types::error::ResponseError;
+            use $crate::analytics::Analytics;
+            use $crate::extractors::authentication::{policies::*, GuardedData};
+            use $crate::extractors::sequential_extractor::SeqHandler;
+            use $crate::task::SummarizedTaskView;

            pub async fn delete(
-                meilisearch: GuardedData<Private, MeiliSearch>,
+                meilisearch: GuardedData<ActionPolicy<{ actions::SETTINGS_UPDATE }>, MeiliSearch>,
                index_uid: web::Path<String>,
            ) -> Result<HttpResponse, ResponseError> {
                let settings = Settings {
                    $attr: Setting::Reset,
                    ..Default::default()
                };
-                let update = Update::Settings(settings);
-                let update_status = meilisearch.register_update(index_uid.into_inner(), update, false).await?;
-                debug!("returns: {:?}", update_status);
-                Ok(HttpResponse::Accepted().json(serde_json::json!({ "updateId": update_status.id() })))
+
+                let allow_index_creation = meilisearch.filters().allow_index_creation;
+                let update = Update::Settings {
+                    settings,
+                    is_deletion: true,
+                    allow_index_creation,
+                };
+                let task: SummarizedTaskView = meilisearch
+                    .register_update(index_uid.into_inner(), update)
+                    .await?
+                    .into();
+
+                debug!("returns: {:?}", task);
+                Ok(HttpResponse::Accepted().json(task))
            }

            pub async fn update(
-                meilisearch: GuardedData<Private, MeiliSearch>,
+                meilisearch: GuardedData<ActionPolicy<{ actions::SETTINGS_UPDATE }>, MeiliSearch>,
                index_uid: actix_web::web::Path<String>,
                body: actix_web::web::Json<Option<$type>>,
                req: HttpRequest,
-                $analytics_var: web::Data< dyn Analytics>,
+                $analytics_var: web::Data<dyn Analytics>,
            ) -> std::result::Result<HttpResponse, ResponseError> {
                let body = body.into_inner();

@ -52,43 +65,62 @@ macro_rules! make_setting_route {
                let settings = Settings {
                    $attr: match body {
                        Some(inner_body) => Setting::Set(inner_body),
-                        None => Setting::Reset
+                        None => Setting::Reset,
                    },
                    ..Default::default()
                };

-                let update = Update::Settings(settings);
-                let update_status = meilisearch.register_update(index_uid.into_inner(), update, true).await?;
-                debug!("returns: {:?}", update_status);
-                Ok(HttpResponse::Accepted().json(serde_json::json!({ "updateId": update_status.id() })))
+                let allow_index_creation = meilisearch.filters().allow_index_creation;
+                let update = Update::Settings {
+                    settings,
+                    is_deletion: false,
+                    allow_index_creation,
+                };
+                let task: SummarizedTaskView = meilisearch
+                    .register_update(index_uid.into_inner(), update)
+                    .await?
+                    .into();
+
+                debug!("returns: {:?}", task);
+                Ok(HttpResponse::Accepted().json(task))
            }

            pub async fn get(
-                meilisearch: GuardedData<Private, MeiliSearch>,
+                meilisearch: GuardedData<ActionPolicy<{ actions::SETTINGS_GET }>, MeiliSearch>,
                index_uid: actix_web::web::Path<String>,
            ) -> std::result::Result<HttpResponse, ResponseError> {
                let settings = meilisearch.settings(index_uid.into_inner()).await?;
                debug!("returns: {:?}", settings);
                let mut json = serde_json::json!(&settings);
                let val = json[$camelcase_attr].take();
+
                Ok(HttpResponse::Ok().json(val))
            }

            pub fn resources() -> Resource {
                Resource::new($route)
-                    .route(web::get().to(get))
-                    .route(web::post().to(update))
-                    .route(web::delete().to(delete))
+                    .route(web::get().to(SeqHandler(get)))
+                    .route(web::$update_verb().to(SeqHandler(update)))
+                    .route(web::delete().to(SeqHandler(delete)))
            }
        }
    };
-    ($route:literal, $type:ty, $attr:ident, $camelcase_attr:literal) => {
-        make_setting_route!($route, $type, $attr, $camelcase_attr, _analytics, |_, _| {});
+    ($route:literal, $update_verb:ident, $type:ty, $attr:ident, $camelcase_attr:literal) => {
+        make_setting_route!(
+            $route,
+            $update_verb,
+            $type,
+            $attr,
+            $camelcase_attr,
+            _analytics,
+            |_, _| {}
+        );
    };
 }

 make_setting_route!(
    "/filterable-attributes",
+    put,
    std::collections::BTreeSet<String>,
    filterable_attributes,
    "filterableAttributes",
@ -111,6 +143,7 @@ make_setting_route!(

 make_setting_route!(
    "/sortable-attributes",
+    put,
    std::collections::BTreeSet<String>,
    sortable_attributes,
    "sortableAttributes",
@ -122,8 +155,8 @@ make_setting_route!(
            "SortableAttributes Updated".to_string(),
            json!({
                "sortable_attributes": {
-                    "total": setting.as_ref().map(|sort| sort.len()).unwrap_or(0),
-                    "has_geo": setting.as_ref().map(|sort| sort.contains("_geo")).unwrap_or(false),
+                    "total": setting.as_ref().map(|sort| sort.len()),
+                    "has_geo": setting.as_ref().map(|sort| sort.contains("_geo")),
                },
            }),
            Some(req),
@ -133,13 +166,57 @@ make_setting_route!(

 make_setting_route!(
    "/displayed-attributes",
+    put,
    Vec<String>,
    displayed_attributes,
    "displayedAttributes"
 );

+make_setting_route!(
+    "/typo-tolerance",
+    patch,
+    meilisearch_lib::index::updates::TypoSettings,
+    typo_tolerance,
+    "typoTolerance",
+    analytics,
+    |setting: &Option<meilisearch_lib::index::updates::TypoSettings>, req: &HttpRequest| {
+        use serde_json::json;
+
+        analytics.publish(
+            "TypoTolerance Updated".to_string(),
+            json!({
+                "typo_tolerance": {
+                    "enabled": setting.as_ref().map(|s| !matches!(s.enabled, Setting::Set(false))),
+                    "disable_on_attributes": setting
+                        .as_ref()
+                        .and_then(|s| s.disable_on_attributes.as_ref().set().map(|m| !m.is_empty())),
+                    "disable_on_words": setting
+                        .as_ref()
+                        .and_then(|s| s.disable_on_words.as_ref().set().map(|m| !m.is_empty())),
+                    "min_word_size_for_one_typo": setting
+                        .as_ref()
+                        .and_then(|s| s.min_word_size_for_typos
+                            .as_ref()
+                            .set()
+                            .map(|s| s.one_typo.set()))
+                        .flatten(),
+                    "min_word_size_for_two_typos": setting
+                        .as_ref()
+                        .and_then(|s| s.min_word_size_for_typos
+                            .as_ref()
+                            .set()
+                            .map(|s| s.two_typos.set()))
+                        .flatten(),
+                },
+            }),
+            Some(req),
+        );
+    }
+);
+
 make_setting_route!(
    "/searchable-attributes",
+    put,
    Vec<String>,
    searchable_attributes,
    "searchableAttributes",
@ -151,7 +228,7 @@ make_setting_route!(
            "SearchableAttributes Updated".to_string(),
            json!({
                "searchable_attributes": {
-                    "total": setting.as_ref().map(|sort| sort.len()).unwrap_or(0),
+                    "total": setting.as_ref().map(|searchable| searchable.len()),
                },
            }),
            Some(req),
@ -161,6 +238,7 @@ make_setting_route!(

 make_setting_route!(
    "/stop-words",
+    put,
    std::collections::BTreeSet<String>,
    stop_words,
    "stopWords"
@ -168,6 +246,7 @@ make_setting_route!(

 make_setting_route!(
    "/synonyms",
+    put,
    std::collections::BTreeMap<String, Vec<String>>,
    synonyms,
    "synonyms"
@ -175,6 +254,7 @@ make_setting_route!(

 make_setting_route!(
    "/distinct-attribute",
+    put,
    String,
    distinct_attribute,
    "distinctAttribute"
@ -182,6 +262,7 @@ make_setting_route!(

 make_setting_route!(
    "/ranking-rules",
+    put,
    Vec<String>,
    ranking_rules,
    "rankingRules",
@ -201,14 +282,59 @@ make_setting_route!(
    }
 );

+make_setting_route!(
+    "/faceting",
+    patch,
+    meilisearch_lib::index::updates::FacetingSettings,
+    faceting,
+    "faceting",
+    analytics,
+    |setting: &Option<meilisearch_lib::index::updates::FacetingSettings>, req: &HttpRequest| {
+        use serde_json::json;
+
+        analytics.publish(
+            "Faceting Updated".to_string(),
+            json!({
+                "faceting": {
+                    "max_values_per_facet": setting.as_ref().and_then(|s| s.max_values_per_facet.set()),
+                },
+            }),
+            Some(req),
+        );
+    }
+);
+
+make_setting_route!(
+    "/pagination",
+    patch,
+    meilisearch_lib::index::updates::PaginationSettings,
+    pagination,
+    "pagination",
+    analytics,
+    |setting: &Option<meilisearch_lib::index::updates::PaginationSettings>, req: &HttpRequest| {
+        use serde_json::json;
+
+        analytics.publish(
+            "Pagination Updated".to_string(),
+            json!({
+                "pagination": {
+                    "max_total_hits": setting.as_ref().and_then(|s| s.max_total_hits.set()),
+                },
+            }),
+            Some(req),
+        );
+    }
+);
+
 macro_rules! generate_configure {
    ($($mod:ident),*) => {
        pub fn configure(cfg: &mut web::ServiceConfig) {
+            use crate::extractors::sequential_extractor::SeqHandler;
            cfg.service(
                web::resource("")
-                .route(web::post().to(update_all))
-                .route(web::get().to(get_all))
-                .route(web::delete().to(delete_all)))
+                .route(web::patch().to(SeqHandler(update_all)))
+                .route(web::get().to(SeqHandler(get_all)))
+                .route(web::delete().to(SeqHandler(delete_all))))
                $(.service($mod::resources()))*;
        }
    };
@ -222,11 +348,14 @@ generate_configure!(
    distinct_attribute,
    stop_words,
    synonyms,
-    ranking_rules
+    ranking_rules,
+    typo_tolerance,
+    pagination,
+    faceting
 );

 pub async fn update_all(
-    meilisearch: GuardedData<Private, MeiliSearch>,
+    meilisearch: GuardedData<ActionPolicy<{ actions::SETTINGS_UPDATE }>, MeiliSearch>,
    index_uid: web::Path<String>,
    body: web::Json<Settings<Unchecked>>,
    req: HttpRequest,
@ -240,29 +369,81 @@ pub async fn update_all(
           "ranking_rules": {
                "sort_position": settings.ranking_rules.as_ref().set().map(|sort| sort.iter().position(|s| s == "sort")),
            },
+            "searchable_attributes": {
+                "total": settings.searchable_attributes.as_ref().set().map(|searchable| searchable.len()),
+            },
           "sortable_attributes": {
-                "total": settings.sortable_attributes.as_ref().set().map(|sort| sort.len()).unwrap_or(0),
-                "has_geo": settings.sortable_attributes.as_ref().set().map(|sort| sort.iter().any(|s| s == "_geo")).unwrap_or(false),
+                "total": settings.sortable_attributes.as_ref().set().map(|sort| sort.len()),
+                "has_geo": settings.sortable_attributes.as_ref().set().map(|sort| sort.iter().any(|s| s == "_geo")),
            },
           "filterable_attributes": {
-                "total": settings.filterable_attributes.as_ref().set().map(|filter| filter.len()).unwrap_or(0),
-                "has_geo": settings.filterable_attributes.as_ref().set().map(|filter| filter.iter().any(|s| s == "_geo")).unwrap_or(false),
+                "total": settings.filterable_attributes.as_ref().set().map(|filter| filter.len()),
+                "has_geo": settings.filterable_attributes.as_ref().set().map(|filter| filter.iter().any(|s| s == "_geo")),
+            },
+            "typo_tolerance": {
+                "enabled": settings.typo_tolerance
+                    .as_ref()
+                    .set()
+                    .and_then(|s| s.enabled.as_ref().set())
+                    .copied(),
+                "disable_on_attributes": settings.typo_tolerance
+                    .as_ref()
+                    .set()
+                    .and_then(|s| s.disable_on_attributes.as_ref().set().map(|m| !m.is_empty())),
+                "disable_on_words": settings.typo_tolerance
+                    .as_ref()
+                    .set()
+                    .and_then(|s| s.disable_on_words.as_ref().set().map(|m| !m.is_empty())),
+                "min_word_size_for_one_typo": settings.typo_tolerance
+                    .as_ref()
+                    .set()
+                    .and_then(|s| s.min_word_size_for_typos
+                        .as_ref()
+                        .set()
+                        .map(|s| s.one_typo.set()))
+                    .flatten(),
+                "min_word_size_for_two_typos": settings.typo_tolerance
+                    .as_ref()
+                    .set()
+                    .and_then(|s| s.min_word_size_for_typos
+                        .as_ref()
+                        .set()
+                        .map(|s| s.two_typos.set()))
+                    .flatten(),
+            },
+            "faceting": {
+                "max_values_per_facet": settings.faceting
+                    .as_ref()
+                    .set()
+                    .and_then(|s| s.max_values_per_facet.as_ref().set()),
+            },
+            "pagination": {
+                "max_total_hits": settings.pagination
+                    .as_ref()
+                    .set()
+                    .and_then(|s| s.max_total_hits.as_ref().set()),
            },
        }),
        Some(&req),
    );

-    let update = Update::Settings(settings);
-    let update_result = meilisearch
-        .register_update(index_uid.into_inner(), update, true)
-        .await?;
-    let json = serde_json::json!({ "updateId": update_result.id() });
-    debug!("returns: {:?}", json);
-    Ok(HttpResponse::Accepted().json(json))
+    let allow_index_creation = meilisearch.filters().allow_index_creation;
+    let update = Update::Settings {
+        settings,
+        is_deletion: false,
+        allow_index_creation,
+    };
+    let task: SummarizedTaskView = meilisearch
+        .register_update(index_uid.into_inner(), update)
+        .await?
+        .into();
+
+    debug!("returns: {:?}", task);
+    Ok(HttpResponse::Accepted().json(task))
 }

 pub async fn get_all(
-    data: GuardedData<Private, MeiliSearch>,
+    data: GuardedData<ActionPolicy<{ actions::SETTINGS_GET }>, MeiliSearch>,
    index_uid: web::Path<String>,
 ) -> Result<HttpResponse, ResponseError> {
    let settings = data.settings(index_uid.into_inner()).await?;
@ -271,16 +452,22 @@ pub async fn get_all(
 }

 pub async fn delete_all(
-    data: GuardedData<Private, MeiliSearch>,
+    data: GuardedData<ActionPolicy<{ actions::SETTINGS_UPDATE }>, MeiliSearch>,
    index_uid: web::Path<String>,
 ) -> Result<HttpResponse, ResponseError> {
-    let settings = Settings::cleared();
+    let settings = Settings::cleared().into_unchecked();

-    let update = Update::Settings(settings.into_unchecked());
-    let update_result = data
-        .register_update(index_uid.into_inner(), update, false)
-        .await?;
-    let json = serde_json::json!({ "updateId": update_result.id() });
-    debug!("returns: {:?}", json);
-    Ok(HttpResponse::Accepted().json(json))
+    let allow_index_creation = data.filters().allow_index_creation;
+    let update = Update::Settings {
+        settings,
+        is_deletion: true,
+        allow_index_creation,
+    };
+    let task: SummarizedTaskView = data
+        .register_update(index_uid.into_inner(), update)
+        .await?
+        .into();
+
+    debug!("returns: {:?}", task);
+    Ok(HttpResponse::Accepted().json(task))
 }
--- a/meilisearch-http/src/routes/indexes/updates.rs
+++ b/meilisearch-http/src/routes/indexes/updates.rs
@ -1,59 +0,0 @@
-use actix_web::{web, HttpResponse};
-use chrono::{DateTime, Utc};
-use log::debug;
-use meilisearch_lib::MeiliSearch;
-use serde::{Deserialize, Serialize};
-
-use crate::error::ResponseError;
-use crate::extractors::authentication::{policies::*, GuardedData};
-use crate::routes::{IndexParam, UpdateStatusResponse};
-
-pub fn configure(cfg: &mut web::ServiceConfig) {
-    cfg.service(web::resource("").route(web::get().to(get_all_updates_status)))
-        .service(web::resource("{update_id}").route(web::get().to(get_update_status)));
-}
-
-#[derive(Debug, Serialize)]
-#[serde(rename_all = "camelCase")]
-pub struct UpdateIndexResponse {
-    name: String,
-    uid: String,
-    created_at: DateTime<Utc>,
-    updated_at: DateTime<Utc>,
-    primary_key: Option<String>,
-}
-
-#[derive(Deserialize)]
-pub struct UpdateParam {
-    index_uid: String,
-    update_id: u64,
-}
-
-pub async fn get_update_status(
-    meilisearch: GuardedData<Private, MeiliSearch>,
-    path: web::Path<UpdateParam>,
-) -> Result<HttpResponse, ResponseError> {
-    let params = path.into_inner();
-    let meta = meilisearch
-        .update_status(params.index_uid, params.update_id)
-        .await?;
-    let meta = UpdateStatusResponse::from(meta);
-    debug!("returns: {:?}", meta);
-    Ok(HttpResponse::Ok().json(meta))
-}
-
-pub async fn get_all_updates_status(
-    meilisearch: GuardedData<Private, MeiliSearch>,
-    path: web::Path<IndexParam>,
-) -> Result<HttpResponse, ResponseError> {
-    let metas = meilisearch
-        .all_update_status(path.into_inner().index_uid)
-        .await?;
-    let metas = metas
-        .into_iter()
-        .map(UpdateStatusResponse::from)
-        .collect::<Vec<_>>();
-
-    debug!("returns: {:?}", metas);
-    Ok(HttpResponse::Ok().json(metas))
-}
--- a/meilisearch-http/src/routes/mod.rs
+++ b/meilisearch-http/src/routes/mod.rs
@ -1,30 +1,128 @@
-use std::time::Duration;
-
-use actix_web::{web, HttpResponse};
-use chrono::{DateTime, Utc};
+use actix_web::{web, HttpRequest, HttpResponse};
 use log::debug;
-use meilisearch_lib::index_controller::updates::status::{UpdateResult, UpdateStatus};
 use serde::{Deserialize, Serialize};

+use serde_json::json;
+use time::OffsetDateTime;
+
 use meilisearch_lib::index::{Settings, Unchecked};
-use meilisearch_lib::{MeiliSearch, Update};
+use meilisearch_lib::MeiliSearch;
+use meilisearch_types::error::ResponseError;
+use meilisearch_types::star_or::StarOr;

-use crate::error::ResponseError;
+use crate::analytics::Analytics;
 use crate::extractors::authentication::{policies::*, GuardedData};
-use crate::ApiKeys;

+mod api_key;
 mod dump;
 pub mod indexes;
+mod tasks;

 pub fn configure(cfg: &mut web::ServiceConfig) {
-    cfg.service(web::resource("/health").route(web::get().to(get_health)))
+    cfg.service(web::scope("/tasks").configure(tasks::configure))
+        .service(web::resource("/health").route(web::get().to(get_health)))
+        .service(web::scope("/keys").configure(api_key::configure))
        .service(web::scope("/dumps").configure(dump::configure))
-        .service(web::resource("/keys").route(web::get().to(list_keys)))
        .service(web::resource("/stats").route(web::get().to(get_stats)))
        .service(web::resource("/version").route(web::get().to(get_version)))
        .service(web::scope("/indexes").configure(indexes::configure));
 }

+/// Extracts the raw values from the `StarOr` types and
+/// return None if a `StarOr::Star` is encountered.
+pub fn fold_star_or<T, O>(content: impl IntoIterator<Item = StarOr<T>>) -> Option<O>
+where
+    O: FromIterator<T>,
+{
+    content
+        .into_iter()
+        .map(|value| match value {
+            StarOr::Star => None,
+            StarOr::Other(val) => Some(val),
+        })
+        .collect()
+}
+
+const PAGINATION_DEFAULT_LIMIT: fn() -> usize = || 20;
+
+#[derive(Debug, Clone, Copy, Deserialize)]
+#[serde(rename_all = "camelCase", deny_unknown_fields)]
+pub struct Pagination {
+    #[serde(default)]
+    pub offset: usize,
+    #[serde(default = "PAGINATION_DEFAULT_LIMIT")]
+    pub limit: usize,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct PaginationView<T> {
+    pub results: Vec<T>,
+    pub offset: usize,
+    pub limit: usize,
+    pub total: usize,
+}
+
+impl Pagination {
+    /// Given the full data to paginate, returns the selected section.
+    pub fn auto_paginate_sized<T>(
+        self,
+        content: impl IntoIterator<Item = T> + ExactSizeIterator,
+    ) -> PaginationView<T>
+    where
+        T: Serialize,
+    {
+        let total = content.len();
+        let content: Vec<_> = content
+            .into_iter()
+            .skip(self.offset)
+            .take(self.limit)
+            .collect();
+        self.format_with(total, content)
+    }
+
+    /// Given an iterator and the total number of elements, returns the selected section.
+    pub fn auto_paginate_unsized<T>(
+        self,
+        total: usize,
+        content: impl IntoIterator<Item = T>,
+    ) -> PaginationView<T>
+    where
+        T: Serialize,
+    {
+        let content: Vec<_> = content
+            .into_iter()
+            .skip(self.offset)
+            .take(self.limit)
+            .collect();
+        self.format_with(total, content)
+    }
+
+    /// Given the data already paginated + the total number of elements, it stores
+    /// everything in a [PaginationResult].
+    pub fn format_with<T>(self, total: usize, results: Vec<T>) -> PaginationView<T>
+    where
+        T: Serialize,
+    {
+        PaginationView {
+            results,
+            offset: self.offset,
+            limit: self.limit,
+            total,
+        }
+    }
+}
+
+impl<T> PaginationView<T> {
+    pub fn new(offset: usize, limit: usize, total: usize, results: Vec<T>) -> Self {
+        Self {
+            offset,
+            limit,
+            results,
+            total,
+        }
+    }
+}
+
 #[derive(Debug, Clone, Serialize, Deserialize)]
 #[allow(clippy::large_enum_variant)]
 #[serde(tag = "name")]
@ -48,38 +146,6 @@ pub enum UpdateType {
    },
 }

-impl From<&UpdateStatus> for UpdateType {
-    fn from(other: &UpdateStatus) -> Self {
-        use meilisearch_lib::milli::update::IndexDocumentsMethod::*;
-        match other.meta() {
-            Update::DocumentAddition { method, .. } => {
-                let number = match other {
-                    UpdateStatus::Processed(processed) => match processed.success {
-                        UpdateResult::DocumentsAddition(ref addition) => {
-                            Some(addition.nb_documents)
-                        }
-                        _ => None,
-                    },
-                    _ => None,
-                };
-
-                match method {
-                    ReplaceDocuments => UpdateType::DocumentsAddition { number },
-                    UpdateDocuments => UpdateType::DocumentsPartial { number },
-                    _ => unreachable!(),
-                }
-            }
-            Update::Settings(settings) => UpdateType::Settings {
-                settings: settings.clone(),
-            },
-            Update::ClearDocuments => UpdateType::ClearAll,
-            Update::DeleteDocuments(ids) => UpdateType::DocumentsDeletion {
-                number: Some(ids.len()),
-            },
-        }
-    }
-}
-
 #[derive(Debug, Clone, Serialize, Deserialize)]
 #[serde(rename_all = "camelCase")]
 pub struct ProcessedUpdateResult {
@ -87,8 +153,10 @@ pub struct ProcessedUpdateResult {
    #[serde(rename = "type")]
    pub update_type: UpdateType,
    pub duration: f64, // in seconds
-    pub enqueued_at: DateTime<Utc>,
-    pub processed_at: DateTime<Utc>,
+    #[serde(with = "time::serde::rfc3339")]
+    pub enqueued_at: OffsetDateTime,
+    #[serde(with = "time::serde::rfc3339")]
+    pub processed_at: OffsetDateTime,
 }

 #[derive(Debug, Clone, Serialize, Deserialize)]
@ -97,11 +165,12 @@ pub struct FailedUpdateResult {
    pub update_id: u64,
    #[serde(rename = "type")]
    pub update_type: UpdateType,
-    #[serde(flatten)]
-    pub response: ResponseError,
+    pub error: ResponseError,
    pub duration: f64, // in seconds
-    pub enqueued_at: DateTime<Utc>,
-    pub processed_at: DateTime<Utc>,
+    #[serde(with = "time::serde::rfc3339")]
+    pub enqueued_at: OffsetDateTime,
+    #[serde(with = "time::serde::rfc3339")]
+    pub processed_at: OffsetDateTime,
 }

 #[derive(Debug, Clone, Serialize, Deserialize)]
@ -110,9 +179,13 @@ pub struct EnqueuedUpdateResult {
    pub update_id: u64,
    #[serde(rename = "type")]
    pub update_type: UpdateType,
-    pub enqueued_at: DateTime<Utc>,
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub started_processing_at: Option<DateTime<Utc>>,
+    #[serde(with = "time::serde::rfc3339")]
+    pub enqueued_at: OffsetDateTime,
+    #[serde(
+        skip_serializing_if = "Option::is_none",
+        with = "time::serde::rfc3339::option"
+    )]
+    pub started_processing_at: Option<OffsetDateTime>,
 }

 #[derive(Debug, Clone, Serialize, Deserialize)]
@ -136,81 +209,6 @@ pub enum UpdateStatusResponse {
    },
 }

-impl From<UpdateStatus> for UpdateStatusResponse {
-    fn from(other: UpdateStatus) -> Self {
-        let update_type = UpdateType::from(&other);
-
-        match other {
-            UpdateStatus::Processing(processing) => {
-                let content = EnqueuedUpdateResult {
-                    update_id: processing.id(),
-                    update_type,
-                    enqueued_at: processing.from.enqueued_at,
-                    started_processing_at: Some(processing.started_processing_at),
-                };
-                UpdateStatusResponse::Processing { content }
-            }
-            UpdateStatus::Enqueued(enqueued) => {
-                let content = EnqueuedUpdateResult {
-                    update_id: enqueued.id(),
-                    update_type,
-                    enqueued_at: enqueued.enqueued_at,
-                    started_processing_at: None,
-                };
-                UpdateStatusResponse::Enqueued { content }
-            }
-            UpdateStatus::Processed(processed) => {
-                let duration = processed
-                    .processed_at
-                    .signed_duration_since(processed.from.started_processing_at)
-                    .num_milliseconds();
-
-                // necessary since chrono::duration don't expose a f64 secs method.
-                let duration = Duration::from_millis(duration as u64).as_secs_f64();
-
-                let content = ProcessedUpdateResult {
-                    update_id: processed.id(),
-                    update_type,
-                    duration,
-                    enqueued_at: processed.from.from.enqueued_at,
-                    processed_at: processed.processed_at,
-                };
-                UpdateStatusResponse::Processed { content }
-            }
-            UpdateStatus::Aborted(_) => unreachable!(),
-            UpdateStatus::Failed(failed) => {
-                let duration = failed
-                    .failed_at
-                    .signed_duration_since(failed.from.started_processing_at)
-                    .num_milliseconds();
-
-                // necessary since chrono::duration don't expose a f64 secs method.
-                let duration = Duration::from_millis(duration as u64).as_secs_f64();
-
-                let update_id = failed.id();
-                let processed_at = failed.failed_at;
-                let enqueued_at = failed.from.from.enqueued_at;
-                let response = failed.into();
-
-                let content = FailedUpdateResult {
-                    update_id,
-                    update_type,
-                    response,
-                    duration,
-                    enqueued_at,
-                    processed_at,
-                };
-                UpdateStatusResponse::Failed { content }
-            }
-        }
-    }
-}
-
-#[derive(Deserialize)]
-pub struct IndexParam {
-    index_uid: String,
-}
-
 #[derive(Serialize)]
 #[serde(rename_all = "camelCase")]
 pub struct IndexUpdateResponse {
@ -230,13 +228,21 @@ impl IndexUpdateResponse {
 /// }
 /// ```
 pub async fn running() -> HttpResponse {
-    HttpResponse::Ok().json(serde_json::json!({ "status": "MeiliSearch is running" }))
+    HttpResponse::Ok().json(serde_json::json!({ "status": "Meilisearch is running" }))
 }

 async fn get_stats(
-    meilisearch: GuardedData<Private, MeiliSearch>,
+    meilisearch: GuardedData<ActionPolicy<{ actions::STATS_GET }>, MeiliSearch>,
+    req: HttpRequest,
+    analytics: web::Data<dyn Analytics>,
 ) -> Result<HttpResponse, ResponseError> {
-    let response = meilisearch.get_all_stats().await?;
+    analytics.publish(
+        "Stats Seen".to_string(),
+        json!({ "per_index_uid": false }),
+        Some(&req),
+    );
+    let search_rules = &meilisearch.filters().search_rules;
+    let response = meilisearch.get_all_stats(search_rules).await?;

    debug!("returns: {:?}", response);
    Ok(HttpResponse::Ok().json(response))
@ -250,7 +256,9 @@ struct VersionResponse {
    pkg_version: String,
 }

-async fn get_version(_meilisearch: GuardedData<Private, MeiliSearch>) -> HttpResponse {
+async fn get_version(
+    _meilisearch: GuardedData<ActionPolicy<{ actions::VERSION }>, MeiliSearch>,
+) -> HttpResponse {
    let commit_sha = option_env!("VERGEN_GIT_SHA").unwrap_or("unknown");
    let commit_date = option_env!("VERGEN_GIT_COMMIT_TIMESTAMP").unwrap_or("unknown");

@ -267,108 +275,6 @@ struct KeysResponse {
    public: Option<String>,
 }

-pub async fn list_keys(meilisearch: GuardedData<Admin, ApiKeys>) -> HttpResponse {
-    let api_keys = (*meilisearch).clone();
-    HttpResponse::Ok().json(&KeysResponse {
-        private: api_keys.private,
-        public: api_keys.public,
-    })
-}
-
 pub async fn get_health() -> Result<HttpResponse, ResponseError> {
    Ok(HttpResponse::Ok().json(serde_json::json!({ "status": "available" })))
 }
-
-#[cfg(test)]
-mod test {
-    use super::*;
-    use crate::extractors::authentication::GuardedData;
-
-    /// A type implemented for a route that uses a authentication policy `Policy`.
-    ///
-    /// This trait is used for regression testing of route authenticaton policies.
-    trait Is<Policy, Data, T> {}
-
-    macro_rules! impl_is_policy {
-        ($($param:ident)*) => {
-            impl<Policy, Func, Data, $($param,)* Res> Is<Policy, Data, (($($param,)*), Res)> for Func
-                where Func: Fn(GuardedData<Policy, Data>, $($param,)*) -> Res {}
-
-        };
-    }
-
-    impl_is_policy! {}
-    impl_is_policy! {A}
-    impl_is_policy! {A B}
-    impl_is_policy! {A B C}
-    impl_is_policy! {A B C D}
-    impl_is_policy! {A B C D E}
-
-    /// Emits a compile error if a route doesn't have the correct authentication policy.
-    ///
-    /// This works by trying to cast the route function into a Is<Policy, _> type, where Policy it
-    /// the authentication policy defined for the route.
-    macro_rules! test_auth_routes {
-        ($($policy:ident => { $($route:expr,)*})*) => {
-            #[test]
-            fn test_auth() {
-                $($(let _: &dyn Is<$policy, _, _> = &$route;)*)*
-            }
-        };
-    }
-
-    test_auth_routes! {
-        Public => {
-            indexes::search::search_with_url_query,
-            indexes::search::search_with_post,
-
-            indexes::documents::get_document,
-            indexes::documents::get_all_documents,
-        }
-        Private => {
-            get_stats,
-            get_version,
-
-            indexes::create_index,
-            indexes::list_indexes,
-            indexes::get_index_stats,
-            indexes::delete_index,
-            indexes::update_index,
-            indexes::get_index,
-
-            dump::create_dump,
-
-            indexes::settings::filterable_attributes::get,
-            indexes::settings::displayed_attributes::get,
-            indexes::settings::searchable_attributes::get,
-            indexes::settings::stop_words::get,
-            indexes::settings::synonyms::get,
-            indexes::settings::distinct_attribute::get,
-            indexes::settings::filterable_attributes::update,
-            indexes::settings::displayed_attributes::update,
-            indexes::settings::searchable_attributes::update,
-            indexes::settings::stop_words::update,
-            indexes::settings::synonyms::update,
-            indexes::settings::distinct_attribute::update,
-            indexes::settings::filterable_attributes::delete,
-            indexes::settings::displayed_attributes::delete,
-            indexes::settings::searchable_attributes::delete,
-            indexes::settings::stop_words::delete,
-            indexes::settings::synonyms::delete,
-            indexes::settings::distinct_attribute::delete,
-            indexes::settings::delete_all,
-            indexes::settings::get_all,
-            indexes::settings::update_all,
-
-            indexes::documents::clear_all_documents,
-            indexes::documents::delete_documents,
-            indexes::documents::update_documents,
-            indexes::documents::add_documents,
-            indexes::documents::delete_document,
-
-            indexes::updates::get_all_updates_status,
-            indexes::updates::get_update_status,
-        }
-        Admin => { list_keys, }
-    }
-}
--- a/meilisearch-http/src/routes/tasks.rs
+++ b/meilisearch-http/src/routes/tasks.rs
@ -0,0 +1,203 @@
+use actix_web::{web, HttpRequest, HttpResponse};
+use meilisearch_lib::tasks::task::{TaskContent, TaskEvent, TaskId};
+use meilisearch_lib::tasks::TaskFilter;
+use meilisearch_lib::MeiliSearch;
+use meilisearch_types::error::ResponseError;
+use meilisearch_types::index_uid::IndexUid;
+use meilisearch_types::star_or::StarOr;
+use serde::Deserialize;
+use serde_cs::vec::CS;
+use serde_json::json;
+
+use crate::analytics::Analytics;
+use crate::extractors::authentication::{policies::*, GuardedData};
+use crate::extractors::sequential_extractor::SeqHandler;
+use crate::task::{TaskListView, TaskStatus, TaskType, TaskView};
+
+use super::fold_star_or;
+
+const DEFAULT_LIMIT: fn() -> usize = || 20;
+
+pub fn configure(cfg: &mut web::ServiceConfig) {
+    cfg.service(web::resource("").route(web::get().to(SeqHandler(get_tasks))))
+        .service(web::resource("/{task_id}").route(web::get().to(SeqHandler(get_task))));
+}
+
+#[derive(Deserialize, Debug)]
+#[serde(rename_all = "camelCase", deny_unknown_fields)]
+pub struct TasksFilterQuery {
+    #[serde(rename = "type")]
+    type_: Option<CS<StarOr<TaskType>>>,
+    status: Option<CS<StarOr<TaskStatus>>>,
+    index_uid: Option<CS<StarOr<IndexUid>>>,
+    #[serde(default = "DEFAULT_LIMIT")]
+    limit: usize,
+    from: Option<TaskId>,
+}
+
+#[rustfmt::skip]
+fn task_type_matches_content(type_: &TaskType, content: &TaskContent) -> bool {
+    matches!((type_, content),
+          (TaskType::IndexCreation, TaskContent::IndexCreation { .. })
+        | (TaskType::IndexUpdate, TaskContent::IndexUpdate { .. })
+        | (TaskType::IndexDeletion, TaskContent::IndexDeletion { .. })
+        | (TaskType::DocumentAdditionOrUpdate, TaskContent::DocumentAddition { .. })
+        | (TaskType::DocumentDeletion, TaskContent::DocumentDeletion{ .. })
+        | (TaskType::SettingsUpdate, TaskContent::SettingsUpdate { .. })
+    )
+}
+
+#[rustfmt::skip]
+fn task_status_matches_events(status: &TaskStatus, events: &[TaskEvent]) -> bool {
+    events.last().map_or(false, |event| {
+        matches!((status, event),
+              (TaskStatus::Enqueued, TaskEvent::Created(_))
+            | (TaskStatus::Processing, TaskEvent::Processing(_) | TaskEvent::Batched { .. })
+            | (TaskStatus::Succeeded, TaskEvent::Succeeded { .. })
+            | (TaskStatus::Failed, TaskEvent::Failed { .. }),
+        )
+    })
+}
+
+async fn get_tasks(
+    meilisearch: GuardedData<ActionPolicy<{ actions::TASKS_GET }>, MeiliSearch>,
+    params: web::Query<TasksFilterQuery>,
+    req: HttpRequest,
+    analytics: web::Data<dyn Analytics>,
+) -> Result<HttpResponse, ResponseError> {
+    let TasksFilterQuery {
+        type_,
+        status,
+        index_uid,
+        limit,
+        from,
+    } = params.into_inner();
+
+    let search_rules = &meilisearch.filters().search_rules;
+
+    // We first transform a potential indexUid=* into a "not specified indexUid filter"
+    // for every one of the filters: type, status, and indexUid.
+    let type_: Option<Vec<_>> = type_.and_then(fold_star_or);
+    let status: Option<Vec<_>> = status.and_then(fold_star_or);
+    let index_uid: Option<Vec<_>> = index_uid.and_then(fold_star_or);
+
+    analytics.publish(
+        "Tasks Seen".to_string(),
+        json!({
+            "filtered_by_index_uid": index_uid.as_ref().map_or(false, |v| !v.is_empty()),
+            "filtered_by_type": type_.as_ref().map_or(false, |v| !v.is_empty()),
+            "filtered_by_status": status.as_ref().map_or(false, |v| !v.is_empty()),
+        }),
+        Some(&req),
+    );
+
+    // Then we filter on potential indexes and make sure that the search filter
+    // restrictions are also applied.
+    let indexes_filters = match index_uid {
+        Some(indexes) => {
+            let mut filters = TaskFilter::default();
+            for name in indexes {
+                if search_rules.is_index_authorized(&name) {
+                    filters.filter_index(name.to_string());
+                }
+            }
+            Some(filters)
+        }
+        None => {
+            if search_rules.is_index_authorized("*") {
+                None
+            } else {
+                let mut filters = TaskFilter::default();
+                for (index, _policy) in search_rules.clone() {
+                    filters.filter_index(index);
+                }
+                Some(filters)
+            }
+        }
+    };
+
+    // Then we complete the task filter with other potential status and types filters.
+    let filters = if type_.is_some() || status.is_some() {
+        let mut filters = indexes_filters.unwrap_or_default();
+        filters.filter_fn(Box::new(move |task| {
+            let matches_type = match &type_ {
+                Some(types) => types
+                    .iter()
+                    .any(|t| task_type_matches_content(t, &task.content)),
+                None => true,
+            };
+
+            let matches_status = match &status {
+                Some(statuses) => statuses
+                    .iter()
+                    .any(|t| task_status_matches_events(t, &task.events)),
+                None => true,
+            };
+
+            matches_type && matches_status
+        }));
+        Some(filters)
+    } else {
+        indexes_filters
+    };
+
+    // We +1 just to know if there is more after this "page" or not.
+    let limit = limit.saturating_add(1);
+
+    let mut tasks_results: Vec<_> = meilisearch
+        .list_tasks(filters, Some(limit), from)
+        .await?
+        .into_iter()
+        .map(TaskView::from)
+        .collect();
+
+    // If we were able to fetch the number +1 tasks we asked
+    // it means that there is more to come.
+    let next = if tasks_results.len() == limit {
+        tasks_results.pop().map(|t| t.uid)
+    } else {
+        None
+    };
+
+    let from = tasks_results.first().map(|t| t.uid);
+
+    let tasks = TaskListView {
+        results: tasks_results,
+        limit: limit.saturating_sub(1),
+        from,
+        next,
+    };
+
+    Ok(HttpResponse::Ok().json(tasks))
+}
+
+async fn get_task(
+    meilisearch: GuardedData<ActionPolicy<{ actions::TASKS_GET }>, MeiliSearch>,
+    task_id: web::Path<TaskId>,
+    req: HttpRequest,
+    analytics: web::Data<dyn Analytics>,
+) -> Result<HttpResponse, ResponseError> {
+    analytics.publish(
+        "Tasks Seen".to_string(),
+        json!({ "per_task_uid": true }),
+        Some(&req),
+    );
+
+    let search_rules = &meilisearch.filters().search_rules;
+    let filters = if search_rules.is_index_authorized("*") {
+        None
+    } else {
+        let mut filters = TaskFilter::default();
+        for (index, _policy) in search_rules.clone() {
+            filters.filter_index(index);
+        }
+        Some(filters)
+    };
+
+    let task: TaskView = meilisearch
+        .get_task(task_id.into_inner(), filters)
+        .await?
+        .into();
+
+    Ok(HttpResponse::Ok().json(task))
+}
--- a/meilisearch-http/src/task.rs
+++ b/meilisearch-http/src/task.rs
@ -0,0 +1,434 @@
+use std::error::Error;
+use std::fmt::{self, Write};
+use std::str::FromStr;
+use std::write;
+
+use meilisearch_lib::index::{Settings, Unchecked};
+use meilisearch_lib::tasks::task::{
+    DocumentDeletion, Task, TaskContent, TaskEvent, TaskId, TaskResult,
+};
+use meilisearch_types::error::ResponseError;
+use serde::{Deserialize, Serialize, Serializer};
+use time::{Duration, OffsetDateTime};
+
+#[derive(Debug, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub enum TaskType {
+    IndexCreation,
+    IndexUpdate,
+    IndexDeletion,
+    DocumentAdditionOrUpdate,
+    DocumentDeletion,
+    SettingsUpdate,
+    DumpCreation,
+}
+
+impl From<TaskContent> for TaskType {
+    fn from(other: TaskContent) -> Self {
+        match other {
+            TaskContent::IndexCreation { .. } => TaskType::IndexCreation,
+            TaskContent::IndexUpdate { .. } => TaskType::IndexUpdate,
+            TaskContent::IndexDeletion { .. } => TaskType::IndexDeletion,
+            TaskContent::DocumentAddition { .. } => TaskType::DocumentAdditionOrUpdate,
+            TaskContent::DocumentDeletion { .. } => TaskType::DocumentDeletion,
+            TaskContent::SettingsUpdate { .. } => TaskType::SettingsUpdate,
+            TaskContent::Dump { .. } => TaskType::DumpCreation,
+        }
+    }
+}
+
+#[derive(Debug)]
+pub struct TaskTypeError {
+    invalid_type: String,
+}
+
+impl fmt::Display for TaskTypeError {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        write!(
+            f,
+            "invalid task type `{}`, expecting one of: \
+            indexCreation, indexUpdate, indexDeletion, documentAdditionOrUpdate, \
+            documentDeletion, settingsUpdate, dumpCreation",
+            self.invalid_type
+        )
+    }
+}
+
+impl Error for TaskTypeError {}
+
+impl FromStr for TaskType {
+    type Err = TaskTypeError;
+
+    fn from_str(type_: &str) -> Result<Self, TaskTypeError> {
+        if type_.eq_ignore_ascii_case("indexCreation") {
+            Ok(TaskType::IndexCreation)
+        } else if type_.eq_ignore_ascii_case("indexUpdate") {
+            Ok(TaskType::IndexUpdate)
+        } else if type_.eq_ignore_ascii_case("indexDeletion") {
+            Ok(TaskType::IndexDeletion)
+        } else if type_.eq_ignore_ascii_case("documentAdditionOrUpdate") {
+            Ok(TaskType::DocumentAdditionOrUpdate)
+        } else if type_.eq_ignore_ascii_case("documentDeletion") {
+            Ok(TaskType::DocumentDeletion)
+        } else if type_.eq_ignore_ascii_case("settingsUpdate") {
+            Ok(TaskType::SettingsUpdate)
+        } else if type_.eq_ignore_ascii_case("dumpCreation") {
+            Ok(TaskType::DumpCreation)
+        } else {
+            Err(TaskTypeError {
+                invalid_type: type_.to_string(),
+            })
+        }
+    }
+}
+
+#[derive(Debug, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub enum TaskStatus {
+    Enqueued,
+    Processing,
+    Succeeded,
+    Failed,
+}
+
+#[derive(Debug)]
+pub struct TaskStatusError {
+    invalid_status: String,
+}
+
+impl fmt::Display for TaskStatusError {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        write!(
+            f,
+            "invalid task status `{}`, expecting one of: \
+            enqueued, processing, succeeded, or failed",
+            self.invalid_status,
+        )
+    }
+}
+
+impl Error for TaskStatusError {}
+
+impl FromStr for TaskStatus {
+    type Err = TaskStatusError;
+
+    fn from_str(status: &str) -> Result<Self, TaskStatusError> {
+        if status.eq_ignore_ascii_case("enqueued") {
+            Ok(TaskStatus::Enqueued)
+        } else if status.eq_ignore_ascii_case("processing") {
+            Ok(TaskStatus::Processing)
+        } else if status.eq_ignore_ascii_case("succeeded") {
+            Ok(TaskStatus::Succeeded)
+        } else if status.eq_ignore_ascii_case("failed") {
+            Ok(TaskStatus::Failed)
+        } else {
+            Err(TaskStatusError {
+                invalid_status: status.to_string(),
+            })
+        }
+    }
+}
+
+#[derive(Debug, Serialize)]
+#[serde(untagged)]
+#[allow(clippy::large_enum_variant)]
+enum TaskDetails {
+    #[serde(rename_all = "camelCase")]
+    DocumentAddition {
+        received_documents: usize,
+        indexed_documents: Option<u64>,
+    },
+    #[serde(rename_all = "camelCase")]
+    Settings {
+        #[serde(flatten)]
+        settings: Settings<Unchecked>,
+    },
+    #[serde(rename_all = "camelCase")]
+    IndexInfo { primary_key: Option<String> },
+    #[serde(rename_all = "camelCase")]
+    DocumentDeletion {
+        received_document_ids: usize,
+        deleted_documents: Option<u64>,
+    },
+    #[serde(rename_all = "camelCase")]
+    ClearAll { deleted_documents: Option<u64> },
+    #[serde(rename_all = "camelCase")]
+    Dump { dump_uid: String },
+}
+
+/// Serialize a `time::Duration` as a best effort ISO 8601 while waiting for
+/// https://github.com/time-rs/time/issues/378.
+/// This code is a port of the old code of time that was removed in 0.2.
+fn serialize_duration<S: Serializer>(
+    duration: &Option<Duration>,
+    serializer: S,
+) -> Result<S::Ok, S::Error> {
+    match duration {
+        Some(duration) => {
+            // technically speaking, negative duration is not valid ISO 8601
+            if duration.is_negative() {
+                return serializer.serialize_none();
+            }
+
+            const SECS_PER_DAY: i64 = Duration::DAY.whole_seconds();
+            let secs = duration.whole_seconds();
+            let days = secs / SECS_PER_DAY;
+            let secs = secs - days * SECS_PER_DAY;
+            let hasdate = days != 0;
+            let nanos = duration.subsec_nanoseconds();
+            let hastime = (secs != 0 || nanos != 0) || !hasdate;
+
+            // all the following unwrap can't fail
+            let mut res = String::new();
+            write!(&mut res, "P").unwrap();
+
+            if hasdate {
+                write!(&mut res, "{}D", days).unwrap();
+            }
+
+            const NANOS_PER_MILLI: i32 = Duration::MILLISECOND.subsec_nanoseconds();
+            const NANOS_PER_MICRO: i32 = Duration::MICROSECOND.subsec_nanoseconds();
+
+            if hastime {
+                if nanos == 0 {
+                    write!(&mut res, "T{}S", secs).unwrap();
+                } else if nanos % NANOS_PER_MILLI == 0 {
+                    write!(&mut res, "T{}.{:03}S", secs, nanos / NANOS_PER_MILLI).unwrap();
+                } else if nanos % NANOS_PER_MICRO == 0 {
+                    write!(&mut res, "T{}.{:06}S", secs, nanos / NANOS_PER_MICRO).unwrap();
+                } else {
+                    write!(&mut res, "T{}.{:09}S", secs, nanos).unwrap();
+                }
+            }
+
+            serializer.serialize_str(&res)
+        }
+        None => serializer.serialize_none(),
+    }
+}
+
+#[derive(Debug, Serialize)]
+#[serde(rename_all = "camelCase")]
+pub struct TaskView {
+    pub uid: TaskId,
+    index_uid: Option<String>,
+    status: TaskStatus,
+    #[serde(rename = "type")]
+    task_type: TaskType,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    details: Option<TaskDetails>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    error: Option<ResponseError>,
+    #[serde(serialize_with = "serialize_duration")]
+    duration: Option<Duration>,
+    #[serde(serialize_with = "time::serde::rfc3339::serialize")]
+    enqueued_at: OffsetDateTime,
+    #[serde(serialize_with = "time::serde::rfc3339::option::serialize")]
+    started_at: Option<OffsetDateTime>,
+    #[serde(serialize_with = "time::serde::rfc3339::option::serialize")]
+    finished_at: Option<OffsetDateTime>,
+}
+
+impl From<Task> for TaskView {
+    fn from(task: Task) -> Self {
+        let index_uid = task.index_uid().map(String::from);
+        let Task {
+            id,
+            content,
+            events,
+        } = task;
+
+        let (task_type, mut details) = match content {
+            TaskContent::DocumentAddition {
+                documents_count, ..
+            } => {
+                let details = TaskDetails::DocumentAddition {
+                    received_documents: documents_count,
+                    indexed_documents: None,
+                };
+
+                (TaskType::DocumentAdditionOrUpdate, Some(details))
+            }
+            TaskContent::DocumentDeletion {
+                deletion: DocumentDeletion::Ids(ids),
+                ..
+            } => (
+                TaskType::DocumentDeletion,
+                Some(TaskDetails::DocumentDeletion {
+                    received_document_ids: ids.len(),
+                    deleted_documents: None,
+                }),
+            ),
+            TaskContent::DocumentDeletion {
+                deletion: DocumentDeletion::Clear,
+                ..
+            } => (
+                TaskType::DocumentDeletion,
+                Some(TaskDetails::ClearAll {
+                    deleted_documents: None,
+                }),
+            ),
+            TaskContent::IndexDeletion { .. } => (
+                TaskType::IndexDeletion,
+                Some(TaskDetails::ClearAll {
+                    deleted_documents: None,
+                }),
+            ),
+            TaskContent::SettingsUpdate { settings, .. } => (
+                TaskType::SettingsUpdate,
+                Some(TaskDetails::Settings { settings }),
+            ),
+            TaskContent::IndexCreation { primary_key, .. } => (
+                TaskType::IndexCreation,
+                Some(TaskDetails::IndexInfo { primary_key }),
+            ),
+            TaskContent::IndexUpdate { primary_key, .. } => (
+                TaskType::IndexUpdate,
+                Some(TaskDetails::IndexInfo { primary_key }),
+            ),
+            TaskContent::Dump { uid } => (
+                TaskType::DumpCreation,
+                Some(TaskDetails::Dump { dump_uid: uid }),
+            ),
+        };
+
+        // An event always has at least one event: "Created"
+        let (status, error, finished_at) = match events.last().unwrap() {
+            TaskEvent::Created(_) => (TaskStatus::Enqueued, None, None),
+            TaskEvent::Batched { .. } => (TaskStatus::Enqueued, None, None),
+            TaskEvent::Processing(_) => (TaskStatus::Processing, None, None),
+            TaskEvent::Succeeded { timestamp, result } => {
+                match (result, &mut details) {
+                    (
+                        TaskResult::DocumentAddition {
+                            indexed_documents: num,
+                            ..
+                        },
+                        Some(TaskDetails::DocumentAddition {
+                            ref mut indexed_documents,
+                            ..
+                        }),
+                    ) => {
+                        indexed_documents.replace(*num);
+                    }
+                    (
+                        TaskResult::DocumentDeletion {
+                            deleted_documents: docs,
+                            ..
+                        },
+                        Some(TaskDetails::DocumentDeletion {
+                            ref mut deleted_documents,
+                            ..
+                        }),
+                    ) => {
+                        deleted_documents.replace(*docs);
+                    }
+                    (
+                        TaskResult::ClearAll {
+                            deleted_documents: docs,
+                        },
+                        Some(TaskDetails::ClearAll {
+                            ref mut deleted_documents,
+                        }),
+                    ) => {
+                        deleted_documents.replace(*docs);
+                    }
+                    _ => (),
+                }
+                (TaskStatus::Succeeded, None, Some(*timestamp))
+            }
+            TaskEvent::Failed { timestamp, error } => {
+                match details {
+                    Some(TaskDetails::DocumentDeletion {
+                        ref mut deleted_documents,
+                        ..
+                    }) => {
+                        deleted_documents.replace(0);
+                    }
+                    Some(TaskDetails::ClearAll {
+                        ref mut deleted_documents,
+                        ..
+                    }) => {
+                        deleted_documents.replace(0);
+                    }
+                    Some(TaskDetails::DocumentAddition {
+                        ref mut indexed_documents,
+                        ..
+                    }) => {
+                        indexed_documents.replace(0);
+                    }
+                    _ => (),
+                }
+                (TaskStatus::Failed, Some(error.clone()), Some(*timestamp))
+            }
+        };
+
+        let enqueued_at = match events.first() {
+            Some(TaskEvent::Created(ts)) => *ts,
+            _ => unreachable!("A task must always have a creation event."),
+        };
+
+        let started_at = events.iter().find_map(|e| match e {
+            TaskEvent::Processing(ts) => Some(*ts),
+            _ => None,
+        });
+
+        let duration = finished_at.zip(started_at).map(|(tf, ts)| (tf - ts));
+
+        Self {
+            uid: id,
+            index_uid,
+            status,
+            task_type,
+            details,
+            error,
+            duration,
+            enqueued_at,
+            started_at,
+            finished_at,
+        }
+    }
+}
+
+#[derive(Debug, Serialize)]
+pub struct TaskListView {
+    pub results: Vec<TaskView>,
+    pub limit: usize,
+    pub from: Option<TaskId>,
+    pub next: Option<TaskId>,
+}
+
+#[derive(Debug, Serialize)]
+#[serde(rename_all = "camelCase")]
+pub struct SummarizedTaskView {
+    task_uid: TaskId,
+    index_uid: Option<String>,
+    status: TaskStatus,
+    #[serde(rename = "type")]
+    task_type: TaskType,
+    #[serde(serialize_with = "time::serde::rfc3339::serialize")]
+    enqueued_at: OffsetDateTime,
+}
+
+impl From<Task> for SummarizedTaskView {
+    fn from(mut other: Task) -> Self {
+        let created_event = other
+            .events
+            .drain(..1)
+            .next()
+            .expect("Task must have an enqueued event.");
+
+        let enqueued_at = match created_event {
+            TaskEvent::Created(ts) => ts,
+            _ => unreachable!("The first event of a task must always be 'Created'"),
+        };
+
+        Self {
+            task_uid: other.id,
+            index_uid: other.index_uid().map(String::from),
+            status: TaskStatus::Enqueued,
+            task_type: other.content.into(),
+            enqueued_at,
+        }
+    }
+}
--- a/meilisearch-http/tests/assets/v1_v0.20.0_movies.dump
+++ b/meilisearch-http/tests/assets/v1_v0.20.0_movies.dump
--- a/meilisearch-http/tests/assets/v1_v0.20.0_movies_with_settings.dump
+++ b/meilisearch-http/tests/assets/v1_v0.20.0_movies_with_settings.dump
--- a/meilisearch-http/tests/assets/v1_v0.20.0_rubygems_with_settings.dump
+++ b/meilisearch-http/tests/assets/v1_v0.20.0_rubygems_with_settings.dump
--- a/meilisearch-http/tests/assets/v2_v0.21.1_movies.dump
+++ b/meilisearch-http/tests/assets/v2_v0.21.1_movies.dump
--- a/meilisearch-http/tests/assets/v2_v0.21.1_movies_with_settings.dump
+++ b/meilisearch-http/tests/assets/v2_v0.21.1_movies_with_settings.dump
--- a/meilisearch-http/tests/assets/v2_v0.21.1_rubygems_with_settings.dump
+++ b/meilisearch-http/tests/assets/v2_v0.21.1_rubygems_with_settings.dump
--- a/meilisearch-http/tests/assets/v3_v0.24.0_movies.dump
+++ b/meilisearch-http/tests/assets/v3_v0.24.0_movies.dump
--- a/meilisearch-http/tests/assets/v3_v0.24.0_movies_with_settings.dump
+++ b/meilisearch-http/tests/assets/v3_v0.24.0_movies_with_settings.dump
--- a/meilisearch-http/tests/assets/v3_v0.24.0_rubygems_with_settings.dump
+++ b/meilisearch-http/tests/assets/v3_v0.24.0_rubygems_with_settings.dump
--- a/meilisearch-http/tests/assets/v4_v0.25.2_movies.dump
+++ b/meilisearch-http/tests/assets/v4_v0.25.2_movies.dump
--- a/meilisearch-http/tests/assets/v4_v0.25.2_movies_with_settings.dump
+++ b/meilisearch-http/tests/assets/v4_v0.25.2_movies_with_settings.dump
--- a/meilisearch-http/tests/assets/v4_v0.25.2_rubygems_with_settings.dump
+++ b/meilisearch-http/tests/assets/v4_v0.25.2_rubygems_with_settings.dump
--- a/meilisearch-http/tests/assets/v5_v0.28.0_test_dump.dump
+++ b/meilisearch-http/tests/assets/v5_v0.28.0_test_dump.dump
--- a/meilisearch-http/tests/auth/api_keys.rs
+++ b/meilisearch-http/tests/auth/api_keys.rs
--- a/meilisearch-http/tests/auth/authorization.rs
+++ b/meilisearch-http/tests/auth/authorization.rs
@ -0,0 +1,724 @@
+use crate::common::Server;
+use ::time::format_description::well_known::Rfc3339;
+use maplit::{hashmap, hashset};
+use once_cell::sync::Lazy;
+use serde_json::{json, Value};
+use std::collections::{HashMap, HashSet};
+use time::{Duration, OffsetDateTime};
+
+pub static AUTHORIZATIONS: Lazy<HashMap<(&'static str, &'static str), HashSet<&'static str>>> =
+    Lazy::new(|| {
+        let mut authorizations = hashmap! {
+            ("POST",    "/indexes/products/search") =>                         hashset!{"search", "*"},
+            ("GET",     "/indexes/products/search") =>                         hashset!{"search", "*"},
+            ("POST",    "/indexes/products/documents") =>                      hashset!{"documents.add", "documents.*", "*"},
+            ("GET",     "/indexes/products/documents") =>                      hashset!{"documents.get", "documents.*", "*"},
+            ("GET",     "/indexes/products/documents/0") =>                    hashset!{"documents.get", "documents.*", "*"},
+            ("DELETE",  "/indexes/products/documents/0") =>                    hashset!{"documents.delete", "documents.*", "*"},
+            ("GET",     "/tasks") =>                                           hashset!{"tasks.get", "tasks.*", "*"},
+            ("GET",     "/tasks?indexUid=products") =>                         hashset!{"tasks.get", "tasks.*", "*"},
+            ("GET",     "/tasks/0") =>                                         hashset!{"tasks.get", "tasks.*", "*"},
+            ("PATCH",   "/indexes/products/") =>                               hashset!{"indexes.update", "indexes.*", "*"},
+            ("GET",     "/indexes/products/") =>                               hashset!{"indexes.get", "indexes.*", "*"},
+            ("DELETE",  "/indexes/products/") =>                               hashset!{"indexes.delete", "indexes.*", "*"},
+            ("POST",    "/indexes") =>                                         hashset!{"indexes.create", "indexes.*", "*"},
+            ("GET",     "/indexes") =>                                         hashset!{"indexes.get", "indexes.*", "*"},
+            ("GET",     "/indexes/products/settings") =>                       hashset!{"settings.get", "settings.*", "*"},
+            ("GET",     "/indexes/products/settings/displayed-attributes") =>  hashset!{"settings.get", "settings.*", "*"},
+            ("GET",     "/indexes/products/settings/distinct-attribute") =>    hashset!{"settings.get", "settings.*", "*"},
+            ("GET",     "/indexes/products/settings/filterable-attributes") => hashset!{"settings.get", "settings.*", "*"},
+            ("GET",     "/indexes/products/settings/ranking-rules") =>         hashset!{"settings.get", "settings.*", "*"},
+            ("GET",     "/indexes/products/settings/searchable-attributes") => hashset!{"settings.get", "settings.*", "*"},
+            ("GET",     "/indexes/products/settings/sortable-attributes") =>   hashset!{"settings.get", "settings.*", "*"},
+            ("GET",     "/indexes/products/settings/stop-words") =>            hashset!{"settings.get", "settings.*", "*"},
+            ("GET",     "/indexes/products/settings/synonyms") =>              hashset!{"settings.get", "settings.*", "*"},
+            ("DELETE",  "/indexes/products/settings") =>                       hashset!{"settings.update", "settings.*", "*"},
+            ("PATCH",   "/indexes/products/settings") =>                       hashset!{"settings.update", "settings.*", "*"},
+            ("PATCH",   "/indexes/products/settings/typo-tolerance") =>        hashset!{"settings.update", "settings.*", "*"},
+            ("PUT",     "/indexes/products/settings/displayed-attributes") =>  hashset!{"settings.update", "settings.*", "*"},
+            ("PUT",     "/indexes/products/settings/distinct-attribute") =>    hashset!{"settings.update", "settings.*", "*"},
+            ("PUT",     "/indexes/products/settings/filterable-attributes") => hashset!{"settings.update", "settings.*", "*"},
+            ("PUT",     "/indexes/products/settings/ranking-rules") =>         hashset!{"settings.update", "settings.*", "*"},
+            ("PUT",     "/indexes/products/settings/searchable-attributes") => hashset!{"settings.update", "settings.*", "*"},
+            ("PUT",     "/indexes/products/settings/sortable-attributes") =>   hashset!{"settings.update", "settings.*", "*"},
+            ("PUT",     "/indexes/products/settings/stop-words") =>            hashset!{"settings.update", "settings.*", "*"},
+            ("PUT",     "/indexes/products/settings/synonyms") =>              hashset!{"settings.update", "settings.*", "*"},
+            ("GET",     "/indexes/products/stats") =>                          hashset!{"stats.get", "stats.*", "*"},
+            ("GET",     "/stats") =>                                           hashset!{"stats.get", "stats.*", "*"},
+            ("POST",    "/dumps") =>                                           hashset!{"dumps.create", "dumps.*", "*"},
+            ("GET",     "/version") =>                                         hashset!{"version", "*"},
+            ("PATCH",   "/keys/mykey/") =>                                     hashset!{"keys.update", "*"},
+            ("GET",     "/keys/mykey/") =>                                     hashset!{"keys.get", "*"},
+            ("DELETE",  "/keys/mykey/") =>                                     hashset!{"keys.delete", "*"},
+            ("POST",    "/keys") =>                                            hashset!{"keys.create", "*"},
+            ("GET",     "/keys") =>                                            hashset!{"keys.get", "*"},
+        };
+
+        if cfg!(feature = "metrics") {
+            authorizations.insert(
+                ("GET", "/metrics"),
+                hashset! {"metrics.get", "metrics.*", "*"},
+            );
+        }
+
+        authorizations
+    });
+
+pub static ALL_ACTIONS: Lazy<HashSet<&'static str>> = Lazy::new(|| {
+    AUTHORIZATIONS
+        .values()
+        .cloned()
+        .reduce(|l, r| l.union(&r).cloned().collect())
+        .unwrap()
+});
+
+static INVALID_RESPONSE: Lazy<Value> = Lazy::new(|| {
+    json!({"message": "The provided API key is invalid.",
+        "code": "invalid_api_key",
+        "type": "auth",
+        "link": "https://docs.meilisearch.com/errors#invalid_api_key"
+    })
+});
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn error_access_expired_key() {
+    use std::{thread, time};
+
+    let mut server = Server::new_auth().await;
+    server.use_api_key("MASTER_KEY");
+
+    let content = json!({
+        "indexes": ["products"],
+        "actions": ALL_ACTIONS.clone(),
+        "expiresAt": (OffsetDateTime::now_utc() + Duration::seconds(1)).format(&Rfc3339).unwrap(),
+    });
+
+    let (response, code) = server.add_api_key(content).await;
+    assert_eq!(201, code, "{:?}", &response);
+    assert!(response["key"].is_string());
+
+    let key = response["key"].as_str().unwrap();
+    server.use_api_key(key);
+
+    // wait until the key is expired.
+    thread::sleep(time::Duration::new(1, 0));
+
+    for (method, route) in AUTHORIZATIONS.keys() {
+        let (response, code) = server.dummy_request(method, route).await;
+
+        assert_eq!(
+            response,
+            INVALID_RESPONSE.clone(),
+            "on route: {:?} - {:?}",
+            method,
+            route
+        );
+        assert_eq!(403, code, "{:?}", &response);
+    }
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn error_access_unauthorized_index() {
+    let mut server = Server::new_auth().await;
+    server.use_api_key("MASTER_KEY");
+
+    let content = json!({
+        "indexes": ["sales"],
+        "actions": ALL_ACTIONS.clone(),
+        "expiresAt": (OffsetDateTime::now_utc() + Duration::hours(1)).format(&Rfc3339).unwrap(),
+    });
+
+    let (response, code) = server.add_api_key(content).await;
+    assert_eq!(201, code, "{:?}", &response);
+    assert!(response["key"].is_string());
+
+    let key = response["key"].as_str().unwrap();
+    server.use_api_key(key);
+
+    for (method, route) in AUTHORIZATIONS
+        .keys()
+        // filter `products` index routes
+        .filter(|(_, route)| route.starts_with("/indexes/products"))
+    {
+        let (response, code) = server.dummy_request(method, route).await;
+
+        assert_eq!(
+            response,
+            INVALID_RESPONSE.clone(),
+            "on route: {:?} - {:?}",
+            method,
+            route
+        );
+        assert_eq!(403, code, "{:?}", &response);
+    }
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn error_access_unauthorized_action() {
+    let mut server = Server::new_auth().await;
+
+    for ((method, route), action) in AUTHORIZATIONS.iter() {
+        // create a new API key letting only the needed action.
+        server.use_api_key("MASTER_KEY");
+
+        let content = json!({
+            "indexes": ["products"],
+            "actions": ALL_ACTIONS.difference(action).collect::<Vec<_>>(),
+            "expiresAt": (OffsetDateTime::now_utc() + Duration::hours(1)).format(&Rfc3339).unwrap(),
+        });
+
+        let (response, code) = server.add_api_key(content).await;
+        assert_eq!(201, code, "{:?}", &response);
+        assert!(response["key"].is_string());
+
+        let key = response["key"].as_str().unwrap();
+        server.use_api_key(key);
+        let (response, code) = server.dummy_request(method, route).await;
+
+        assert_eq!(
+            response,
+            INVALID_RESPONSE.clone(),
+            "on route: {:?} - {:?}",
+            method,
+            route
+        );
+        assert_eq!(403, code, "{:?}", &response);
+    }
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn access_authorized_master_key() {
+    let mut server = Server::new_auth().await;
+    server.use_api_key("MASTER_KEY");
+
+    // master key must have access to all routes.
+    for ((method, route), _) in AUTHORIZATIONS.iter() {
+        let (response, code) = server.dummy_request(method, route).await;
+
+        assert_ne!(
+            response,
+            INVALID_RESPONSE.clone(),
+            "on route: {:?} - {:?}",
+            method,
+            route
+        );
+        assert_ne!(code, 403);
+    }
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn access_authorized_restricted_index() {
+    let mut server = Server::new_auth().await;
+    for ((method, route), actions) in AUTHORIZATIONS.iter() {
+        for action in actions {
+            // create a new API key letting only the needed action.
+            server.use_api_key("MASTER_KEY");
+
+            let content = json!({
+                "indexes": ["products"],
+                "actions": [action],
+                "expiresAt": (OffsetDateTime::now_utc() + Duration::hours(1)).format(&Rfc3339).unwrap(),
+            });
+
+            let (response, code) = server.add_api_key(content).await;
+            assert_eq!(201, code, "{:?}", &response);
+            assert!(response["key"].is_string());
+
+            let key = response["key"].as_str().unwrap();
+            server.use_api_key(key);
+
+            let (response, code) = server.dummy_request(method, route).await;
+
+            assert_ne!(
+                response,
+                INVALID_RESPONSE.clone(),
+                "on route: {:?} - {:?} with action: {:?}",
+                method,
+                route,
+                action
+            );
+            assert_ne!(code, 403);
+        }
+    }
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn access_authorized_no_index_restriction() {
+    let mut server = Server::new_auth().await;
+
+    for ((method, route), actions) in AUTHORIZATIONS.iter() {
+        for action in actions {
+            // create a new API key letting only the needed action.
+            server.use_api_key("MASTER_KEY");
+
+            let content = json!({
+                "indexes": ["*"],
+                "actions": [action],
+                "expiresAt": (OffsetDateTime::now_utc() + Duration::hours(1)).format(&Rfc3339).unwrap(),
+            });
+
+            let (response, code) = server.add_api_key(content).await;
+            assert_eq!(201, code, "{:?}", &response);
+            assert!(response["key"].is_string());
+
+            let key = response["key"].as_str().unwrap();
+            server.use_api_key(key);
+
+            let (response, code) = server.dummy_request(method, route).await;
+
+            assert_ne!(
+                response,
+                INVALID_RESPONSE.clone(),
+                "on route: {:?} - {:?} with action: {:?}",
+                method,
+                route,
+                action
+            );
+            assert_ne!(code, 403);
+        }
+    }
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn access_authorized_stats_restricted_index() {
+    let mut server = Server::new_auth().await;
+    server.use_admin_key("MASTER_KEY").await;
+
+    // create index `test`
+    let index = server.index("test");
+    let (response, code) = index.create(Some("id")).await;
+    assert_eq!(202, code, "{:?}", &response);
+    // create index `products`
+    let index = server.index("products");
+    let (response, code) = index.create(Some("product_id")).await;
+    assert_eq!(202, code, "{:?}", &response);
+    index.wait_task(0).await;
+
+    // create key with access on `products` index only.
+    let content = json!({
+        "indexes": ["products"],
+        "actions": ["stats.get"],
+        "expiresAt": (OffsetDateTime::now_utc() + Duration::hours(1)).format(&Rfc3339).unwrap(),
+    });
+    let (response, code) = server.add_api_key(content).await;
+    assert_eq!(201, code, "{:?}", &response);
+    assert!(response["key"].is_string());
+
+    // use created key.
+    let key = response["key"].as_str().unwrap();
+    server.use_api_key(key);
+
+    let (response, code) = server.stats().await;
+    assert_eq!(200, code, "{:?}", &response);
+
+    // key should have access on `products` index.
+    assert!(response["indexes"].get("products").is_some());
+
+    // key should not have access on `test` index.
+    assert!(response["indexes"].get("test").is_none());
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn access_authorized_stats_no_index_restriction() {
+    let mut server = Server::new_auth().await;
+    server.use_admin_key("MASTER_KEY").await;
+
+    // create index `test`
+    let index = server.index("test");
+    let (response, code) = index.create(Some("id")).await;
+    assert_eq!(202, code, "{:?}", &response);
+    // create index `products`
+    let index = server.index("products");
+    let (response, code) = index.create(Some("product_id")).await;
+    assert_eq!(202, code, "{:?}", &response);
+    index.wait_task(0).await;
+
+    // create key with access on all indexes.
+    let content = json!({
+        "indexes": ["*"],
+        "actions": ["stats.get"],
+        "expiresAt": (OffsetDateTime::now_utc() + Duration::hours(1)).format(&Rfc3339).unwrap(),
+    });
+    let (response, code) = server.add_api_key(content).await;
+    assert_eq!(201, code, "{:?}", &response);
+    assert!(response["key"].is_string());
+
+    // use created key.
+    let key = response["key"].as_str().unwrap();
+    server.use_api_key(key);
+
+    let (response, code) = server.stats().await;
+    assert_eq!(200, code, "{:?}", &response);
+
+    // key should have access on `products` index.
+    assert!(response["indexes"].get("products").is_some());
+
+    // key should have access on `test` index.
+    assert!(response["indexes"].get("test").is_some());
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn list_authorized_indexes_restricted_index() {
+    let mut server = Server::new_auth().await;
+    server.use_admin_key("MASTER_KEY").await;
+
+    // create index `test`
+    let index = server.index("test");
+    let (response, code) = index.create(Some("id")).await;
+    assert_eq!(202, code, "{:?}", &response);
+    // create index `products`
+    let index = server.index("products");
+    let (response, code) = index.create(Some("product_id")).await;
+    assert_eq!(202, code, "{:?}", &response);
+    index.wait_task(0).await;
+
+    // create key with access on `products` index only.
+    let content = json!({
+        "indexes": ["products"],
+        "actions": ["indexes.get"],
+        "expiresAt": (OffsetDateTime::now_utc() + Duration::hours(1)).format(&Rfc3339).unwrap(),
+    });
+    let (response, code) = server.add_api_key(content).await;
+    assert_eq!(201, code, "{:?}", &response);
+    assert!(response["key"].is_string());
+
+    // use created key.
+    let key = response["key"].as_str().unwrap();
+    server.use_api_key(key);
+
+    let (response, code) = server.list_indexes(None, None).await;
+    assert_eq!(200, code, "{:?}", &response);
+
+    let response = response["results"].as_array().unwrap();
+    // key should have access on `products` index.
+    assert!(response.iter().any(|index| index["uid"] == "products"));
+
+    // key should not have access on `test` index.
+    assert!(!response.iter().any(|index| index["uid"] == "test"));
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn list_authorized_indexes_no_index_restriction() {
+    let mut server = Server::new_auth().await;
+    server.use_admin_key("MASTER_KEY").await;
+
+    // create index `test`
+    let index = server.index("test");
+    let (response, code) = index.create(Some("id")).await;
+    assert_eq!(202, code, "{:?}", &response);
+    // create index `products`
+    let index = server.index("products");
+    let (response, code) = index.create(Some("product_id")).await;
+    assert_eq!(202, code, "{:?}", &response);
+    index.wait_task(0).await;
+
+    // create key with access on all indexes.
+    let content = json!({
+        "indexes": ["*"],
+        "actions": ["indexes.get"],
+        "expiresAt": (OffsetDateTime::now_utc() + Duration::hours(1)).format(&Rfc3339).unwrap(),
+    });
+    let (response, code) = server.add_api_key(content).await;
+    assert_eq!(201, code, "{:?}", &response);
+    assert!(response["key"].is_string());
+
+    // use created key.
+    let key = response["key"].as_str().unwrap();
+    server.use_api_key(key);
+
+    let (response, code) = server.list_indexes(None, None).await;
+    assert_eq!(200, code, "{:?}", &response);
+
+    let response = response["results"].as_array().unwrap();
+    // key should have access on `products` index.
+    assert!(response.iter().any(|index| index["uid"] == "products"));
+
+    // key should have access on `test` index.
+    assert!(response.iter().any(|index| index["uid"] == "test"));
+}
+
+#[actix_rt::test]
+async fn list_authorized_tasks_restricted_index() {
+    let mut server = Server::new_auth().await;
+    server.use_admin_key("MASTER_KEY").await;
+
+    // create index `test`
+    let index = server.index("test");
+    let (response, code) = index.create(Some("id")).await;
+    assert_eq!(202, code, "{:?}", &response);
+    // create index `products`
+    let index = server.index("products");
+    let (response, code) = index.create(Some("product_id")).await;
+    assert_eq!(202, code, "{:?}", &response);
+    index.wait_task(0).await;
+
+    // create key with access on `products` index only.
+    let content = json!({
+        "indexes": ["products"],
+        "actions": ["tasks.get"],
+        "expiresAt": (OffsetDateTime::now_utc() + Duration::hours(1)).format(&Rfc3339).unwrap(),
+    });
+    let (response, code) = server.add_api_key(content).await;
+    assert_eq!(201, code, "{:?}", &response);
+    assert!(response["key"].is_string());
+
+    // use created key.
+    let key = response["key"].as_str().unwrap();
+    server.use_api_key(key);
+
+    let (response, code) = server.service.get("/tasks").await;
+    assert_eq!(200, code, "{:?}", &response);
+    println!("{}", response);
+    let response = response["results"].as_array().unwrap();
+    // key should have access on `products` index.
+    assert!(response.iter().any(|task| task["indexUid"] == "products"));
+
+    // key should not have access on `test` index.
+    assert!(!response.iter().any(|task| task["indexUid"] == "test"));
+}
+
+#[actix_rt::test]
+async fn list_authorized_tasks_no_index_restriction() {
+    let mut server = Server::new_auth().await;
+    server.use_admin_key("MASTER_KEY").await;
+
+    // create index `test`
+    let index = server.index("test");
+    let (response, code) = index.create(Some("id")).await;
+    assert_eq!(202, code, "{:?}", &response);
+    // create index `products`
+    let index = server.index("products");
+    let (response, code) = index.create(Some("product_id")).await;
+    assert_eq!(202, code, "{:?}", &response);
+    index.wait_task(0).await;
+
+    // create key with access on all indexes.
+    let content = json!({
+        "indexes": ["*"],
+        "actions": ["tasks.get"],
+        "expiresAt": (OffsetDateTime::now_utc() + Duration::hours(1)).format(&Rfc3339).unwrap(),
+    });
+    let (response, code) = server.add_api_key(content).await;
+    assert_eq!(201, code, "{:?}", &response);
+    assert!(response["key"].is_string());
+
+    // use created key.
+    let key = response["key"].as_str().unwrap();
+    server.use_api_key(key);
+
+    let (response, code) = server.service.get("/tasks").await;
+    assert_eq!(200, code, "{:?}", &response);
+
+    let response = response["results"].as_array().unwrap();
+    // key should have access on `products` index.
+    assert!(response.iter().any(|task| task["indexUid"] == "products"));
+
+    // key should have access on `test` index.
+    assert!(response.iter().any(|task| task["indexUid"] == "test"));
+}
+
+#[actix_rt::test]
+async fn error_creating_index_without_action() {
+    let mut server = Server::new_auth().await;
+    server.use_api_key("MASTER_KEY");
+
+    // create key with access on all indexes.
+    let content = json!({
+        "indexes": ["*"],
+        // Give all action but the ones allowing to create an index.
+        "actions": ALL_ACTIONS.iter().cloned().filter(|a| !AUTHORIZATIONS.get(&("POST","/indexes")).unwrap().contains(a)).collect::<Vec<_>>(),
+        "expiresAt": "2050-11-13T00:00:00Z"
+    });
+    let (response, code) = server.add_api_key(content).await;
+    assert_eq!(201, code, "{:?}", &response);
+    assert!(response["key"].is_string());
+
+    // use created key.
+    let key = response["key"].as_str().unwrap();
+    server.use_api_key(key);
+
+    let expected_error = json!({
+        "message": "Index `test` not found.",
+        "code": "index_not_found",
+        "type": "invalid_request",
+        "link": "https://docs.meilisearch.com/errors#index_not_found"
+    });
+
+    // try to create a index via add documents route
+    let index = server.index("test");
+    let documents = json!([
+        {
+            "id": 1,
+            "content": "foo",
+        }
+    ]);
+
+    let (response, code) = index.add_documents(documents, None).await;
+    assert_eq!(202, code, "{:?}", &response);
+    let task_id = response["taskUid"].as_u64().unwrap();
+
+    let response = index.wait_task(task_id).await;
+    assert_eq!(response["status"], "failed");
+    assert_eq!(response["error"], expected_error.clone());
+
+    // try to create a index via add settings route
+    let settings = json!({ "distinctAttribute": "test"});
+
+    let (response, code) = index.update_settings(settings).await;
+    assert_eq!(202, code, "{:?}", &response);
+    let task_id = response["taskUid"].as_u64().unwrap();
+
+    let response = index.wait_task(task_id).await;
+
+    assert_eq!(response["status"], "failed");
+    assert_eq!(response["error"], expected_error.clone());
+
+    // try to create a index via add specialized settings route
+    let (response, code) = index.update_distinct_attribute(json!("test")).await;
+    assert_eq!(202, code, "{:?}", &response);
+    let task_id = response["taskUid"].as_u64().unwrap();
+
+    let response = index.wait_task(task_id).await;
+
+    assert_eq!(response["status"], "failed");
+    assert_eq!(response["error"], expected_error.clone());
+}
+
+#[actix_rt::test]
+async fn lazy_create_index() {
+    let mut server = Server::new_auth().await;
+
+    // create key with access on all indexes.
+    let contents = vec![
+        json!({
+            "indexes": ["*"],
+            "actions": ["*"],
+            "expiresAt": "2050-11-13T00:00:00Z"
+        }),
+        json!({
+            "indexes": ["*"],
+            "actions": ["indexes.*", "documents.*", "settings.*", "tasks.*"],
+            "expiresAt": "2050-11-13T00:00:00Z"
+        }),
+        json!({
+            "indexes": ["*"],
+            "actions": ["indexes.create", "documents.add", "settings.update", "tasks.get"],
+            "expiresAt": "2050-11-13T00:00:00Z"
+        }),
+    ];
+
+    for content in contents {
+        server.use_api_key("MASTER_KEY");
+        let (response, code) = server.add_api_key(content).await;
+        assert_eq!(201, code, "{:?}", &response);
+        assert!(response["key"].is_string());
+
+        // use created key.
+        let key = response["key"].as_str().unwrap();
+        server.use_api_key(key);
+
+        // try to create a index via add documents route
+        let index = server.index("test");
+        let documents = json!([
+            {
+                "id": 1,
+                "content": "foo",
+            }
+        ]);
+
+        let (response, code) = index.add_documents(documents, None).await;
+        assert_eq!(202, code, "{:?}", &response);
+        let task_id = response["taskUid"].as_u64().unwrap();
+
+        index.wait_task(task_id).await;
+
+        let (response, code) = index.get_task(task_id).await;
+        assert_eq!(200, code, "{:?}", &response);
+        assert_eq!(response["status"], "succeeded");
+
+        // try to create a index via add settings route
+        let index = server.index("test1");
+        let settings = json!({ "distinctAttribute": "test"});
+
+        let (response, code) = index.update_settings(settings).await;
+        assert_eq!(202, code, "{:?}", &response);
+        let task_id = response["taskUid"].as_u64().unwrap();
+
+        index.wait_task(task_id).await;
+
+        let (response, code) = index.get_task(task_id).await;
+        assert_eq!(200, code, "{:?}", &response);
+        assert_eq!(response["status"], "succeeded");
+
+        // try to create a index via add specialized settings route
+        let index = server.index("test2");
+        let (response, code) = index.update_distinct_attribute(json!("test")).await;
+        assert_eq!(202, code, "{:?}", &response);
+        let task_id = response["taskUid"].as_u64().unwrap();
+
+        index.wait_task(task_id).await;
+
+        let (response, code) = index.get_task(task_id).await;
+        assert_eq!(200, code, "{:?}", &response);
+        assert_eq!(response["status"], "succeeded");
+    }
+}
+
+#[actix_rt::test]
+async fn error_creating_index_without_index() {
+    let mut server = Server::new_auth().await;
+    server.use_api_key("MASTER_KEY");
+
+    // create key with access on all indexes.
+    let content = json!({
+        "indexes": ["unexpected"],
+        "actions": ["*"],
+        "expiresAt": "2050-11-13T00:00:00Z"
+    });
+
+    let (response, code) = server.add_api_key(content).await;
+    assert_eq!(201, code, "{:?}", &response);
+    assert!(response["key"].is_string());
+
+    // use created key.
+    let key = response["key"].as_str().unwrap();
+    server.use_api_key(key);
+
+    // try to create a index via add documents route
+    let index = server.index("test");
+    let documents = json!([
+        {
+            "id": 1,
+            "content": "foo",
+        }
+    ]);
+
+    let (response, code) = index.add_documents(documents, None).await;
+    assert_eq!(403, code, "{:?}", &response);
+
+    // try to create a index via add settings route
+    let index = server.index("test1");
+    let settings = json!({ "distinctAttribute": "test"});
+    let (response, code) = index.update_settings(settings).await;
+    assert_eq!(403, code, "{:?}", &response);
+
+    // try to create a index via add specialized settings route
+    let index = server.index("test2");
+    let (response, code) = index.update_distinct_attribute(json!("test")).await;
+    assert_eq!(403, code, "{:?}", &response);
+
+    // try to create a index via create index route
+    let index = server.index("test3");
+    let (response, code) = index.create(None).await;
+    assert_eq!(403, code, "{:?}", &response);
+}
--- a/meilisearch-http/tests/auth/mod.rs
+++ b/meilisearch-http/tests/auth/mod.rs
@ -0,0 +1,64 @@
+mod api_keys;
+mod authorization;
+mod payload;
+mod tenant_token;
+
+use crate::common::Server;
+use actix_web::http::StatusCode;
+
+use serde_json::{json, Value};
+
+impl Server {
+    pub fn use_api_key(&mut self, api_key: impl AsRef<str>) {
+        self.service.api_key = Some(api_key.as_ref().to_string());
+    }
+
+    /// Fetch and use the default admin key for nexts http requests.
+    pub async fn use_admin_key(&mut self, master_key: impl AsRef<str>) {
+        self.use_api_key(master_key);
+        let (response, code) = self.list_api_keys().await;
+        assert_eq!(200, code, "{:?}", response);
+        let admin_key = &response["results"][1]["key"];
+        self.use_api_key(admin_key.as_str().unwrap());
+    }
+
+    pub async fn add_api_key(&self, content: Value) -> (Value, StatusCode) {
+        let url = "/keys";
+        self.service.post(url, content).await
+    }
+
+    pub async fn get_api_key(&self, key: impl AsRef<str>) -> (Value, StatusCode) {
+        let url = format!("/keys/{}", key.as_ref());
+        self.service.get(url).await
+    }
+
+    pub async fn patch_api_key(&self, key: impl AsRef<str>, content: Value) -> (Value, StatusCode) {
+        let url = format!("/keys/{}", key.as_ref());
+        self.service.patch(url, content).await
+    }
+
+    pub async fn list_api_keys(&self) -> (Value, StatusCode) {
+        let url = "/keys";
+        self.service.get(url).await
+    }
+
+    pub async fn delete_api_key(&self, key: impl AsRef<str>) -> (Value, StatusCode) {
+        let url = format!("/keys/{}", key.as_ref());
+        self.service.delete(url).await
+    }
+
+    pub async fn dummy_request(
+        &self,
+        method: impl AsRef<str>,
+        url: impl AsRef<str>,
+    ) -> (Value, StatusCode) {
+        match method.as_ref() {
+            "POST" => self.service.post(url, json!({})).await,
+            "PUT" => self.service.put(url, json!({})).await,
+            "PATCH" => self.service.patch(url, json!({})).await,
+            "GET" => self.service.get(url).await,
+            "DELETE" => self.service.delete(url).await,
+            _ => unreachable!(),
+        }
+    }
+}
--- a/meilisearch-http/tests/auth/payload.rs
+++ b/meilisearch-http/tests/auth/payload.rs
@ -0,0 +1,340 @@
+use crate::common::Server;
+use actix_web::test;
+use meilisearch_http::{analytics, create_app};
+use serde_json::{json, Value};
+
+#[actix_rt::test]
+async fn error_api_key_bad_content_types() {
+    let content = json!({
+        "indexes": ["products"],
+        "actions": [
+            "documents.add"
+        ],
+        "expiresAt": "2050-11-13T00:00:00Z"
+    });
+
+    let mut server = Server::new_auth().await;
+    server.use_api_key("MASTER_KEY");
+    let app = test::init_service(create_app!(
+        &server.service.meilisearch,
+        &server.service.auth,
+        true,
+        server.service.options,
+        analytics::MockAnalytics::new(&server.service.options).0
+    ))
+    .await;
+
+    // post
+    let req = test::TestRequest::post()
+        .uri("/keys")
+        .set_payload(content.to_string())
+        .insert_header(("content-type", "text/plain"))
+        .insert_header(("Authorization", "Bearer MASTER_KEY"))
+        .to_request();
+    let res = test::call_service(&app, req).await;
+    let status_code = res.status();
+    let body = test::read_body(res).await;
+    let response: Value = serde_json::from_slice(&body).unwrap_or_default();
+    assert_eq!(status_code, 415);
+    assert_eq!(
+        response["message"],
+        json!(
+            r#"The Content-Type `text/plain` is invalid. Accepted values for the Content-Type header are: `application/json`"#
+        )
+    );
+    assert_eq!(response["code"], "invalid_content_type");
+    assert_eq!(response["type"], "invalid_request");
+    assert_eq!(
+        response["link"],
+        "https://docs.meilisearch.com/errors#invalid_content_type"
+    );
+
+    // patch
+    let req = test::TestRequest::patch()
+        .uri("/keys/d0552b41536279a0ad88bd595327b96f01176a60c2243e906c52ac02375f9bc4")
+        .set_payload(content.to_string())
+        .insert_header(("content-type", "text/plain"))
+        .insert_header(("Authorization", "Bearer MASTER_KEY"))
+        .to_request();
+    let res = test::call_service(&app, req).await;
+    let status_code = res.status();
+    let body = test::read_body(res).await;
+    let response: Value = serde_json::from_slice(&body).unwrap_or_default();
+    assert_eq!(status_code, 415);
+    assert_eq!(
+        response["message"],
+        json!(
+            r#"The Content-Type `text/plain` is invalid. Accepted values for the Content-Type header are: `application/json`"#
+        )
+    );
+    assert_eq!(response["code"], "invalid_content_type");
+    assert_eq!(response["type"], "invalid_request");
+    assert_eq!(
+        response["link"],
+        "https://docs.meilisearch.com/errors#invalid_content_type"
+    );
+}
+
+#[actix_rt::test]
+async fn error_api_key_empty_content_types() {
+    let content = json!({
+        "indexes": ["products"],
+        "actions": [
+            "documents.add"
+        ],
+        "expiresAt": "2050-11-13T00:00:00Z"
+    });
+
+    let mut server = Server::new_auth().await;
+    server.use_api_key("MASTER_KEY");
+    let app = test::init_service(create_app!(
+        &server.service.meilisearch,
+        &server.service.auth,
+        true,
+        server.service.options,
+        analytics::MockAnalytics::new(&server.service.options).0
+    ))
+    .await;
+
+    // post
+    let req = test::TestRequest::post()
+        .uri("/keys")
+        .set_payload(content.to_string())
+        .insert_header(("content-type", ""))
+        .insert_header(("Authorization", "Bearer MASTER_KEY"))
+        .to_request();
+    let res = test::call_service(&app, req).await;
+    let status_code = res.status();
+    let body = test::read_body(res).await;
+    let response: Value = serde_json::from_slice(&body).unwrap_or_default();
+    assert_eq!(status_code, 415);
+    assert_eq!(
+        response["message"],
+        json!(
+            r#"The Content-Type `` is invalid. Accepted values for the Content-Type header are: `application/json`"#
+        )
+    );
+    assert_eq!(response["code"], "invalid_content_type");
+    assert_eq!(response["type"], "invalid_request");
+    assert_eq!(
+        response["link"],
+        "https://docs.meilisearch.com/errors#invalid_content_type"
+    );
+
+    // patch
+    let req = test::TestRequest::patch()
+        .uri("/keys/d0552b41536279a0ad88bd595327b96f01176a60c2243e906c52ac02375f9bc4")
+        .set_payload(content.to_string())
+        .insert_header(("content-type", ""))
+        .insert_header(("Authorization", "Bearer MASTER_KEY"))
+        .to_request();
+    let res = test::call_service(&app, req).await;
+    let status_code = res.status();
+    let body = test::read_body(res).await;
+    let response: Value = serde_json::from_slice(&body).unwrap_or_default();
+    assert_eq!(status_code, 415);
+    assert_eq!(
+        response["message"],
+        json!(
+            r#"The Content-Type `` is invalid. Accepted values for the Content-Type header are: `application/json`"#
+        )
+    );
+    assert_eq!(response["code"], "invalid_content_type");
+    assert_eq!(response["type"], "invalid_request");
+    assert_eq!(
+        response["link"],
+        "https://docs.meilisearch.com/errors#invalid_content_type"
+    );
+}
+
+#[actix_rt::test]
+async fn error_api_key_missing_content_types() {
+    let content = json!({
+        "indexes": ["products"],
+        "actions": [
+            "documents.add"
+        ],
+        "expiresAt": "2050-11-13T00:00:00Z"
+    });
+
+    let mut server = Server::new_auth().await;
+    server.use_api_key("MASTER_KEY");
+    let app = test::init_service(create_app!(
+        &server.service.meilisearch,
+        &server.service.auth,
+        true,
+        server.service.options,
+        analytics::MockAnalytics::new(&server.service.options).0
+    ))
+    .await;
+
+    // post
+    let req = test::TestRequest::post()
+        .uri("/keys")
+        .set_payload(content.to_string())
+        .insert_header(("Authorization", "Bearer MASTER_KEY"))
+        .to_request();
+    let res = test::call_service(&app, req).await;
+    let status_code = res.status();
+    let body = test::read_body(res).await;
+    let response: Value = serde_json::from_slice(&body).unwrap_or_default();
+    assert_eq!(status_code, 415);
+    assert_eq!(
+        response["message"],
+        json!(
+            r#"A Content-Type header is missing. Accepted values for the Content-Type header are: `application/json`"#
+        )
+    );
+    assert_eq!(response["code"], "missing_content_type");
+    assert_eq!(response["type"], "invalid_request");
+    assert_eq!(
+        response["link"],
+        "https://docs.meilisearch.com/errors#missing_content_type"
+    );
+
+    // patch
+    let req = test::TestRequest::patch()
+        .uri("/keys/d0552b41536279a0ad88bd595327b96f01176a60c2243e906c52ac02375f9bc4")
+        .set_payload(content.to_string())
+        .insert_header(("Authorization", "Bearer MASTER_KEY"))
+        .to_request();
+    let res = test::call_service(&app, req).await;
+    let status_code = res.status();
+    let body = test::read_body(res).await;
+    let response: Value = serde_json::from_slice(&body).unwrap_or_default();
+    assert_eq!(status_code, 415);
+    assert_eq!(
+        response["message"],
+        json!(
+            r#"A Content-Type header is missing. Accepted values for the Content-Type header are: `application/json`"#
+        )
+    );
+    assert_eq!(response["code"], "missing_content_type");
+    assert_eq!(response["type"], "invalid_request");
+    assert_eq!(
+        response["link"],
+        "https://docs.meilisearch.com/errors#missing_content_type"
+    );
+}
+
+#[actix_rt::test]
+async fn error_api_key_empty_payload() {
+    let content = "";
+
+    let mut server = Server::new_auth().await;
+    server.use_api_key("MASTER_KEY");
+    let app = test::init_service(create_app!(
+        &server.service.meilisearch,
+        &server.service.auth,
+        true,
+        server.service.options,
+        analytics::MockAnalytics::new(&server.service.options).0
+    ))
+    .await;
+
+    // post
+    let req = test::TestRequest::post()
+        .uri("/keys")
+        .set_payload(content)
+        .insert_header(("Authorization", "Bearer MASTER_KEY"))
+        .insert_header(("content-type", "application/json"))
+        .to_request();
+    let res = test::call_service(&app, req).await;
+    let status_code = res.status();
+    let body = test::read_body(res).await;
+    let response: Value = serde_json::from_slice(&body).unwrap_or_default();
+    assert_eq!(status_code, 400);
+    assert_eq!(response["code"], json!("missing_payload"));
+    assert_eq!(response["type"], json!("invalid_request"));
+    assert_eq!(
+        response["link"],
+        json!("https://docs.meilisearch.com/errors#missing_payload")
+    );
+    assert_eq!(response["message"], json!(r#"A json payload is missing."#));
+
+    // patch
+    let req = test::TestRequest::patch()
+        .uri("/keys/d0552b41536279a0ad88bd595327b96f01176a60c2243e906c52ac02375f9bc4")
+        .set_payload(content)
+        .insert_header(("Authorization", "Bearer MASTER_KEY"))
+        .insert_header(("content-type", "application/json"))
+        .to_request();
+    let res = test::call_service(&app, req).await;
+    let status_code = res.status();
+    let body = test::read_body(res).await;
+    let response: Value = serde_json::from_slice(&body).unwrap_or_default();
+    assert_eq!(status_code, 400);
+    assert_eq!(response["code"], json!("missing_payload"));
+    assert_eq!(response["type"], json!("invalid_request"));
+    assert_eq!(
+        response["link"],
+        json!("https://docs.meilisearch.com/errors#missing_payload")
+    );
+    assert_eq!(response["message"], json!(r#"A json payload is missing."#));
+}
+
+#[actix_rt::test]
+async fn error_api_key_malformed_payload() {
+    let content = r#"{"malormed": "payload""#;
+
+    let mut server = Server::new_auth().await;
+    server.use_api_key("MASTER_KEY");
+    let app = test::init_service(create_app!(
+        &server.service.meilisearch,
+        &server.service.auth,
+        true,
+        server.service.options,
+        analytics::MockAnalytics::new(&server.service.options).0
+    ))
+    .await;
+
+    // post
+    let req = test::TestRequest::post()
+        .uri("/keys")
+        .set_payload(content)
+        .insert_header(("Authorization", "Bearer MASTER_KEY"))
+        .insert_header(("content-type", "application/json"))
+        .to_request();
+    let res = test::call_service(&app, req).await;
+    let status_code = res.status();
+    let body = test::read_body(res).await;
+    let response: Value = serde_json::from_slice(&body).unwrap_or_default();
+    assert_eq!(status_code, 400);
+    assert_eq!(response["code"], json!("malformed_payload"));
+    assert_eq!(response["type"], json!("invalid_request"));
+    assert_eq!(
+        response["link"],
+        json!("https://docs.meilisearch.com/errors#malformed_payload")
+    );
+    assert_eq!(
+        response["message"],
+        json!(
+            r#"The json payload provided is malformed. `EOF while parsing an object at line 1 column 22`."#
+        )
+    );
+
+    // patch
+    let req = test::TestRequest::patch()
+        .uri("/keys/d0552b41536279a0ad88bd595327b96f01176a60c2243e906c52ac02375f9bc4")
+        .set_payload(content)
+        .insert_header(("Authorization", "Bearer MASTER_KEY"))
+        .insert_header(("content-type", "application/json"))
+        .to_request();
+    let res = test::call_service(&app, req).await;
+    let status_code = res.status();
+    let body = test::read_body(res).await;
+    let response: Value = serde_json::from_slice(&body).unwrap_or_default();
+    assert_eq!(status_code, 400);
+    assert_eq!(response["code"], json!("malformed_payload"));
+    assert_eq!(response["type"], json!("invalid_request"));
+    assert_eq!(
+        response["link"],
+        json!("https://docs.meilisearch.com/errors#malformed_payload")
+    );
+    assert_eq!(
+        response["message"],
+        json!(
+            r#"The json payload provided is malformed. `EOF while parsing an object at line 1 column 22`."#
+        )
+    );
+}
--- a/meilisearch-http/tests/auth/tenant_token.rs
+++ b/meilisearch-http/tests/auth/tenant_token.rs
@ -0,0 +1,584 @@
+use crate::common::Server;
+use ::time::format_description::well_known::Rfc3339;
+use maplit::hashmap;
+use once_cell::sync::Lazy;
+use serde_json::{json, Value};
+use std::collections::HashMap;
+use time::{Duration, OffsetDateTime};
+
+use super::authorization::{ALL_ACTIONS, AUTHORIZATIONS};
+
+fn generate_tenant_token(
+    parent_uid: impl AsRef<str>,
+    parent_key: impl AsRef<str>,
+    mut body: HashMap<&str, Value>,
+) -> String {
+    use jsonwebtoken::{encode, EncodingKey, Header};
+
+    let parent_uid = parent_uid.as_ref();
+    body.insert("apiKeyUid", json!(parent_uid));
+    encode(
+        &Header::default(),
+        &body,
+        &EncodingKey::from_secret(parent_key.as_ref().as_bytes()),
+    )
+    .unwrap()
+}
+
+static DOCUMENTS: Lazy<Value> = Lazy::new(|| {
+    json!([
+        {
+            "title": "Shazam!",
+            "id": "287947",
+            "color": ["green", "blue"]
+        },
+        {
+            "title": "Captain Marvel",
+            "id": "299537",
+            "color": ["yellow", "blue"]
+        },
+        {
+            "title": "Escape Room",
+            "id": "522681",
+            "color": ["yellow", "red"]
+        },
+        {
+            "title": "How to Train Your Dragon: The Hidden World",
+            "id": "166428",
+            "color": ["green", "red"]
+        },
+        {
+            "title": "Glass",
+            "id": "450465",
+            "color": ["blue", "red"]
+        }
+    ])
+});
+
+static INVALID_RESPONSE: Lazy<Value> = Lazy::new(|| {
+    json!({"message": "The provided API key is invalid.",
+        "code": "invalid_api_key",
+        "type": "auth",
+        "link": "https://docs.meilisearch.com/errors#invalid_api_key"
+    })
+});
+
+static ACCEPTED_KEYS: Lazy<Vec<Value>> = Lazy::new(|| {
+    vec![
+        json!({
+            "indexes": ["*"],
+            "actions": ["*"],
+            "expiresAt": (OffsetDateTime::now_utc() + Duration::days(1)).format(&Rfc3339).unwrap()
+        }),
+        json!({
+            "indexes": ["*"],
+            "actions": ["search"],
+            "expiresAt": (OffsetDateTime::now_utc() + Duration::days(1)).format(&Rfc3339).unwrap()
+        }),
+        json!({
+            "indexes": ["sales"],
+            "actions": ["*"],
+            "expiresAt": (OffsetDateTime::now_utc() + Duration::days(1)).format(&Rfc3339).unwrap()
+        }),
+        json!({
+            "indexes": ["sales"],
+            "actions": ["search"],
+            "expiresAt": (OffsetDateTime::now_utc() + Duration::days(1)).format(&Rfc3339).unwrap()
+        }),
+    ]
+});
+
+static REFUSED_KEYS: Lazy<Vec<Value>> = Lazy::new(|| {
+    vec![
+        // no search action
+        json!({
+            "indexes": ["*"],
+            "actions": ALL_ACTIONS.iter().cloned().filter(|a| *a != "search" && *a != "*").collect::<Vec<_>>(),
+            "expiresAt": (OffsetDateTime::now_utc() + Duration::days(1)).format(&Rfc3339).unwrap()
+        }),
+        json!({
+            "indexes": ["sales"],
+            "actions": ALL_ACTIONS.iter().cloned().filter(|a| *a != "search" && *a != "*").collect::<Vec<_>>(),
+            "expiresAt": (OffsetDateTime::now_utc() + Duration::days(1)).format(&Rfc3339).unwrap()
+        }),
+        // bad index
+        json!({
+            "indexes": ["products"],
+            "actions": ["*"],
+            "expiresAt": (OffsetDateTime::now_utc() + Duration::days(1)).format(&Rfc3339).unwrap()
+        }),
+        json!({
+            "indexes": ["products"],
+            "actions": ["search"],
+            "expiresAt": (OffsetDateTime::now_utc() + Duration::days(1)).format(&Rfc3339).unwrap()
+        }),
+    ]
+});
+
+macro_rules! compute_authorized_search {
+    ($tenant_tokens:expr, $filter:expr, $expected_count:expr) => {
+        let mut server = Server::new_auth().await;
+        server.use_admin_key("MASTER_KEY").await;
+        let index = server.index("sales");
+        let documents = DOCUMENTS.clone();
+        index.add_documents(documents, None).await;
+        index.wait_task(0).await;
+        index
+            .update_settings(json!({"filterableAttributes": ["color"]}))
+            .await;
+        index.wait_task(1).await;
+        drop(index);
+
+        for key_content in ACCEPTED_KEYS.iter() {
+            server.use_api_key("MASTER_KEY");
+            let (response, code) = server.add_api_key(key_content.clone()).await;
+            assert_eq!(code, 201);
+            let key = response["key"].as_str().unwrap();
+            let uid = response["uid"].as_str().unwrap();
+
+            for tenant_token in $tenant_tokens.iter() {
+                let web_token = generate_tenant_token(&uid, &key, tenant_token.clone());
+                server.use_api_key(&web_token);
+                let index = server.index("sales");
+                index
+                    .search(json!({ "filter": $filter }), |response, code| {
+                        assert_eq!(
+                            code, 200,
+                            "{} using tenant_token: {:?} generated with parent_key: {:?}",
+                            response, tenant_token, key_content
+                        );
+                        assert_eq!(
+                            response["hits"].as_array().unwrap().len(),
+                            $expected_count,
+                            "{} using tenant_token: {:?} generated with parent_key: {:?}",
+                            response,
+                            tenant_token,
+                            key_content
+                        );
+                    })
+                    .await;
+            }
+        }
+    };
+}
+
+macro_rules! compute_forbidden_search {
+    ($tenant_tokens:expr, $parent_keys:expr) => {
+        let mut server = Server::new_auth().await;
+        server.use_admin_key("MASTER_KEY").await;
+        let index = server.index("sales");
+        let documents = DOCUMENTS.clone();
+        index.add_documents(documents, None).await;
+        index.wait_task(0).await;
+        drop(index);
+
+        for key_content in $parent_keys.iter() {
+            server.use_api_key("MASTER_KEY");
+            let (response, code) = server.add_api_key(key_content.clone()).await;
+            assert_eq!(code, 201, "{:?}", response);
+            let key = response["key"].as_str().unwrap();
+            let uid = response["uid"].as_str().unwrap();
+
+            for tenant_token in $tenant_tokens.iter() {
+                let web_token = generate_tenant_token(&uid, &key, tenant_token.clone());
+                server.use_api_key(&web_token);
+                let index = server.index("sales");
+                index
+                    .search(json!({}), |response, code| {
+                        assert_eq!(
+                            response,
+                            INVALID_RESPONSE.clone(),
+                            "{} using tenant_token: {:?} generated with parent_key: {:?}",
+                            response,
+                            tenant_token,
+                            key_content
+                        );
+                        assert_eq!(
+                            code, 403,
+                            "{} using tenant_token: {:?} generated with parent_key: {:?}",
+                            response, tenant_token, key_content
+                        );
+                    })
+                    .await;
+            }
+        }
+    };
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn search_authorized_simple_token() {
+    let tenant_tokens = vec![
+        hashmap! {
+            "searchRules" => json!({"*": {}}),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!(["*"]),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({"sales": {}}),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!(["sales"]),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({"*": {}}),
+            "exp" => Value::Null
+        },
+        hashmap! {
+            "searchRules" => json!({"*": Value::Null}),
+            "exp" => Value::Null
+        },
+        hashmap! {
+            "searchRules" => json!(["*"]),
+            "exp" => Value::Null
+        },
+        hashmap! {
+            "searchRules" => json!({"sales": {}}),
+            "exp" => Value::Null
+        },
+        hashmap! {
+            "searchRules" => json!({"sales": Value::Null}),
+            "exp" => Value::Null
+        },
+        hashmap! {
+            "searchRules" => json!(["sales"]),
+            "exp" => Value::Null
+        },
+    ];
+
+    compute_authorized_search!(tenant_tokens, {}, 5);
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn search_authorized_filter_token() {
+    let tenant_tokens = vec![
+        hashmap! {
+            "searchRules" => json!({"*": {"filter": "color = blue"}}),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({"sales": {"filter": "color = blue"}}),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({"*": {"filter": ["color = blue"]}}),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({"sales": {"filter": ["color = blue"]}}),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        // filter on sales should override filters on *
+        hashmap! {
+            "searchRules" => json!({
+                "*": {"filter": "color = green"},
+                "sales": {"filter": "color = blue"}
+            }),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({
+                "*": {},
+                "sales": {"filter": "color = blue"}
+            }),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({
+                "*": {"filter": "color = green"},
+                "sales": {"filter": ["color = blue"]}
+            }),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({
+                "*": {},
+                "sales": {"filter": ["color = blue"]}
+            }),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+    ];
+
+    compute_authorized_search!(tenant_tokens, {}, 3);
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn filter_search_authorized_filter_token() {
+    let tenant_tokens = vec![
+        hashmap! {
+            "searchRules" => json!({"*": {"filter": "color = blue"}}),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({"sales": {"filter": "color = blue"}}),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({"*": {"filter": ["color = blue"]}}),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({"sales": {"filter": ["color = blue"]}}),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        // filter on sales should override filters on *
+        hashmap! {
+            "searchRules" => json!({
+                "*": {"filter": "color = green"},
+                "sales": {"filter": "color = blue"}
+            }),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({
+                "*": {},
+                "sales": {"filter": "color = blue"}
+            }),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({
+                "*": {"filter": "color = green"},
+                "sales": {"filter": ["color = blue"]}
+            }),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({
+                "*": {},
+                "sales": {"filter": ["color = blue"]}
+            }),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+    ];
+
+    compute_authorized_search!(tenant_tokens, "color = yellow", 1);
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn error_search_token_forbidden_parent_key() {
+    let tenant_tokens = vec![
+        hashmap! {
+            "searchRules" => json!({"*": {}}),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({"*": Value::Null}),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!(["*"]),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({"sales": {}}),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({"sales": Value::Null}),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!(["sales"]),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+    ];
+
+    compute_forbidden_search!(tenant_tokens, REFUSED_KEYS);
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn error_search_forbidden_token() {
+    let tenant_tokens = vec![
+        // bad index
+        hashmap! {
+            "searchRules" => json!({"products": {}}),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!(["products"]),
+            "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({"products": {}}),
+            "exp" => Value::Null
+        },
+        hashmap! {
+            "searchRules" => json!({"products": Value::Null}),
+            "exp" => Value::Null
+        },
+        hashmap! {
+            "searchRules" => json!(["products"]),
+            "exp" => Value::Null
+        },
+        // expired token
+        hashmap! {
+            "searchRules" => json!({"*": {}}),
+            "exp" => json!((OffsetDateTime::now_utc() - Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({"*": Value::Null}),
+            "exp" => json!((OffsetDateTime::now_utc() - Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!(["*"]),
+            "exp" => json!((OffsetDateTime::now_utc() - Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({"sales": {}}),
+            "exp" => json!((OffsetDateTime::now_utc() - Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!({"sales": Value::Null}),
+            "exp" => json!((OffsetDateTime::now_utc() - Duration::hours(1)).unix_timestamp())
+        },
+        hashmap! {
+            "searchRules" => json!(["sales"]),
+            "exp" => json!((OffsetDateTime::now_utc() - Duration::hours(1)).unix_timestamp())
+        },
+    ];
+
+    compute_forbidden_search!(tenant_tokens, ACCEPTED_KEYS);
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn error_access_forbidden_routes() {
+    let mut server = Server::new_auth().await;
+    server.use_api_key("MASTER_KEY");
+
+    let content = json!({
+        "indexes": ["*"],
+        "actions": ["*"],
+        "expiresAt": (OffsetDateTime::now_utc() + Duration::hours(1)).format(&Rfc3339).unwrap(),
+    });
+
+    let (response, code) = server.add_api_key(content).await;
+    assert_eq!(code, 201);
+    assert!(response["key"].is_string());
+
+    let key = response["key"].as_str().unwrap();
+    let uid = response["uid"].as_str().unwrap();
+
+    let tenant_token = hashmap! {
+        "searchRules" => json!(["*"]),
+        "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+    };
+    let web_token = generate_tenant_token(uid, key, tenant_token);
+    server.use_api_key(&web_token);
+
+    for ((method, route), actions) in AUTHORIZATIONS.iter() {
+        if !actions.contains("search") {
+            let (response, code) = server.dummy_request(method, route).await;
+            assert_eq!(response, INVALID_RESPONSE.clone());
+            assert_eq!(code, 403);
+        }
+    }
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn error_access_expired_parent_key() {
+    use std::{thread, time};
+    let mut server = Server::new_auth().await;
+    server.use_api_key("MASTER_KEY");
+
+    let content = json!({
+        "indexes": ["*"],
+        "actions": ["*"],
+        "expiresAt": (OffsetDateTime::now_utc() + Duration::seconds(1)).format(&Rfc3339).unwrap(),
+    });
+
+    let (response, code) = server.add_api_key(content).await;
+    assert_eq!(code, 201);
+    assert!(response["key"].is_string());
+
+    let key = response["key"].as_str().unwrap();
+    let uid = response["uid"].as_str().unwrap();
+
+    let tenant_token = hashmap! {
+        "searchRules" => json!(["*"]),
+        "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+    };
+    let web_token = generate_tenant_token(uid, key, tenant_token);
+    server.use_api_key(&web_token);
+
+    // test search request while parent_key is not expired
+    let (response, code) = server
+        .dummy_request("POST", "/indexes/products/search")
+        .await;
+    assert_ne!(response, INVALID_RESPONSE.clone());
+    assert_ne!(code, 403);
+
+    // wait until the key is expired.
+    thread::sleep(time::Duration::new(1, 0));
+
+    let (response, code) = server
+        .dummy_request("POST", "/indexes/products/search")
+        .await;
+    assert_eq!(response, INVALID_RESPONSE.clone());
+    assert_eq!(code, 403);
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn error_access_modified_token() {
+    let mut server = Server::new_auth().await;
+    server.use_api_key("MASTER_KEY");
+
+    let content = json!({
+        "indexes": ["*"],
+        "actions": ["*"],
+        "expiresAt": (OffsetDateTime::now_utc() + Duration::hours(1)).format(&Rfc3339).unwrap(),
+    });
+
+    let (response, code) = server.add_api_key(content).await;
+    assert_eq!(code, 201);
+    assert!(response["key"].is_string());
+
+    let key = response["key"].as_str().unwrap();
+    let uid = response["uid"].as_str().unwrap();
+
+    let tenant_token = hashmap! {
+        "searchRules" => json!(["products"]),
+        "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+    };
+    let web_token = generate_tenant_token(uid, key, tenant_token);
+    server.use_api_key(&web_token);
+
+    // test search request while web_token is valid
+    let (response, code) = server
+        .dummy_request("POST", "/indexes/products/search")
+        .await;
+    assert_ne!(response, INVALID_RESPONSE.clone());
+    assert_ne!(code, 403);
+
+    let tenant_token = hashmap! {
+        "searchRules" => json!(["*"]),
+        "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
+    };
+
+    let alt = generate_tenant_token(uid, key, tenant_token);
+    let altered_token = [
+        web_token.split('.').next().unwrap(),
+        alt.split('.').nth(1).unwrap(),
+        web_token.split('.').nth(2).unwrap(),
+    ]
+    .join(".");
+
+    server.use_api_key(&altered_token);
+    let (response, code) = server
+        .dummy_request("POST", "/indexes/products/search")
+        .await;
+    assert_eq!(response, INVALID_RESPONSE.clone());
+    assert_eq!(code, 403);
+}
--- a/meilisearch-http/tests/common/index.rs
+++ b/meilisearch-http/tests/common/index.rs
@ -1,31 +1,16 @@
 use std::{
+    fmt::Write,
    panic::{catch_unwind, resume_unwind, UnwindSafe},
    time::Duration,
 };

 use actix_web::http::StatusCode;
-use paste::paste;
 use serde_json::{json, Value};
 use tokio::time::sleep;
+use urlencoding::encode;

 use super::service::Service;

-macro_rules! make_settings_test_routes {
-    ($($name:ident),+) => {
-        $(paste! {
-            pub async fn [<update_$name>](&self, value: Value) -> (Value, StatusCode) {
-                let url = format!("/indexes/{}/settings/{}", self.uid, stringify!($name).replace("_", "-"));
-                self.service.post(url, value).await
-            }
-
-            pub async fn [<get_$name>](&self) -> (Value, StatusCode) {
-                let url = format!("/indexes/{}/settings/{}", self.uid, stringify!($name).replace("_", "-"));
-                self.service.get(url).await
-            }
-        })*
-    };
-}
-
 pub struct Index<'a> {
    pub uid: String,
    pub service: &'a Service,
@ -34,19 +19,19 @@ pub struct Index<'a> {
 #[allow(dead_code)]
 impl Index<'_> {
    pub async fn get(&self) -> (Value, StatusCode) {
-        let url = format!("/indexes/{}", self.uid);
+        let url = format!("/indexes/{}", encode(self.uid.as_ref()));
        self.service.get(url).await
    }

    pub async fn load_test_set(&self) -> u64 {
-        let url = format!("/indexes/{}/documents", self.uid);
+        let url = format!("/indexes/{}/documents", encode(self.uid.as_ref()));
        let (response, code) = self
            .service
            .post_str(url, include_str!("../assets/test_set.json"))
            .await;
        assert_eq!(code, 202);
-        let update_id = response["updateId"].as_i64().unwrap();
-        self.wait_update_id(update_id as u64).await;
+        let update_id = response["taskUid"].as_i64().unwrap();
+        self.wait_task(update_id as u64).await;
        update_id as u64
    }

@ -62,13 +47,13 @@ impl Index<'_> {
        let body = json!({
            "primaryKey": primary_key,
        });
-        let url = format!("/indexes/{}", self.uid);
+        let url = format!("/indexes/{}", encode(self.uid.as_ref()));

-        self.service.put(url, body).await
+        self.service.patch(url, body).await
    }

    pub async fn delete(&self) -> (Value, StatusCode) {
-        let url = format!("/indexes/{}", self.uid);
+        let url = format!("/indexes/{}", encode(self.uid.as_ref()));
        self.service.delete(url).await
    }

@ -78,8 +63,12 @@ impl Index<'_> {
        primary_key: Option<&str>,
    ) -> (Value, StatusCode) {
        let url = match primary_key {
-            Some(key) => format!("/indexes/{}/documents?primaryKey={}", self.uid, key),
-            None => format!("/indexes/{}/documents", self.uid),
+            Some(key) => format!(
+                "/indexes/{}/documents?primaryKey={}",
+                encode(self.uid.as_ref()),
+                key
+            ),
+            None => format!("/indexes/{}/documents", encode(self.uid.as_ref())),
        };
        self.service.post(url, documents).await
    }
@ -90,101 +79,120 @@ impl Index<'_> {
        primary_key: Option<&str>,
    ) -> (Value, StatusCode) {
        let url = match primary_key {
-            Some(key) => format!("/indexes/{}/documents?primaryKey={}", self.uid, key),
-            None => format!("/indexes/{}/documents", self.uid),
+            Some(key) => format!(
+                "/indexes/{}/documents?primaryKey={}",
+                encode(self.uid.as_ref()),
+                key
+            ),
+            None => format!("/indexes/{}/documents", encode(self.uid.as_ref())),
        };
        self.service.put(url, documents).await
    }

-    pub async fn wait_update_id(&self, update_id: u64) -> Value {
-        // try 10 times to get status, or panic to not wait forever
-        let url = format!("/indexes/{}/updates/{}", self.uid, update_id);
-        for _ in 0..10 {
+    pub async fn wait_task(&self, update_id: u64) -> Value {
+        // try several times to get status, or panic to not wait forever
+        let url = format!("/tasks/{}", update_id);
+        for _ in 0..100 {
            let (response, status_code) = self.service.get(&url).await;
-            assert_eq!(status_code, 200, "response: {}", response);
+            assert_eq!(200, status_code, "response: {}", response);

-            if response["status"] == "processed" || response["status"] == "failed" {
+            if response["status"] == "succeeded" || response["status"] == "failed" {
                return response;
            }

-            sleep(Duration::from_secs(1)).await;
+            // wait 0.5 second.
+            sleep(Duration::from_millis(500)).await;
        }
        panic!("Timeout waiting for update id");
    }

-    pub async fn get_update(&self, update_id: u64) -> (Value, StatusCode) {
-        let url = format!("/indexes/{}/updates/{}", self.uid, update_id);
+    pub async fn get_task(&self, update_id: u64) -> (Value, StatusCode) {
+        let url = format!("/tasks/{}", update_id);
        self.service.get(url).await
    }

-    pub async fn list_updates(&self) -> (Value, StatusCode) {
-        let url = format!("/indexes/{}/updates", self.uid);
+    pub async fn list_tasks(&self) -> (Value, StatusCode) {
+        let url = format!("/tasks?indexUid={}", self.uid);
+        self.service.get(url).await
+    }
+
+    pub async fn filtered_tasks(&self, type_: &[&str], status: &[&str]) -> (Value, StatusCode) {
+        let mut url = format!("/tasks?indexUid={}", self.uid);
+        if !type_.is_empty() {
+            let _ = write!(url, "&type={}", type_.join(","));
+        }
+        if !status.is_empty() {
+            let _ = write!(url, "&status={}", status.join(","));
+        }
        self.service.get(url).await
    }

    pub async fn get_document(
        &self,
        id: u64,
-        _options: Option<GetDocumentOptions>,
+        options: Option<GetDocumentOptions>,
    ) -> (Value, StatusCode) {
-        let url = format!("/indexes/{}/documents/{}", self.uid, id);
+        let mut url = format!("/indexes/{}/documents/{}", encode(self.uid.as_ref()), id);
+        if let Some(fields) = options.and_then(|o| o.fields) {
+            let _ = write!(url, "?fields={}", fields.join(","));
+        }
        self.service.get(url).await
    }

    pub async fn get_all_documents(&self, options: GetAllDocumentsOptions) -> (Value, StatusCode) {
-        let mut url = format!("/indexes/{}/documents?", self.uid);
+        let mut url = format!("/indexes/{}/documents?", encode(self.uid.as_ref()));
        if let Some(limit) = options.limit {
-            url.push_str(&format!("limit={}&", limit));
+            let _ = write!(url, "limit={}&", limit);
        }

        if let Some(offset) = options.offset {
-            url.push_str(&format!("offset={}&", offset));
+            let _ = write!(url, "offset={}&", offset);
        }

        if let Some(attributes_to_retrieve) = options.attributes_to_retrieve {
-            url.push_str(&format!(
-                "attributesToRetrieve={}&",
-                attributes_to_retrieve.join(",")
-            ));
+            let _ = write!(url, "fields={}&", attributes_to_retrieve.join(","));
        }

        self.service.get(url).await
    }

    pub async fn delete_document(&self, id: u64) -> (Value, StatusCode) {
-        let url = format!("/indexes/{}/documents/{}", self.uid, id);
+        let url = format!("/indexes/{}/documents/{}", encode(self.uid.as_ref()), id);
        self.service.delete(url).await
    }

    pub async fn clear_all_documents(&self) -> (Value, StatusCode) {
-        let url = format!("/indexes/{}/documents", self.uid);
+        let url = format!("/indexes/{}/documents", encode(self.uid.as_ref()));
        self.service.delete(url).await
    }

    pub async fn delete_batch(&self, ids: Vec<u64>) -> (Value, StatusCode) {
-        let url = format!("/indexes/{}/documents/delete-batch", self.uid);
+        let url = format!(
+            "/indexes/{}/documents/delete-batch",
+            encode(self.uid.as_ref())
+        );
        self.service
            .post(url, serde_json::to_value(&ids).unwrap())
            .await
    }

    pub async fn settings(&self) -> (Value, StatusCode) {
-        let url = format!("/indexes/{}/settings", self.uid);
+        let url = format!("/indexes/{}/settings", encode(self.uid.as_ref()));
        self.service.get(url).await
    }

    pub async fn update_settings(&self, settings: Value) -> (Value, StatusCode) {
-        let url = format!("/indexes/{}/settings", self.uid);
-        self.service.post(url, settings).await
+        let url = format!("/indexes/{}/settings", encode(self.uid.as_ref()));
+        self.service.patch(url, settings).await
    }

    pub async fn delete_settings(&self) -> (Value, StatusCode) {
-        let url = format!("/indexes/{}/settings", self.uid);
+        let url = format!("/indexes/{}/settings", encode(self.uid.as_ref()));
        self.service.delete(url).await
    }

    pub async fn stats(&self) -> (Value, StatusCode) {
-        let url = format!("/indexes/{}/stats", self.uid);
+        let url = format!("/indexes/{}/stats", encode(self.uid.as_ref()));
        self.service.get(url).await
    }

@ -209,20 +217,38 @@ impl Index<'_> {
    }

    pub async fn search_post(&self, query: Value) -> (Value, StatusCode) {
-        let url = format!("/indexes/{}/search", self.uid);
+        let url = format!("/indexes/{}/search", encode(self.uid.as_ref()));
        self.service.post(url, query).await
    }

    pub async fn search_get(&self, query: Value) -> (Value, StatusCode) {
-        let params = serde_url_params::to_string(&query).unwrap();
-        let url = format!("/indexes/{}/search?{}", self.uid, params);
+        let params = yaup::to_string(&query).unwrap();
+        let url = format!("/indexes/{}/search?{}", encode(self.uid.as_ref()), params);
        self.service.get(url).await
    }

-    make_settings_test_routes!(distinct_attribute);
+    pub async fn update_distinct_attribute(&self, value: Value) -> (Value, StatusCode) {
+        let url = format!(
+            "/indexes/{}/settings/{}",
+            encode(self.uid.as_ref()),
+            "distinct-attribute"
+        );
+        self.service.put(url, value).await
+    }
+
+    pub async fn get_distinct_attribute(&self) -> (Value, StatusCode) {
+        let url = format!(
+            "/indexes/{}/settings/{}",
+            encode(self.uid.as_ref()),
+            "distinct-attribute"
+        );
+        self.service.get(url).await
+    }
 }

-pub struct GetDocumentOptions;
+pub struct GetDocumentOptions {
+    pub fields: Option<Vec<&'static str>>,
+}

 #[derive(Debug, Default)]
 pub struct GetAllDocumentsOptions {
--- a/meilisearch-http/tests/common/mod.rs
+++ b/meilisearch-http/tests/common/mod.rs
@ -3,7 +3,7 @@ pub mod server;
 pub mod service;

 pub use index::{GetAllDocumentsOptions, GetDocumentOptions};
-pub use server::Server;
+pub use server::{default_settings, Server};

 /// Performs a search test on both post and get routes
 #[macro_export]
--- a/meilisearch-http/tests/common/server.rs
+++ b/meilisearch-http/tests/common/server.rs
@ -1,13 +1,16 @@
+#![allow(dead_code)]
+
+use clap::Parser;
 use std::path::Path;

 use actix_web::http::StatusCode;
 use byte_unit::{Byte, ByteUnit};
+use meilisearch_auth::AuthController;
 use meilisearch_http::setup_meilisearch;
 use meilisearch_lib::options::{IndexerOpts, MaxMemory};
 use once_cell::sync::Lazy;
 use serde_json::Value;
 use tempfile::TempDir;
-use urlencoding::encode;

 use meilisearch_http::option::Opt;

@ -20,7 +23,7 @@ pub struct Server {
    _dir: Option<TempDir>,
 }

-static TEST_TEMP_DIR: Lazy<TempDir> = Lazy::new(|| TempDir::new().unwrap());
+pub static TEST_TEMP_DIR: Lazy<TempDir> = Lazy::new(|| TempDir::new().unwrap());

 impl Server {
    pub async fn new() -> Self {
@ -35,9 +38,12 @@ impl Server {
        let options = default_settings(dir.path());

        let meilisearch = setup_meilisearch(&options).unwrap();
+        let auth = AuthController::new(&options.db_path, &options.master_key).unwrap();
        let service = Service {
            meilisearch,
+            auth,
            options,
+            api_key: None,
        };

        Server {
@ -46,29 +52,81 @@ impl Server {
        }
    }

-    pub async fn new_with_options(options: Opt) -> Self {
+    pub async fn new_auth_with_options(mut options: Opt, dir: TempDir) -> Self {
+        if cfg!(windows) {
+            std::env::set_var("TMP", TEST_TEMP_DIR.path());
+        } else {
+            std::env::set_var("TMPDIR", TEST_TEMP_DIR.path());
+        }
+
+        options.master_key = Some("MASTER_KEY".to_string());
+
        let meilisearch = setup_meilisearch(&options).unwrap();
+        let auth = AuthController::new(&options.db_path, &options.master_key).unwrap();
        let service = Service {
            meilisearch,
+            auth,
            options,
+            api_key: None,
        };

        Server {
            service,
-            _dir: None,
+            _dir: Some(dir),
        }
    }

+    pub async fn new_auth() -> Self {
+        let dir = TempDir::new().unwrap();
+        let options = default_settings(dir.path());
+        Self::new_auth_with_options(options, dir).await
+    }
+
+    pub async fn new_with_options(options: Opt) -> Result<Self, anyhow::Error> {
+        let meilisearch = setup_meilisearch(&options)?;
+        let auth = AuthController::new(&options.db_path, &options.master_key)?;
+        let service = Service {
+            meilisearch,
+            auth,
+            options,
+            api_key: None,
+        };
+
+        Ok(Server {
+            service,
+            _dir: None,
+        })
+    }
+
    /// Returns a view to an index. There is no guarantee that the index exists.
    pub fn index(&self, uid: impl AsRef<str>) -> Index<'_> {
        Index {
-            uid: encode(uid.as_ref()).to_string(),
+            uid: uid.as_ref().to_string(),
            service: &self.service,
        }
    }

-    pub async fn list_indexes(&self) -> (Value, StatusCode) {
-        self.service.get("/indexes").await
+    pub async fn list_indexes(
+        &self,
+        offset: Option<usize>,
+        limit: Option<usize>,
+    ) -> (Value, StatusCode) {
+        let (offset, limit) = (
+            offset.map(|offset| format!("offset={offset}")),
+            limit.map(|limit| format!("limit={limit}")),
+        );
+        let query_parameter = offset
+            .as_ref()
+            .zip(limit.as_ref())
+            .map(|(offset, limit)| format!("{offset}&{limit}"))
+            .or_else(|| offset.xor(limit));
+        if let Some(query_parameter) = query_parameter {
+            self.service
+                .get(format!("/indexes?{query_parameter}"))
+                .await
+        } else {
+            self.service.get("/indexes").await
+        }
    }

    pub async fn version(&self) -> (Value, StatusCode) {
@ -78,39 +136,34 @@ impl Server {
    pub async fn stats(&self) -> (Value, StatusCode) {
        self.service.get("/stats").await
    }
+
+    pub async fn tasks(&self) -> (Value, StatusCode) {
+        self.service.get("/tasks").await
+    }
+
+    pub async fn get_dump_status(&self, uid: &str) -> (Value, StatusCode) {
+        self.service.get(format!("/dumps/{}/status", uid)).await
+    }
 }

 pub fn default_settings(dir: impl AsRef<Path>) -> Opt {
    Opt {
        db_path: dir.as_ref().join("db"),
        dumps_dir: dir.as_ref().join("dump"),
-        http_addr: "127.0.0.1:7700".to_owned(),
-        master_key: None,
        env: "development".to_owned(),
        #[cfg(all(not(debug_assertions), feature = "analytics"))]
        no_analytics: true,
-        max_index_size: Byte::from_unit(4.0, ByteUnit::GiB).unwrap(),
-        max_udb_size: Byte::from_unit(4.0, ByteUnit::GiB).unwrap(),
+        max_index_size: Byte::from_unit(100.0, ByteUnit::MiB).unwrap(),
+        max_task_db_size: Byte::from_unit(1.0, ByteUnit::GiB).unwrap(),
        http_payload_size_limit: Byte::from_unit(10.0, ByteUnit::MiB).unwrap(),
-        ssl_cert_path: None,
-        ssl_key_path: None,
-        ssl_auth_path: None,
-        ssl_ocsp_path: None,
-        ssl_require_auth: false,
-        ssl_resumption: false,
-        ssl_tickets: false,
-        import_snapshot: None,
-        ignore_missing_snapshot: false,
-        ignore_snapshot_if_db_exists: false,
        snapshot_dir: ".".into(),
-        schedule_snapshot: false,
-        snapshot_interval_sec: 0,
-        import_dump: None,
        indexer_options: IndexerOpts {
            // memory has to be unlimited because several meilisearch are running in test context.
-            max_memory: MaxMemory::unlimited(),
-            ..Default::default()
+            max_indexing_memory: MaxMemory::unlimited(),
+            ..Parser::parse_from(None as Option<&str>)
        },
-        log_level: "off".into(),
+        #[cfg(feature = "metrics")]
+        enable_metrics_route: true,
+        ..Parser::parse_from(None as Option<&str>)
    }
 }
--- a/meilisearch-http/tests/common/service.rs
+++ b/meilisearch-http/tests/common/service.rs
@ -1,4 +1,5 @@
 use actix_web::{http::StatusCode, test};
+use meilisearch_auth::AuthController;
 use meilisearch_lib::MeiliSearch;
 use serde_json::Value;

@ -6,23 +7,27 @@ use meilisearch_http::{analytics, create_app, Opt};

 pub struct Service {
    pub meilisearch: MeiliSearch,
+    pub auth: AuthController,
    pub options: Opt,
+    pub api_key: Option<String>,
 }

 impl Service {
    pub async fn post(&self, url: impl AsRef<str>, body: Value) -> (Value, StatusCode) {
        let app = test::init_service(create_app!(
            &self.meilisearch,
+            &self.auth,
            true,
-            &self.options,
+            self.options,
            analytics::MockAnalytics::new(&self.options).0
        ))
        .await;

-        let req = test::TestRequest::post()
-            .uri(url.as_ref())
-            .set_json(&body)
-            .to_request();
+        let mut req = test::TestRequest::post().uri(url.as_ref()).set_json(&body);
+        if let Some(api_key) = &self.api_key {
+            req = req.insert_header(("Authorization", ["Bearer ", api_key].concat()));
+        }
+        let req = req.to_request();
        let res = test::call_service(&app, req).await;
        let status_code = res.status();

@ -39,17 +44,21 @@ impl Service {
    ) -> (Value, StatusCode) {
        let app = test::init_service(create_app!(
            &self.meilisearch,
+            &self.auth,
            true,
-            &self.options,
+            self.options,
            analytics::MockAnalytics::new(&self.options).0
        ))
        .await;

-        let req = test::TestRequest::post()
+        let mut req = test::TestRequest::post()
            .uri(url.as_ref())
            .set_payload(body.as_ref().to_string())
-            .insert_header(("content-type", "application/json"))
-            .to_request();
+            .insert_header(("content-type", "application/json"));
+        if let Some(api_key) = &self.api_key {
+            req = req.insert_header(("Authorization", ["Bearer ", api_key].concat()));
+        }
+        let req = req.to_request();
        let res = test::call_service(&app, req).await;
        let status_code = res.status();

@ -61,13 +70,18 @@ impl Service {
    pub async fn get(&self, url: impl AsRef<str>) -> (Value, StatusCode) {
        let app = test::init_service(create_app!(
            &self.meilisearch,
+            &self.auth,
            true,
-            &self.options,
+            self.options,
            analytics::MockAnalytics::new(&self.options).0
        ))
        .await;

-        let req = test::TestRequest::get().uri(url.as_ref()).to_request();
+        let mut req = test::TestRequest::get().uri(url.as_ref());
+        if let Some(api_key) = &self.api_key {
+            req = req.insert_header(("Authorization", ["Bearer ", api_key].concat()));
+        }
+        let req = req.to_request();
        let res = test::call_service(&app, req).await;
        let status_code = res.status();

@ -79,16 +93,41 @@ impl Service {
    pub async fn put(&self, url: impl AsRef<str>, body: Value) -> (Value, StatusCode) {
        let app = test::init_service(create_app!(
            &self.meilisearch,
+            &self.auth,
            true,
-            &self.options,
+            self.options,
            analytics::MockAnalytics::new(&self.options).0
        ))
        .await;

-        let req = test::TestRequest::put()
-            .uri(url.as_ref())
-            .set_json(&body)
-            .to_request();
+        let mut req = test::TestRequest::put().uri(url.as_ref()).set_json(&body);
+        if let Some(api_key) = &self.api_key {
+            req = req.insert_header(("Authorization", ["Bearer ", api_key].concat()));
+        }
+        let req = req.to_request();
+        let res = test::call_service(&app, req).await;
+        let status_code = res.status();
+
+        let body = test::read_body(res).await;
+        let response = serde_json::from_slice(&body).unwrap_or_default();
+        (response, status_code)
+    }
+
+    pub async fn patch(&self, url: impl AsRef<str>, body: Value) -> (Value, StatusCode) {
+        let app = test::init_service(create_app!(
+            &self.meilisearch,
+            &self.auth,
+            true,
+            self.options,
+            analytics::MockAnalytics::new(&self.options).0
+        ))
+        .await;
+
+        let mut req = test::TestRequest::patch().uri(url.as_ref()).set_json(&body);
+        if let Some(api_key) = &self.api_key {
+            req = req.insert_header(("Authorization", ["Bearer ", api_key].concat()));
+        }
+        let req = req.to_request();
        let res = test::call_service(&app, req).await;
        let status_code = res.status();

@ -100,13 +139,18 @@ impl Service {
    pub async fn delete(&self, url: impl AsRef<str>) -> (Value, StatusCode) {
        let app = test::init_service(create_app!(
            &self.meilisearch,
+            &self.auth,
            true,
-            &self.options,
+            self.options,
            analytics::MockAnalytics::new(&self.options).0
        ))
        .await;

-        let req = test::TestRequest::delete().uri(url.as_ref()).to_request();
+        let mut req = test::TestRequest::delete().uri(url.as_ref());
+        if let Some(api_key) = &self.api_key {
+            req = req.insert_header(("Authorization", ["Bearer ", api_key].concat()));
+        }
+        let req = req.to_request();
        let res = test::call_service(&app, req).await;
        let status_code = res.status();

--- a/meilisearch-http/tests/content_type.rs
+++ b/meilisearch-http/tests/content_type.rs
@ -7,23 +7,45 @@ use actix_web::test;
 use meilisearch_http::{analytics, create_app};
 use serde_json::{json, Value};

+enum HttpVerb {
+    Put,
+    Patch,
+    Post,
+    Get,
+    Delete,
+}
+
+impl HttpVerb {
+    fn test_request(&self) -> test::TestRequest {
+        match self {
+            HttpVerb::Put => test::TestRequest::put(),
+            HttpVerb::Patch => test::TestRequest::patch(),
+            HttpVerb::Post => test::TestRequest::post(),
+            HttpVerb::Get => test::TestRequest::get(),
+            HttpVerb::Delete => test::TestRequest::delete(),
+        }
+    }
+}
+
 #[actix_rt::test]
 async fn error_json_bad_content_type() {
+    use HttpVerb::{Patch, Post, Put};
+
    let routes = [
-        // all the POST routes except the dumps that can be created without any body or content-type
+        // all the routes except the dumps that can be created without any body or content-type
        // and the search that is not a strict json
-        "/indexes",
-        "/indexes/doggo/documents/delete-batch",
-        "/indexes/doggo/search",
-        "/indexes/doggo/settings",
-        "/indexes/doggo/settings/displayed-attributes",
-        "/indexes/doggo/settings/distinct-attribute",
-        "/indexes/doggo/settings/filterable-attributes",
-        "/indexes/doggo/settings/ranking-rules",
-        "/indexes/doggo/settings/searchable-attributes",
-        "/indexes/doggo/settings/sortable-attributes",
-        "/indexes/doggo/settings/stop-words",
-        "/indexes/doggo/settings/synonyms",
+        (Post, "/indexes"),
+        (Post, "/indexes/doggo/documents/delete-batch"),
+        (Post, "/indexes/doggo/search"),
+        (Patch, "/indexes/doggo/settings"),
+        (Put, "/indexes/doggo/settings/displayed-attributes"),
+        (Put, "/indexes/doggo/settings/distinct-attribute"),
+        (Put, "/indexes/doggo/settings/filterable-attributes"),
+        (Put, "/indexes/doggo/settings/ranking-rules"),
+        (Put, "/indexes/doggo/settings/searchable-attributes"),
+        (Put, "/indexes/doggo/settings/sortable-attributes"),
+        (Put, "/indexes/doggo/settings/stop-words"),
+        (Put, "/indexes/doggo/settings/synonyms"),
    ];
    let bad_content_types = [
        "application/csv",
@ -39,15 +61,17 @@ async fn error_json_bad_content_type() {
    let server = Server::new().await;
    let app = test::init_service(create_app!(
        &server.service.meilisearch,
+        &server.service.auth,
        true,
-        &server.service.options,
+        server.service.options,
        analytics::MockAnalytics::new(&server.service.options).0
    ))
    .await;
-    for route in routes {
+    for (verb, route) in routes {
        // Good content-type, we probably have an error since we didn't send anything in the json
        // so we only ensure we didn't get a bad media type error.
-        let req = test::TestRequest::post()
+        let req = verb
+            .test_request()
            .uri(route)
            .set_payload(document)
            .insert_header(("content-type", "application/json"))
@ -58,7 +82,8 @@ async fn error_json_bad_content_type() {
        "calling the route `{}` with a content-type of json isn't supposed to throw a bad media type error", route);

        // No content-type.
-        let req = test::TestRequest::post()
+        let req = verb
+            .test_request()
            .uri(route)
            .set_payload(document)
            .to_request();
@ -81,7 +106,8 @@ async fn error_json_bad_content_type() {

        for bad_content_type in bad_content_types {
            // Always bad content-type
-            let req = test::TestRequest::post()
+            let req = verb
+                .test_request()
                .uri(route)
                .set_payload(document.to_string())
                .insert_header(("content-type", bad_content_type))
@ -110,3 +136,40 @@ async fn error_json_bad_content_type() {
        }
    }
 }
+
+#[actix_rt::test]
+async fn extract_actual_content_type() {
+    let route = "/indexes/doggo/documents";
+    let documents = "[{}]";
+    let server = Server::new().await;
+    let app = test::init_service(create_app!(
+        &server.service.meilisearch,
+        &server.service.auth,
+        true,
+        server.service.options,
+        analytics::MockAnalytics::new(&server.service.options).0
+    ))
+    .await;
+
+    // Good content-type, we probably have an error since we didn't send anything in the json
+    // so we only ensure we didn't get a bad media type error.
+    let req = test::TestRequest::post()
+        .uri(route)
+        .set_payload(documents)
+        .insert_header(("content-type", "application/json; charset=utf-8"))
+        .to_request();
+    let res = test::call_service(&app, req).await;
+    let status_code = res.status();
+    assert_ne!(status_code, 415,
+    "calling the route `{}` with a content-type of json isn't supposed to throw a bad media type error", route);
+
+    let req = test::TestRequest::put()
+        .uri(route)
+        .set_payload(documents)
+        .insert_header(("content-type", "application/json; charset=latin-1"))
+        .to_request();
+    let res = test::call_service(&app, req).await;
+    let status_code = res.status();
+    assert_ne!(status_code, 415,
+    "calling the route `{}` with a content-type of json isn't supposed to throw a bad media type error", route);
+}
--- a/meilisearch-http/tests/documents/add_documents.rs
+++ b/meilisearch-http/tests/documents/add_documents.rs
@ -1,8 +1,9 @@
 use crate::common::{GetAllDocumentsOptions, Server};
 use actix_web::test;
-use chrono::DateTime;
+
 use meilisearch_http::{analytics, create_app};
 use serde_json::{json, Value};
+use time::{format_description::well_known::Rfc3339, OffsetDateTime};

 /// This is the basic usage of our API and every other tests uses the content-type application/json
 #[actix_rt::test]
@ -18,8 +19,9 @@ async fn add_documents_test_json_content_types() {
    let server = Server::new().await;
    let app = test::init_service(create_app!(
        &server.service.meilisearch,
+        &server.service.auth,
        true,
-        &server.service.options,
+        server.service.options,
        analytics::MockAnalytics::new(&server.service.options).0
    ))
    .await;
@ -34,7 +36,7 @@ async fn add_documents_test_json_content_types() {
    let body = test::read_body(res).await;
    let response: Value = serde_json::from_slice(&body).unwrap_or_default();
    assert_eq!(status_code, 202);
-    assert_eq!(response, json!({ "updateId": 0 }));
+    assert_eq!(response["taskUid"], 0);

    // put
    let req = test::TestRequest::put()
@ -47,7 +49,52 @@ async fn add_documents_test_json_content_types() {
    let body = test::read_body(res).await;
    let response: Value = serde_json::from_slice(&body).unwrap_or_default();
    assert_eq!(status_code, 202);
-    assert_eq!(response, json!({ "updateId": 1 }));
+    assert_eq!(response["taskUid"], 1);
+}
+
+/// Here we try to send a single document instead of an array with a single document inside.
+#[actix_rt::test]
+async fn add_single_document_test_json_content_types() {
+    let document = json!({
+        "id": 1,
+        "content": "Bouvier Bernois",
+    });
+
+    // this is a what is expected and should work
+    let server = Server::new().await;
+    let app = test::init_service(create_app!(
+        &server.service.meilisearch,
+        &server.service.auth,
+        true,
+        server.service.options,
+        analytics::MockAnalytics::new(&server.service.options).0
+    ))
+    .await;
+    // post
+    let req = test::TestRequest::post()
+        .uri("/indexes/dog/documents")
+        .set_payload(document.to_string())
+        .insert_header(("content-type", "application/json"))
+        .to_request();
+    let res = test::call_service(&app, req).await;
+    let status_code = res.status();
+    let body = test::read_body(res).await;
+    let response: Value = serde_json::from_slice(&body).unwrap_or_default();
+    assert_eq!(status_code, 202);
+    assert_eq!(response["taskUid"], 0);
+
+    // put
+    let req = test::TestRequest::put()
+        .uri("/indexes/dog/documents")
+        .set_payload(document.to_string())
+        .insert_header(("content-type", "application/json"))
+        .to_request();
+    let res = test::call_service(&app, req).await;
+    let status_code = res.status();
+    let body = test::read_body(res).await;
+    let response: Value = serde_json::from_slice(&body).unwrap_or_default();
+    assert_eq!(status_code, 202);
+    assert_eq!(response["taskUid"], 1);
 }

 /// any other content-type is must be refused
@ -63,8 +110,9 @@ async fn error_add_documents_test_bad_content_types() {
    let server = Server::new().await;
    let app = test::init_service(create_app!(
        &server.service.meilisearch,
+        &server.service.auth,
        true,
-        &server.service.options,
+        server.service.options,
        analytics::MockAnalytics::new(&server.service.options).0
    ))
    .await;
@ -130,8 +178,9 @@ async fn error_add_documents_test_no_content_type() {
    let server = Server::new().await;
    let app = test::init_service(create_app!(
        &server.service.meilisearch,
+        &server.service.auth,
        true,
-        &server.service.options,
+        server.service.options,
        analytics::MockAnalytics::new(&server.service.options).0
    ))
    .await;
@ -189,8 +238,9 @@ async fn error_add_malformed_csv_documents() {
    let server = Server::new().await;
    let app = test::init_service(create_app!(
        &server.service.meilisearch,
+        &server.service.auth,
        true,
-        &server.service.options,
+        server.service.options,
        analytics::MockAnalytics::new(&server.service.options).0
    ))
    .await;
@ -208,7 +258,7 @@ async fn error_add_malformed_csv_documents() {
    assert_eq!(
        response["message"],
        json!(
-            r#"The `csv` payload provided is malformed. `CSV error: record 1 (line: 2, byte: 12): found record with 3 fields, but the previous record has 2 fields`."#
+            r#"The `csv` payload provided is malformed: `CSV error: record 1 (line: 2, byte: 12): found record with 3 fields, but the previous record has 2 fields`."#
        )
    );
    assert_eq!(response["code"], json!("malformed_payload"));
@ -232,7 +282,7 @@ async fn error_add_malformed_csv_documents() {
    assert_eq!(
        response["message"],
        json!(
-            r#"The `csv` payload provided is malformed. `CSV error: record 1 (line: 2, byte: 12): found record with 3 fields, but the previous record has 2 fields`."#
+            r#"The `csv` payload provided is malformed: `CSV error: record 1 (line: 2, byte: 12): found record with 3 fields, but the previous record has 2 fields`."#
        )
    );
    assert_eq!(response["code"], json!("malformed_payload"));
@ -250,8 +300,9 @@ async fn error_add_malformed_json_documents() {
    let server = Server::new().await;
    let app = test::init_service(create_app!(
        &server.service.meilisearch,
+        &server.service.auth,
        true,
-        &server.service.options,
+        server.service.options,
        analytics::MockAnalytics::new(&server.service.options).0
    ))
    .await;
@ -302,6 +353,56 @@ async fn error_add_malformed_json_documents() {
        response["link"],
        json!("https://docs.meilisearch.com/errors#malformed_payload")
    );
+
+    // truncate
+
+    // length = 100
+    let long = "0123456789".repeat(10);
+
+    let document = format!("\"{}\"", long);
+    let req = test::TestRequest::put()
+        .uri("/indexes/dog/documents")
+        .set_payload(document)
+        .insert_header(("content-type", "application/json"))
+        .to_request();
+    let res = test::call_service(&app, req).await;
+    let body = test::read_body(res).await;
+    let response: Value = serde_json::from_slice(&body).unwrap_or_default();
+    assert_eq!(status_code, 400);
+    assert_eq!(
+        response["message"],
+        json!(
+            r#"The `json` payload provided is malformed. `Couldn't serialize document value: data did not match any variant of untagged enum Either`."#
+        )
+    );
+    assert_eq!(response["code"], json!("malformed_payload"));
+    assert_eq!(response["type"], json!("invalid_request"));
+    assert_eq!(
+        response["link"],
+        json!("https://docs.meilisearch.com/errors#malformed_payload")
+    );
+
+    // add one more char to the long string to test if the truncating works.
+    let document = format!("\"{}m\"", long);
+    let req = test::TestRequest::put()
+        .uri("/indexes/dog/documents")
+        .set_payload(document)
+        .insert_header(("content-type", "application/json"))
+        .to_request();
+    let res = test::call_service(&app, req).await;
+    let body = test::read_body(res).await;
+    let response: Value = serde_json::from_slice(&body).unwrap_or_default();
+    assert_eq!(status_code, 400);
+    assert_eq!(
+        response["message"],
+        json!("The `json` payload provided is malformed. `Couldn't serialize document value: data did not match any variant of untagged enum Either`.")
+    );
+    assert_eq!(response["code"], json!("malformed_payload"));
+    assert_eq!(response["type"], json!("invalid_request"));
+    assert_eq!(
+        response["link"],
+        json!("https://docs.meilisearch.com/errors#malformed_payload")
+    );
 }

 #[actix_rt::test]
@ -311,8 +412,9 @@ async fn error_add_malformed_ndjson_documents() {
    let server = Server::new().await;
    let app = test::init_service(create_app!(
        &server.service.meilisearch,
+        &server.service.auth,
        true,
-        &server.service.options,
+        server.service.options,
        analytics::MockAnalytics::new(&server.service.options).0
    ))
    .await;
@ -330,7 +432,7 @@ async fn error_add_malformed_ndjson_documents() {
    assert_eq!(
        response["message"],
        json!(
-            r#"The `ndjson` payload provided is malformed. `Couldn't serialize document value: key must be a string at line 1 column 2`."#
+            r#"The `ndjson` payload provided is malformed. `Couldn't serialize document value: key must be a string at line 2 column 2`."#
        )
    );
    assert_eq!(response["code"], json!("malformed_payload"));
@ -353,9 +455,7 @@ async fn error_add_malformed_ndjson_documents() {
    assert_eq!(status_code, 400);
    assert_eq!(
        response["message"],
-        json!(
-            r#"The `ndjson` payload provided is malformed. `Couldn't serialize document value: key must be a string at line 1 column 2`."#
-        )
+        json!("The `ndjson` payload provided is malformed. `Couldn't serialize document value: key must be a string at line 2 column 2`.")
    );
    assert_eq!(response["code"], json!("malformed_payload"));
    assert_eq!(response["type"], json!("invalid_request"));
@ -372,8 +472,9 @@ async fn error_add_missing_payload_csv_documents() {
    let server = Server::new().await;
    let app = test::init_service(create_app!(
        &server.service.meilisearch,
+        &server.service.auth,
        true,
-        &server.service.options,
+        server.service.options,
        analytics::MockAnalytics::new(&server.service.options).0
    ))
    .await;
@ -423,8 +524,9 @@ async fn error_add_missing_payload_json_documents() {
    let server = Server::new().await;
    let app = test::init_service(create_app!(
        &server.service.meilisearch,
+        &server.service.auth,
        true,
-        &server.service.options,
+        server.service.options,
        analytics::MockAnalytics::new(&server.service.options).0
    ))
    .await;
@ -474,8 +576,9 @@ async fn error_add_missing_payload_ndjson_documents() {
    let server = Server::new().await;
    let app = test::init_service(create_app!(
        &server.service.meilisearch,
+        &server.service.auth,
        true,
-        &server.service.options,
+        server.service.options,
        analytics::MockAnalytics::new(&server.service.options).0
    ))
    .await;
@ -538,7 +641,7 @@ async fn add_documents_no_index_creation() {

    let (response, code) = index.add_documents(documents, None).await;
    assert_eq!(code, 202);
-    assert_eq!(response["updateId"], 0);
+    assert_eq!(response["taskUid"], 0);
    /*
     * currently we don’t check these field to stay ISO with meilisearch
     * assert_eq!(response["status"], "pending");
@ -548,22 +651,23 @@ async fn add_documents_no_index_creation() {
     * assert!(response.get("enqueuedAt").is_some());
     */

-    index.wait_update_id(0).await;
+    index.wait_task(0).await;

-    let (response, code) = index.get_update(0).await;
+    let (response, code) = index.get_task(0).await;
    assert_eq!(code, 200);
-    assert_eq!(response["status"], "processed");
-    assert_eq!(response["updateId"], 0);
-    assert_eq!(response["type"]["name"], "DocumentsAddition");
-    assert_eq!(response["type"]["number"], 1);
+    assert_eq!(response["status"], "succeeded");
+    assert_eq!(response["uid"], 0);
+    assert_eq!(response["type"], "documentAdditionOrUpdate");
+    assert_eq!(response["details"]["receivedDocuments"], 1);
+    assert_eq!(response["details"]["indexedDocuments"], 1);

    let processed_at =
-        DateTime::parse_from_rfc3339(response["processedAt"].as_str().unwrap()).unwrap();
+        OffsetDateTime::parse(response["finishedAt"].as_str().unwrap(), &Rfc3339).unwrap();
    let enqueued_at =
-        DateTime::parse_from_rfc3339(response["enqueuedAt"].as_str().unwrap()).unwrap();
+        OffsetDateTime::parse(response["enqueuedAt"].as_str().unwrap(), &Rfc3339).unwrap();
    assert!(processed_at > enqueued_at);

-    // index was created, and primary key was infered.
+    // index was created, and primary key was inferred.
    let (response, code) = index.get().await;
    assert_eq!(code, 200);
    assert_eq!(response["primaryKey"], "id");
@ -573,34 +677,34 @@ async fn add_documents_no_index_creation() {
 async fn error_document_add_create_index_bad_uid() {
    let server = Server::new().await;
    let index = server.index("883  fj!");
-    let (response, code) = index.add_documents(json!([]), None).await;
+    let (response, code) = index.add_documents(json!([{"id": 1}]), None).await;

    let expected_response = json!({
-        "message": "`883  fj!` is not a valid index uid. Index uid can be an integer or a string containing only alphanumeric characters, hyphens (-) and underscores (_).",
+        "message": "invalid index uid `883  fj!`, the uid must be an integer or a string containing only alphanumeric characters a-z A-Z 0-9, hyphens - and underscores _.",
        "code": "invalid_index_uid",
        "type": "invalid_request",
        "link": "https://docs.meilisearch.com/errors#invalid_index_uid"
    });

-    assert_eq!(response, expected_response);
    assert_eq!(code, 400);
+    assert_eq!(response, expected_response);
 }

 #[actix_rt::test]
 async fn error_document_update_create_index_bad_uid() {
    let server = Server::new().await;
    let index = server.index("883  fj!");
-    let (response, code) = index.update_documents(json!([]), None).await;
+    let (response, code) = index.update_documents(json!([{"id": 1}]), None).await;

    let expected_response = json!({
-        "message": "`883  fj!` is not a valid index uid. Index uid can be an integer or a string containing only alphanumeric characters, hyphens (-) and underscores (_).",
+        "message": "invalid index uid `883  fj!`, the uid must be an integer or a string containing only alphanumeric characters a-z A-Z 0-9, hyphens - and underscores _.",
        "code": "invalid_index_uid",
        "type": "invalid_request",
        "link": "https://docs.meilisearch.com/errors#invalid_index_uid"
    });

-    assert_eq!(response, expected_response);
    assert_eq!(code, 400);
+    assert_eq!(response, expected_response);
 }

 #[actix_rt::test]
@ -617,14 +721,15 @@ async fn document_addition_with_primary_key() {
    let (response, code) = index.add_documents(documents, Some("primary")).await;
    assert_eq!(code, 202, "response: {}", response);

-    index.wait_update_id(0).await;
+    index.wait_task(0).await;

-    let (response, code) = index.get_update(0).await;
+    let (response, code) = index.get_task(0).await;
    assert_eq!(code, 200);
-    assert_eq!(response["status"], "processed");
-    assert_eq!(response["updateId"], 0);
-    assert_eq!(response["type"]["name"], "DocumentsAddition");
-    assert_eq!(response["type"]["number"], 1);
+    assert_eq!(response["status"], "succeeded");
+    assert_eq!(response["uid"], 0);
+    assert_eq!(response["type"], "documentAdditionOrUpdate");
+    assert_eq!(response["details"]["receivedDocuments"], 1);
+    assert_eq!(response["details"]["indexedDocuments"], 1);

    let (response, code) = index.get().await;
    assert_eq!(code, 200);
@ -645,14 +750,15 @@ async fn document_update_with_primary_key() {
    let (_response, code) = index.update_documents(documents, Some("primary")).await;
    assert_eq!(code, 202);

-    index.wait_update_id(0).await;
+    index.wait_task(0).await;

-    let (response, code) = index.get_update(0).await;
+    let (response, code) = index.get_task(0).await;
    assert_eq!(code, 200);
-    assert_eq!(response["status"], "processed");
-    assert_eq!(response["updateId"], 0);
-    assert_eq!(response["type"]["name"], "DocumentsPartial");
-    assert_eq!(response["type"]["number"], 1);
+    assert_eq!(response["status"], "succeeded");
+    assert_eq!(response["uid"], 0);
+    assert_eq!(response["type"], "documentAdditionOrUpdate");
+    assert_eq!(response["details"]["indexedDocuments"], 1);
+    assert_eq!(response["details"]["receivedDocuments"], 1);

    let (response, code) = index.get().await;
    assert_eq!(code, 200);
@ -674,7 +780,7 @@ async fn replace_document() {
    let (response, code) = index.add_documents(documents, None).await;
    assert_eq!(code, 202, "response: {}", response);

-    index.wait_update_id(0).await;
+    index.wait_task(0).await;

    let documents = json!([
        {
@ -686,11 +792,11 @@ async fn replace_document() {
    let (_response, code) = index.add_documents(documents, None).await;
    assert_eq!(code, 202);

-    index.wait_update_id(1).await;
+    index.wait_task(1).await;

-    let (response, code) = index.get_update(1).await;
+    let (response, code) = index.get_task(1).await;
    assert_eq!(code, 200);
-    assert_eq!(response["status"], "processed");
+    assert_eq!(response["status"], "succeeded");

    let (response, code) = index.get_document(1, None).await;
    assert_eq!(code, 200);
@ -698,20 +804,11 @@ async fn replace_document() {
 }

 #[actix_rt::test]
-async fn error_add_no_documents() {
+async fn add_no_documents() {
    let server = Server::new().await;
    let index = server.index("test");
-    let (response, code) = index.add_documents(json!([]), None).await;
-
-    let expected_response = json!({
-        "message": "The `json` payload must contain at least one document.",
-        "code": "malformed_payload",
-        "type": "invalid_request",
-        "link": "https://docs.meilisearch.com/errors#malformed_payload"
-    });
-
-    assert_eq!(response, expected_response);
-    assert_eq!(code, 400);
+    let (_response, code) = index.add_documents(json!([]), None).await;
+    assert_eq!(code, 202);
 }

 #[actix_rt::test]
@ -729,7 +826,7 @@ async fn update_document() {
    let (_response, code) = index.add_documents(documents, None).await;
    assert_eq!(code, 202);

-    index.wait_update_id(0).await;
+    index.wait_task(0).await;

    let documents = json!([
        {
@ -741,11 +838,11 @@ async fn update_document() {
    let (response, code) = index.update_documents(documents, None).await;
    assert_eq!(code, 202, "response: {}", response);

-    index.wait_update_id(1).await;
+    index.wait_task(1).await;

-    let (response, code) = index.get_update(1).await;
+    let (response, code) = index.get_task(1).await;
    assert_eq!(code, 200);
-    assert_eq!(response["status"], "processed");
+    assert_eq!(response["status"], "succeeded");

    let (response, code) = index.get_document(1, None).await;
    assert_eq!(code, 200);
@ -760,19 +857,20 @@ async fn add_larger_dataset() {
    let server = Server::new().await;
    let index = server.index("test");
    let update_id = index.load_test_set().await;
-    let (response, code) = index.get_update(update_id).await;
+    let (response, code) = index.get_task(update_id).await;
    assert_eq!(code, 200);
-    assert_eq!(response["status"], "processed");
-    assert_eq!(response["type"]["name"], "DocumentsAddition");
-    assert_eq!(response["type"]["number"], 77);
+    assert_eq!(response["status"], "succeeded");
+    assert_eq!(response["type"], "documentAdditionOrUpdate");
+    assert_eq!(response["details"]["indexedDocuments"], 77);
+    assert_eq!(response["details"]["receivedDocuments"], 77);
    let (response, code) = index
        .get_all_documents(GetAllDocumentsOptions {
            limit: Some(1000),
            ..Default::default()
        })
        .await;
-    assert_eq!(code, 200);
-    assert_eq!(response.as_array().unwrap().len(), 77);
+    assert_eq!(code, 200, "failed with `{}`", response);
+    assert_eq!(response["results"].as_array().unwrap().len(), 77);
 }

 #[actix_rt::test]
@ -781,11 +879,11 @@ async fn update_larger_dataset() {
    let index = server.index("test");
    let documents = serde_json::from_str(include_str!("../assets/test_set.json")).unwrap();
    index.update_documents(documents, None).await;
-    index.wait_update_id(0).await;
-    let (response, code) = index.get_update(0).await;
+    index.wait_task(0).await;
+    let (response, code) = index.get_task(0).await;
    assert_eq!(code, 200);
-    assert_eq!(response["type"]["name"], "DocumentsPartial");
-    assert_eq!(response["type"]["number"], 77);
+    assert_eq!(response["type"], "documentAdditionOrUpdate");
+    assert_eq!(response["details"]["indexedDocuments"], 77);
    let (response, code) = index
        .get_all_documents(GetAllDocumentsOptions {
            limit: Some(1000),
@ -793,7 +891,7 @@ async fn update_larger_dataset() {
        })
        .await;
    assert_eq!(code, 200);
-    assert_eq!(response.as_array().unwrap().len(), 77);
+    assert_eq!(response["results"].as_array().unwrap().len(), 77);
 }

 #[actix_rt::test]
@ -808,15 +906,20 @@ async fn error_add_documents_bad_document_id() {
        }
    ]);
    index.add_documents(documents, None).await;
-    index.wait_update_id(0).await;
-    let (response, code) = index.get_update(0).await;
+    index.wait_task(1).await;
+    let (response, code) = index.get_task(1).await;
    assert_eq!(code, 200);
    assert_eq!(response["status"], json!("failed"));
-    assert_eq!(response["message"], json!("Document identifier `foo & bar` is invalid. A document identifier can be of type integer or string, only composed of alphanumeric characters (a-z A-Z 0-9), hyphens (-) and underscores (_)."));
-    assert_eq!(response["code"], json!("invalid_document_id"));
-    assert_eq!(response["type"], json!("invalid_request"));
    assert_eq!(
-        response["link"],
+        response["error"]["message"],
+        json!(
+            r#"Document identifier `"foo & bar"` is invalid. A document identifier can be of type integer or string, only composed of alphanumeric characters (a-z A-Z 0-9), hyphens (-) and underscores (_)."#
+        )
+    );
+    assert_eq!(response["error"]["code"], json!("invalid_document_id"));
+    assert_eq!(response["error"]["type"], json!("invalid_request"));
+    assert_eq!(
+        response["error"]["link"],
        json!("https://docs.meilisearch.com/errors#invalid_document_id")
    );
 }
@ -833,15 +936,18 @@ async fn error_update_documents_bad_document_id() {
        }
    ]);
    index.update_documents(documents, None).await;
-    index.wait_update_id(0).await;
-    let (response, code) = index.get_update(0).await;
-    assert_eq!(code, 200);
+    let response = index.wait_task(1).await;
    assert_eq!(response["status"], json!("failed"));
-    assert_eq!(response["message"], json!("Document identifier `foo & bar` is invalid. A document identifier can be of type integer or string, only composed of alphanumeric characters (a-z A-Z 0-9), hyphens (-) and underscores (_)."));
-    assert_eq!(response["code"], json!("invalid_document_id"));
-    assert_eq!(response["type"], json!("invalid_request"));
    assert_eq!(
-        response["link"],
+        response["error"]["message"],
+        json!(
+            r#"Document identifier `"foo & bar"` is invalid. A document identifier can be of type integer or string, only composed of alphanumeric characters (a-z A-Z 0-9), hyphens (-) and underscores (_)."#
+        )
+    );
+    assert_eq!(response["error"]["code"], json!("invalid_document_id"));
+    assert_eq!(response["error"]["type"], json!("invalid_request"));
+    assert_eq!(
+        response["error"]["link"],
        json!("https://docs.meilisearch.com/errors#invalid_document_id")
    );
 }
@ -858,18 +964,18 @@ async fn error_add_documents_missing_document_id() {
        }
    ]);
    index.add_documents(documents, None).await;
-    index.wait_update_id(0).await;
-    let (response, code) = index.get_update(0).await;
+    index.wait_task(1).await;
+    let (response, code) = index.get_task(1).await;
    assert_eq!(code, 200);
    assert_eq!(response["status"], "failed");
    assert_eq!(
-        response["message"],
+        response["error"]["message"],
        json!(r#"Document doesn't have a `docid` attribute: `{"id":"11","content":"foobar"}`."#)
    );
-    assert_eq!(response["code"], json!("missing_document_id"));
-    assert_eq!(response["type"], json!("invalid_request"));
+    assert_eq!(response["error"]["code"], json!("missing_document_id"));
+    assert_eq!(response["error"]["type"], json!("invalid_request"));
    assert_eq!(
-        response["link"],
+        response["error"]["link"],
        json!("https://docs.meilisearch.com/errors#missing_document_id")
    );
 }
@ -886,18 +992,16 @@ async fn error_update_documents_missing_document_id() {
        }
    ]);
    index.update_documents(documents, None).await;
-    index.wait_update_id(0).await;
-    let (response, code) = index.get_update(0).await;
-    assert_eq!(code, 200);
+    let response = index.wait_task(1).await;
    assert_eq!(response["status"], "failed");
    assert_eq!(
-        response["message"],
+        response["error"]["message"],
        r#"Document doesn't have a `docid` attribute: `{"id":"11","content":"foobar"}`."#
    );
-    assert_eq!(response["code"], "missing_document_id");
-    assert_eq!(response["type"], "invalid_request");
+    assert_eq!(response["error"]["code"], "missing_document_id");
+    assert_eq!(response["error"]["type"], "invalid_request");
    assert_eq!(
-        response["link"],
+        response["error"]["link"],
        "https://docs.meilisearch.com/errors#missing_document_id"
    );
 }
@ -922,50 +1026,43 @@ async fn error_document_field_limit_reached() {
    let (_response, code) = index.update_documents(documents, Some("id")).await;
    assert_eq!(code, 202);

-    index.wait_update_id(0).await;
-    let (response, code) = index.get_update(0).await;
+    index.wait_task(0).await;
+    let (response, code) = index.get_task(0).await;
    assert_eq!(code, 200);
    // Documents without a primary key are not accepted.
    assert_eq!(response["status"], "failed");
-    assert_eq!(
-        response["message"],
-        "A document cannot contain more than 65,535 fields."
-    );
-    assert_eq!(response["code"], "document_fields_limit_reached");
-    assert_eq!(response["type"], "invalid_request");
-    assert_eq!(
-        response["link"],
-        "https://docs.meilisearch.com/errors#document_fields_limit_reached"
-    );
+
+    let expected_error = json!({
+        "message": "A document cannot contain more than 65,535 fields.",
+        "code": "document_fields_limit_reached",
+        "type": "invalid_request",
+        "link": "https://docs.meilisearch.com/errors#document_fields_limit_reached"
+    });
+
+    assert_eq!(response["error"], expected_error);
 }

 #[actix_rt::test]
-#[ignore] // // TODO: Fix in an other PR: this does not provoke any error.
-async fn error_add_documents_invalid_geo_field() {
+async fn add_documents_invalid_geo_field() {
    let server = Server::new().await;
    let index = server.index("test");
    index.create(Some("id")).await;
+    index
+        .update_settings(json!({"sortableAttributes": ["_geo"]}))
+        .await;
+
    let documents = json!([
        {
            "id": "11",
            "_geo": "foobar"
        }
    ]);
+
    index.add_documents(documents, None).await;
-    index.wait_update_id(0).await;
-    let (response, code) = index.get_update(0).await;
+    index.wait_task(2).await;
+    let (response, code) = index.get_task(2).await;
    assert_eq!(code, 200);
    assert_eq!(response["status"], "failed");
-    assert_eq!(
-        response["message"],
-        r#"The document with the id: `11` contains an invalid _geo field: :syntaxErrorHelper:REPLACE_ME."#
-    );
-    assert_eq!(response["code"], "invalid_geo_field");
-    assert_eq!(response["type"], "invalid_request");
-    assert_eq!(
-        response["link"],
-        "https://docs.meilisearch.com/errors#invalid_geo_field"
-    );
 }

 #[actix_rt::test]
@ -993,3 +1090,113 @@ async fn error_add_documents_payload_size() {
    assert_eq!(response, expected_response);
    assert_eq!(code, 413);
 }
+
+#[actix_rt::test]
+async fn error_primary_key_inference() {
+    let server = Server::new().await;
+    let index = server.index("test");
+
+    let documents = json!([
+        {
+            "title": "11",
+            "desc": "foobar"
+        }
+    ]);
+
+    index.add_documents(documents, None).await;
+    index.wait_task(0).await;
+    let (response, code) = index.get_task(0).await;
+    assert_eq!(code, 200);
+    assert_eq!(response["status"], "failed");
+
+    let expected_error = json!({
+        "message": r#"The primary key inference process failed because the engine did not find any fields containing `id` substring in their name. If your document identifier does not contain any `id` substring, you can set the primary key of the index."#,
+        "code": "primary_key_inference_failed",
+        "type": "invalid_request",
+        "link": "https://docs.meilisearch.com/errors#primary_key_inference_failed"
+    });
+
+    assert_eq!(response["error"], expected_error);
+}
+
+#[actix_rt::test]
+async fn add_documents_with_primary_key_twice() {
+    let server = Server::new().await;
+    let index = server.index("test");
+
+    let documents = json!([
+        {
+            "title": "11",
+            "desc": "foobar"
+        }
+    ]);
+
+    index.add_documents(documents.clone(), Some("title")).await;
+    index.wait_task(0).await;
+    let (response, _code) = index.get_task(0).await;
+    assert_eq!(response["status"], "succeeded");
+
+    index.add_documents(documents, Some("title")).await;
+    index.wait_task(1).await;
+    let (response, _code) = index.get_task(1).await;
+    assert_eq!(response["status"], "succeeded");
+}
+
+#[actix_rt::test]
+async fn batch_several_documents_addition() {
+    let server = Server::new().await;
+    let index = server.index("test");
+
+    let mut documents: Vec<_> = (0..150usize)
+        .into_iter()
+        .map(|id| {
+            json!(
+                {
+                    "id": id,
+                    "title": "foo",
+                    "desc": "bar"
+                }
+            )
+        })
+        .collect();
+
+    documents[100] = json!({"title": "error", "desc": "error"});
+
+    // enqueue batch of documents
+    let mut waiter = Vec::new();
+    for chunk in documents.chunks(30) {
+        waiter.push(index.add_documents(json!(chunk), Some("id")));
+    }
+
+    // wait first batch of documents to finish
+    futures::future::join_all(waiter).await;
+    index.wait_task(4).await;
+
+    // run a second completely failing batch
+    documents[40] = json!({"title": "error", "desc": "error"});
+    documents[70] = json!({"title": "error", "desc": "error"});
+    documents[130] = json!({"title": "error", "desc": "error"});
+    let mut waiter = Vec::new();
+    for chunk in documents.chunks(30) {
+        waiter.push(index.add_documents(json!(chunk), Some("id")));
+    }
+    // wait second batch of documents to finish
+    futures::future::join_all(waiter).await;
+    index.wait_task(9).await;
+
+    let (response, _code) = index.filtered_tasks(&[], &["failed"]).await;
+
+    // Check if only the 6th task failed
+    println!("{}", &response);
+    assert_eq!(response["results"].as_array().unwrap().len(), 5);
+
+    // Check if there are exactly 120 documents (150 - 30) in the index;
+    let (response, code) = index
+        .get_all_documents(GetAllDocumentsOptions {
+            limit: Some(200),
+            ..Default::default()
+        })
+        .await;
+    assert_eq!(code, 200, "failed with `{}`", response);
+    assert_eq!(response["results"].as_array().unwrap().len(), 120);
+}
--- a/meilisearch-http/tests/documents/delete_documents.rs
+++ b/meilisearch-http/tests/documents/delete_documents.rs
@ -5,8 +5,13 @@ use crate::common::{GetAllDocumentsOptions, Server};
 #[actix_rt::test]
 async fn delete_one_document_unexisting_index() {
    let server = Server::new().await;
-    let (_response, code) = server.index("test").delete_document(0).await;
-    assert_eq!(code, 404);
+    let index = server.index("test");
+    let (_response, code) = index.delete_document(0).await;
+    assert_eq!(code, 202);
+
+    let response = index.wait_task(0).await;
+
+    assert_eq!(response["status"], "failed");
 }

 #[actix_rt::test]
@ -16,8 +21,8 @@ async fn delete_one_unexisting_document() {
    index.create(None).await;
    let (response, code) = index.delete_document(0).await;
    assert_eq!(code, 202, "{}", response);
-    let update = index.wait_update_id(0).await;
-    assert_eq!(update["status"], "processed");
+    let update = index.wait_task(0).await;
+    assert_eq!(update["status"], "succeeded");
 }

 #[actix_rt::test]
@ -27,10 +32,10 @@ async fn delete_one_document() {
    index
        .add_documents(json!([{ "id": 0, "content": "foobar" }]), None)
        .await;
-    index.wait_update_id(0).await;
+    index.wait_task(0).await;
    let (_response, code) = server.index("test").delete_document(0).await;
    assert_eq!(code, 202);
-    index.wait_update_id(1).await;
+    index.wait_task(1).await;

    let (_response, code) = index.get_document(0, None).await;
    assert_eq!(code, 404);
@ -39,8 +44,13 @@ async fn delete_one_document() {
 #[actix_rt::test]
 async fn clear_all_documents_unexisting_index() {
    let server = Server::new().await;
-    let (_response, code) = server.index("test").clear_all_documents().await;
-    assert_eq!(code, 404);
+    let index = server.index("test");
+    let (_response, code) = index.clear_all_documents().await;
+    assert_eq!(code, 202);
+
+    let response = index.wait_task(0).await;
+
+    assert_eq!(response["status"], "failed");
 }

 #[actix_rt::test]
@ -53,16 +63,16 @@ async fn clear_all_documents() {
            None,
        )
        .await;
-    index.wait_update_id(0).await;
+    index.wait_task(0).await;
    let (_response, code) = index.clear_all_documents().await;
    assert_eq!(code, 202);

-    let _update = index.wait_update_id(1).await;
+    let _update = index.wait_task(1).await;
    let (response, code) = index
        .get_all_documents(GetAllDocumentsOptions::default())
        .await;
    assert_eq!(code, 200);
-    assert!(response.as_array().unwrap().is_empty());
+    assert!(response["results"].as_array().unwrap().is_empty());
 }

 #[actix_rt::test]
@ -74,26 +84,31 @@ async fn clear_all_documents_empty_index() {
    let (_response, code) = index.clear_all_documents().await;
    assert_eq!(code, 202);

-    let _update = index.wait_update_id(0).await;
+    let _update = index.wait_task(0).await;
    let (response, code) = index
        .get_all_documents(GetAllDocumentsOptions::default())
        .await;
    assert_eq!(code, 200);
-    assert!(response.as_array().unwrap().is_empty());
+    assert!(response["results"].as_array().unwrap().is_empty());
 }

 #[actix_rt::test]
 async fn error_delete_batch_unexisting_index() {
    let server = Server::new().await;
-    let (response, code) = server.index("test").delete_batch(vec![]).await;
+    let index = server.index("test");
+    let (_, code) = index.delete_batch(vec![]).await;
    let expected_response = json!({
        "message": "Index `test` not found.",
        "code": "index_not_found",
        "type": "invalid_request",
        "link": "https://docs.meilisearch.com/errors#index_not_found"
    });
-    assert_eq!(code, 404);
-    assert_eq!(response, expected_response);
+    assert_eq!(code, 202);
+
+    let response = index.wait_task(0).await;
+
+    assert_eq!(response["status"], "failed");
+    assert_eq!(response["error"], expected_response);
 }

 #[actix_rt::test]
@ -101,17 +116,17 @@ async fn delete_batch() {
    let server = Server::new().await;
    let index = server.index("test");
    index.add_documents(json!([{ "id": 1, "content": "foobar" }, { "id": 0, "content": "foobar" }, { "id": 3, "content": "foobar" }]), Some("id")).await;
-    index.wait_update_id(0).await;
+    index.wait_task(0).await;
    let (_response, code) = index.delete_batch(vec![1, 0]).await;
    assert_eq!(code, 202);

-    let _update = index.wait_update_id(1).await;
+    let _update = index.wait_task(1).await;
    let (response, code) = index
        .get_all_documents(GetAllDocumentsOptions::default())
        .await;
    assert_eq!(code, 200);
-    assert_eq!(response.as_array().unwrap().len(), 1);
-    assert_eq!(response.as_array().unwrap()[0]["id"], 3);
+    assert_eq!(response["results"].as_array().unwrap().len(), 1);
+    assert_eq!(response["results"][0]["id"], json!(3));
 }

 #[actix_rt::test]
@ -119,14 +134,14 @@ async fn delete_no_document_batch() {
    let server = Server::new().await;
    let index = server.index("test");
    index.add_documents(json!([{ "id": 1, "content": "foobar" }, { "id": 0, "content": "foobar" }, { "id": 3, "content": "foobar" }]), Some("id")).await;
-    index.wait_update_id(0).await;
+    index.wait_task(0).await;
    let (_response, code) = index.delete_batch(vec![]).await;
    assert_eq!(code, 202, "{}", _response);

-    let _update = index.wait_update_id(1).await;
+    let _update = index.wait_task(1).await;
    let (response, code) = index
        .get_all_documents(GetAllDocumentsOptions::default())
        .await;
    assert_eq!(code, 200);
-    assert_eq!(response.as_array().unwrap().len(), 3);
+    assert_eq!(response["results"].as_array().unwrap().len(), 3);
 }
--- a/meilisearch-http/tests/documents/get_documents.rs
+++ b/meilisearch-http/tests/documents/get_documents.rs
@ -1,5 +1,4 @@
-use crate::common::GetAllDocumentsOptions;
-use crate::common::Server;
+use crate::common::{GetAllDocumentsOptions, GetDocumentOptions, Server};

 use serde_json::json;

@ -17,6 +16,7 @@ async fn error_get_unexisting_document() {
    let server = Server::new().await;
    let index = server.index("test");
    index.create(None).await;
+    index.wait_task(0).await;
    let (response, code) = index.get_document(1, None).await;

    let expected_response = json!({
@ -38,19 +38,51 @@ async fn get_document() {
    let documents = serde_json::json!([
        {
            "id": 0,
-            "content": "foobar",
+            "nested": { "content": "foobar" },
        }
    ]);
    let (_, code) = index.add_documents(documents, None).await;
    assert_eq!(code, 202);
-    index.wait_update_id(0).await;
+    index.wait_task(1).await;
    let (response, code) = index.get_document(0, None).await;
    assert_eq!(code, 200);
    assert_eq!(
        response,
-        serde_json::json!(        {
+        serde_json::json!({
            "id": 0,
-            "content": "foobar",
+            "nested": { "content": "foobar" },
+        })
+    );
+
+    let (response, code) = index
+        .get_document(
+            0,
+            Some(GetDocumentOptions {
+                fields: Some(vec!["id"]),
+            }),
+        )
+        .await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        response,
+        serde_json::json!({
+            "id": 0,
+        })
+    );
+
+    let (response, code) = index
+        .get_document(
+            0,
+            Some(GetDocumentOptions {
+                fields: Some(vec!["nested.content"]),
+            }),
+        )
+        .await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        response,
+        serde_json::json!({
+            "nested": { "content": "foobar" },
        })
    );
 }
@ -75,17 +107,19 @@ async fn error_get_unexisting_index_all_documents() {
 }

 #[actix_rt::test]
-async fn get_no_documents() {
+async fn get_no_document() {
    let server = Server::new().await;
    let index = server.index("test");
    let (_, code) = index.create(None).await;
-    assert_eq!(code, 201);
+    assert_eq!(code, 202);
+
+    index.wait_task(0).await;

    let (response, code) = index
        .get_all_documents(GetAllDocumentsOptions::default())
        .await;
    assert_eq!(code, 200);
-    assert!(response.as_array().unwrap().is_empty());
+    assert!(response["results"].as_array().unwrap().is_empty());
 }

 #[actix_rt::test]
@ -98,7 +132,7 @@ async fn get_all_documents_no_options() {
        .get_all_documents(GetAllDocumentsOptions::default())
        .await;
    assert_eq!(code, 200);
-    let arr = response.as_array().unwrap();
+    let arr = response["results"].as_array().unwrap();
    assert_eq!(arr.len(), 20);
    let first = serde_json::json!({
        "id":0,
@ -134,8 +168,11 @@ async fn test_get_all_documents_limit() {
        })
        .await;
    assert_eq!(code, 200);
-    assert_eq!(response.as_array().unwrap().len(), 5);
-    assert_eq!(response.as_array().unwrap()[0]["id"], 0);
+    assert_eq!(response["results"].as_array().unwrap().len(), 5);
+    assert_eq!(response["results"][0]["id"], json!(0));
+    assert_eq!(response["offset"], json!(0));
+    assert_eq!(response["limit"], json!(5));
+    assert_eq!(response["total"], json!(77));
 }

 #[actix_rt::test]
@ -151,8 +188,11 @@ async fn test_get_all_documents_offset() {
        })
        .await;
    assert_eq!(code, 200);
-    assert_eq!(response.as_array().unwrap().len(), 20);
-    assert_eq!(response.as_array().unwrap()[0]["id"], 13);
+    assert_eq!(response["results"].as_array().unwrap().len(), 20);
+    assert_eq!(response["results"][0]["id"], json!(5));
+    assert_eq!(response["offset"], json!(5));
+    assert_eq!(response["limit"], json!(20));
+    assert_eq!(response["total"], json!(77));
 }

 #[actix_rt::test]
@ -168,20 +208,14 @@ async fn test_get_all_documents_attributes_to_retrieve() {
        })
        .await;
    assert_eq!(code, 200);
-    assert_eq!(response.as_array().unwrap().len(), 20);
-    assert_eq!(
-        response.as_array().unwrap()[0]
-            .as_object()
-            .unwrap()
-            .keys()
-            .count(),
-        1
-    );
-    assert!(response.as_array().unwrap()[0]
-        .as_object()
-        .unwrap()
-        .get("name")
-        .is_some());
+    assert_eq!(response["results"].as_array().unwrap().len(), 20);
+    for results in response["results"].as_array().unwrap() {
+        assert_eq!(results.as_object().unwrap().keys().count(), 1);
+        assert!(results["name"] != json!(null));
+    }
+    assert_eq!(response["offset"], json!(0));
+    assert_eq!(response["limit"], json!(20));
+    assert_eq!(response["total"], json!(77));

    let (response, code) = index
        .get_all_documents(GetAllDocumentsOptions {
@ -190,15 +224,13 @@ async fn test_get_all_documents_attributes_to_retrieve() {
        })
        .await;
    assert_eq!(code, 200);
-    assert_eq!(response.as_array().unwrap().len(), 20);
-    assert_eq!(
-        response.as_array().unwrap()[0]
-            .as_object()
-            .unwrap()
-            .keys()
-            .count(),
-        0
-    );
+    assert_eq!(response["results"].as_array().unwrap().len(), 20);
+    for results in response["results"].as_array().unwrap() {
+        assert_eq!(results.as_object().unwrap().keys().count(), 0);
+    }
+    assert_eq!(response["offset"], json!(0));
+    assert_eq!(response["limit"], json!(20));
+    assert_eq!(response["total"], json!(77));

    let (response, code) = index
        .get_all_documents(GetAllDocumentsOptions {
@ -207,15 +239,13 @@ async fn test_get_all_documents_attributes_to_retrieve() {
        })
        .await;
    assert_eq!(code, 200);
-    assert_eq!(response.as_array().unwrap().len(), 20);
-    assert_eq!(
-        response.as_array().unwrap()[0]
-            .as_object()
-            .unwrap()
-            .keys()
-            .count(),
-        0
-    );
+    assert_eq!(response["results"].as_array().unwrap().len(), 20);
+    for results in response["results"].as_array().unwrap() {
+        assert_eq!(results.as_object().unwrap().keys().count(), 0);
+    }
+    assert_eq!(response["offset"], json!(0));
+    assert_eq!(response["limit"], json!(20));
+    assert_eq!(response["total"], json!(77));

    let (response, code) = index
        .get_all_documents(GetAllDocumentsOptions {
@ -224,15 +254,12 @@ async fn test_get_all_documents_attributes_to_retrieve() {
        })
        .await;
    assert_eq!(code, 200);
-    assert_eq!(response.as_array().unwrap().len(), 20);
-    assert_eq!(
-        response.as_array().unwrap()[0]
-            .as_object()
-            .unwrap()
-            .keys()
-            .count(),
-        2
-    );
+    assert_eq!(response["results"].as_array().unwrap().len(), 20);
+    for results in response["results"].as_array().unwrap() {
+        assert_eq!(results.as_object().unwrap().keys().count(), 2);
+        assert!(results["name"] != json!(null));
+        assert!(results["tags"] != json!(null));
+    }

    let (response, code) = index
        .get_all_documents(GetAllDocumentsOptions {
@ -241,15 +268,10 @@ async fn test_get_all_documents_attributes_to_retrieve() {
        })
        .await;
    assert_eq!(code, 200);
-    assert_eq!(response.as_array().unwrap().len(), 20);
-    assert_eq!(
-        response.as_array().unwrap()[0]
-            .as_object()
-            .unwrap()
-            .keys()
-            .count(),
-        16
-    );
+    assert_eq!(response["results"].as_array().unwrap().len(), 20);
+    for results in response["results"].as_array().unwrap() {
+        assert_eq!(results.as_object().unwrap().keys().count(), 16);
+    }

    let (response, code) = index
        .get_all_documents(GetAllDocumentsOptions {
@ -258,19 +280,99 @@ async fn test_get_all_documents_attributes_to_retrieve() {
        })
        .await;
    assert_eq!(code, 200);
-    assert_eq!(response.as_array().unwrap().len(), 20);
+    assert_eq!(response["results"].as_array().unwrap().len(), 20);
+    for results in response["results"].as_array().unwrap() {
+        assert_eq!(results.as_object().unwrap().keys().count(), 16);
+    }
+}
+
+#[actix_rt::test]
+async fn get_document_s_nested_attributes_to_retrieve() {
+    let server = Server::new().await;
+    let index = server.index("test");
+    index.create(None).await;
+    let documents = json!([
+        {
+            "id": 0,
+            "content.truc": "foobar",
+        },
+        {
+            "id": 1,
+            "content": {
+                "truc": "foobar",
+                "machin": "bidule",
+            },
+        },
+    ]);
+    let (_, code) = index.add_documents(documents, None).await;
+    assert_eq!(code, 202);
+    index.wait_task(1).await;
+
+    let (response, code) = index
+        .get_document(
+            0,
+            Some(GetDocumentOptions {
+                fields: Some(vec!["content"]),
+            }),
+        )
+        .await;
+    assert_eq!(code, 200);
+    assert_eq!(response, json!({}));
+    let (response, code) = index
+        .get_document(
+            1,
+            Some(GetDocumentOptions {
+                fields: Some(vec!["content"]),
+            }),
+        )
+        .await;
+    assert_eq!(code, 200);
    assert_eq!(
-        response.as_array().unwrap()[0]
-            .as_object()
-            .unwrap()
-            .keys()
-            .count(),
-        16
+        response,
+        json!({
+            "content": {
+                "truc": "foobar",
+                "machin": "bidule",
+            },
+        })
+    );
+
+    let (response, code) = index
+        .get_document(
+            0,
+            Some(GetDocumentOptions {
+                fields: Some(vec!["content.truc"]),
+            }),
+        )
+        .await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        response,
+        json!({
+            "content.truc": "foobar",
+        })
+    );
+    let (response, code) = index
+        .get_document(
+            1,
+            Some(GetDocumentOptions {
+                fields: Some(vec!["content.truc"]),
+            }),
+        )
+        .await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        response,
+        json!({
+            "content": {
+                "truc": "foobar",
+            },
+        })
    );
 }

 #[actix_rt::test]
-async fn get_documents_displayed_attributes() {
+async fn get_documents_displayed_attributes_is_ignored() {
    let server = Server::new().await;
    let index = server.index("test");
    index
@ -282,23 +384,19 @@ async fn get_documents_displayed_attributes() {
        .get_all_documents(GetAllDocumentsOptions::default())
        .await;
    assert_eq!(code, 200);
-    assert_eq!(response.as_array().unwrap().len(), 20);
+    assert_eq!(response["results"].as_array().unwrap().len(), 20);
    assert_eq!(
-        response.as_array().unwrap()[0]
-            .as_object()
-            .unwrap()
-            .keys()
-            .count(),
-        1
+        response["results"][0].as_object().unwrap().keys().count(),
+        16
    );
-    assert!(response.as_array().unwrap()[0]
-        .as_object()
-        .unwrap()
-        .get("gender")
-        .is_some());
+    assert!(response["results"][0]["gender"] != json!(null));
+
+    assert_eq!(response["offset"], json!(0));
+    assert_eq!(response["limit"], json!(20));
+    assert_eq!(response["total"], json!(77));

    let (response, code) = index.get_document(0, None).await;
    assert_eq!(code, 200);
-    assert_eq!(response.as_object().unwrap().keys().count(), 1);
+    assert_eq!(response.as_object().unwrap().keys().count(), 16);
    assert!(response.as_object().unwrap().get("gender").is_some());
 }
--- a/meilisearch-http/tests/dumps/data.rs
+++ b/meilisearch-http/tests/dumps/data.rs
@ -0,0 +1,73 @@
+use std::path::PathBuf;
+
+use manifest_dir_macros::exist_relative_path;
+
+pub enum GetDump {
+    MoviesRawV1,
+    MoviesWithSettingsV1,
+    RubyGemsWithSettingsV1,
+
+    MoviesRawV2,
+    MoviesWithSettingsV2,
+    RubyGemsWithSettingsV2,
+
+    MoviesRawV3,
+    MoviesWithSettingsV3,
+    RubyGemsWithSettingsV3,
+
+    MoviesRawV4,
+    MoviesWithSettingsV4,
+    RubyGemsWithSettingsV4,
+
+    TestV5,
+}
+
+impl GetDump {
+    pub fn path(&self) -> PathBuf {
+        match self {
+            GetDump::MoviesRawV1 => {
+                exist_relative_path!("tests/assets/v1_v0.20.0_movies.dump").into()
+            }
+            GetDump::MoviesWithSettingsV1 => {
+                exist_relative_path!("tests/assets/v1_v0.20.0_movies_with_settings.dump").into()
+            }
+            GetDump::RubyGemsWithSettingsV1 => {
+                exist_relative_path!("tests/assets/v1_v0.20.0_rubygems_with_settings.dump").into()
+            }
+
+            GetDump::MoviesRawV2 => {
+                exist_relative_path!("tests/assets/v2_v0.21.1_movies.dump").into()
+            }
+            GetDump::MoviesWithSettingsV2 => {
+                exist_relative_path!("tests/assets/v2_v0.21.1_movies_with_settings.dump").into()
+            }
+
+            GetDump::RubyGemsWithSettingsV2 => {
+                exist_relative_path!("tests/assets/v2_v0.21.1_rubygems_with_settings.dump").into()
+            }
+
+            GetDump::MoviesRawV3 => {
+                exist_relative_path!("tests/assets/v3_v0.24.0_movies.dump").into()
+            }
+            GetDump::MoviesWithSettingsV3 => {
+                exist_relative_path!("tests/assets/v3_v0.24.0_movies_with_settings.dump").into()
+            }
+            GetDump::RubyGemsWithSettingsV3 => {
+                exist_relative_path!("tests/assets/v3_v0.24.0_rubygems_with_settings.dump").into()
+            }
+
+            GetDump::MoviesRawV4 => {
+                exist_relative_path!("tests/assets/v4_v0.25.2_movies.dump").into()
+            }
+            GetDump::MoviesWithSettingsV4 => {
+                exist_relative_path!("tests/assets/v4_v0.25.2_movies_with_settings.dump").into()
+            }
+            GetDump::RubyGemsWithSettingsV4 => {
+                exist_relative_path!("tests/assets/v4_v0.25.2_rubygems_with_settings.dump").into()
+            }
+            GetDump::TestV5 => {
+                exist_relative_path!("tests/assets/v5_v0.28.0_test_dump.dump").into()
+            }
+        }
+    }
+}
--- a/meilisearch-http/tests/dumps/mod.rs
+++ b/meilisearch-http/tests/dumps/mod.rs
@ -0,0 +1,677 @@
+mod data;
+
+use crate::common::{default_settings, GetAllDocumentsOptions, Server};
+use meilisearch_http::Opt;
+use serde_json::json;
+
+use self::data::GetDump;
+
+// all the following test are ignored on windows. See #2364
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn import_dump_v1() {
+    let temp = tempfile::tempdir().unwrap();
+
+    for path in [
+        GetDump::MoviesRawV1.path(),
+        GetDump::MoviesWithSettingsV1.path(),
+        GetDump::RubyGemsWithSettingsV1.path(),
+    ] {
+        let options = Opt {
+            import_dump: Some(path),
+            ..default_settings(temp.path())
+        };
+        let error = Server::new_with_options(options)
+            .await
+            .map(|_| ())
+            .unwrap_err();
+
+        assert_eq!(error.to_string(), "The version 1 of the dumps is not supported anymore. You can re-export your dump from a version between 0.21 and 0.24, or start fresh from a version 0.25 onwards.");
+    }
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn import_dump_v2_movie_raw() {
+    let temp = tempfile::tempdir().unwrap();
+
+    let options = Opt {
+        import_dump: Some(GetDump::MoviesRawV2.path()),
+        ..default_settings(temp.path())
+    };
+    let server = Server::new_with_options(options).await.unwrap();
+
+    let (indexes, code) = server.list_indexes(None, None).await;
+    assert_eq!(code, 200);
+
+    assert_eq!(indexes["results"].as_array().unwrap().len(), 1);
+    assert_eq!(indexes["results"][0]["uid"], json!("indexUID"));
+    assert_eq!(indexes["results"][0]["primaryKey"], json!("id"));
+
+    let index = server.index("indexUID");
+
+    let (stats, code) = index.stats().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        stats,
+        json!({ "numberOfDocuments": 53, "isIndexing": false, "fieldDistribution": {"genres": 53, "id": 53, "overview": 53, "poster": 53, "release_date": 53, "title": 53 }})
+    );
+
+    let (settings, code) = index.settings().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        settings,
+        json!({"displayedAttributes": ["*"], "searchableAttributes": ["*"], "filterableAttributes": [], "sortableAttributes": [], "rankingRules": ["words", "typo", "proximity", "attribute", "exactness"], "stopWords": [], "synonyms": {}, "distinctAttribute": null, "typoTolerance": {"enabled": true, "minWordSizeForTypos": {"oneTypo": 5, "twoTypos": 9}, "disableOnWords": [], "disableOnAttributes": [] }, "faceting": { "maxValuesPerFacet": 100 }, "pagination": { "maxTotalHits": 1000 } })
+    );
+
+    let (tasks, code) = index.list_tasks().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        tasks,
+        json!({ "results": [{"uid": 0, "indexUid": "indexUID", "status": "succeeded", "type": "documentAdditionOrUpdate", "details": { "receivedDocuments": 0, "indexedDocuments": 31944 }, "duration": "PT41.751156S", "enqueuedAt": "2021-09-08T08:30:30.550282Z", "startedAt": "2021-09-08T08:30:30.553012Z", "finishedAt": "2021-09-08T08:31:12.304168Z" }], "limit": 20, "from": 0, "next": null })
+    );
+
+    // finally we're just going to check that we can still get a few documents by id
+    let (document, code) = index.get_document(100, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({"id": 100, "title": "Lock, Stock and Two Smoking Barrels", "overview": "A card shark and his unwillingly-enlisted friends need to make a lot of cash quick after losing a sketchy poker match. To do this they decide to pull a heist on a small-time gang who happen to be operating out of the flat next door.", "genres": ["Comedy", "Crime"], "poster": "https://image.tmdb.org/t/p/w500/8kSerJrhrJWKLk1LViesGcnrUPE.jpg", "release_date": 889056000})
+    );
+
+    let (document, code) = index.get_document(500, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({"id": 500, "title": "Reservoir Dogs", "overview": "A botched robbery indicates a police informant, and the pressure mounts in the aftermath at a warehouse. Crime begets violence as the survivors -- veteran Mr. White, newcomer Mr. Orange, psychopathic parolee Mr. Blonde, bickering weasel Mr. Pink and Nice Guy Eddie -- unravel.", "genres": ["Crime", "Thriller"], "poster": "https://image.tmdb.org/t/p/w500/AjTtJNumZyUDz33VtMlF1K8JPsE.jpg", "release_date": 715392000})
+    );
+
+    let (document, code) = index.get_document(10006, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({"id": 10006, "title": "Wild Seven", "overview": "In this darkly karmic vision of Arizona, a man who breathes nothing but ill will begins a noxious domino effect as quickly as an uncontrollable virus kills. As he exits Arizona State Penn after twenty-one long years, Wilson has only one thing on the brain, leveling the score with career criminal, Mackey Willis.", "genres": ["Action", "Crime", "Drama"], "poster": "https://image.tmdb.org/t/p/w500/y114dTPoqn8k2Txps4P2tI95YCS.jpg", "release_date": 1136073600})
+    );
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn import_dump_v2_movie_with_settings() {
+    let temp = tempfile::tempdir().unwrap();
+
+    let options = Opt {
+        import_dump: Some(GetDump::MoviesWithSettingsV2.path()),
+        ..default_settings(temp.path())
+    };
+    let server = Server::new_with_options(options).await.unwrap();
+
+    let (indexes, code) = server.list_indexes(None, None).await;
+    assert_eq!(code, 200);
+
+    assert_eq!(indexes["results"].as_array().unwrap().len(), 1);
+    assert_eq!(indexes["results"][0]["uid"], json!("indexUID"));
+    assert_eq!(indexes["results"][0]["primaryKey"], json!("id"));
+
+    let index = server.index("indexUID");
+
+    let (stats, code) = index.stats().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        stats,
+        json!({ "numberOfDocuments": 53, "isIndexing": false, "fieldDistribution": {"genres": 53, "id": 53, "overview": 53, "poster": 53, "release_date": 53, "title": 53 }})
+    );
+
+    let (settings, code) = index.settings().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        settings,
+        json!({ "displayedAttributes": ["title", "genres", "overview", "poster", "release_date"], "searchableAttributes": ["title", "overview"], "filterableAttributes": ["genres"], "sortableAttributes": [], "rankingRules": ["words", "typo", "proximity", "attribute", "exactness"], "stopWords": ["of", "the"], "synonyms": {}, "distinctAttribute": null, "typoTolerance": {"enabled": true, "minWordSizeForTypos": { "oneTypo": 5, "twoTypos": 9 }, "disableOnWords": [], "disableOnAttributes": [] }, "faceting": { "maxValuesPerFacet": 100 }, "pagination": { "maxTotalHits": 1000 } })
+    );
+
+    let (tasks, code) = index.list_tasks().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        tasks,
+        json!({ "results": [{ "uid": 1, "indexUid": "indexUID", "status": "succeeded", "type": "settingsUpdate", "details": { "displayedAttributes": ["title", "genres", "overview", "poster", "release_date"], "searchableAttributes": ["title", "overview"], "filterableAttributes": ["genres"], "stopWords": ["of", "the"] }, "duration": "PT37.488777S", "enqueuedAt": "2021-09-08T08:24:02.323444Z", "startedAt": "2021-09-08T08:24:02.324145Z", "finishedAt": "2021-09-08T08:24:39.812922Z" }, { "uid": 0, "indexUid": "indexUID", "status": "succeeded", "type": "documentAdditionOrUpdate", "details": { "receivedDocuments": 0, "indexedDocuments": 31944 }, "duration": "PT39.941318S", "enqueuedAt": "2021-09-08T08:21:14.742672Z", "startedAt": "2021-09-08T08:21:14.750166Z", "finishedAt": "2021-09-08T08:21:54.691484Z" }], "limit": 20, "from": 1, "next": null })
+    );
+
+    // finally we're just going to check that we can still get a few documents by id
+    let (document, code) = index.get_document(100, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "id": 100, "title": "Lock, Stock and Two Smoking Barrels", "genres": ["Comedy", "Crime"], "overview": "A card shark and his unwillingly-enlisted friends need to make a lot of cash quick after losing a sketchy poker match. To do this they decide to pull a heist on a small-time gang who happen to be operating out of the flat next door.", "poster": "https://image.tmdb.org/t/p/w500/8kSerJrhrJWKLk1LViesGcnrUPE.jpg", "release_date": 889056000 })
+    );
+
+    let (document, code) = index.get_document(500, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "id": 500, "title": "Reservoir Dogs", "genres": ["Crime", "Thriller"], "overview": "A botched robbery indicates a police informant, and the pressure mounts in the aftermath at a warehouse. Crime begets violence as the survivors -- veteran Mr. White, newcomer Mr. Orange, psychopathic parolee Mr. Blonde, bickering weasel Mr. Pink and Nice Guy Eddie -- unravel.", "poster": "https://image.tmdb.org/t/p/w500/AjTtJNumZyUDz33VtMlF1K8JPsE.jpg", "release_date": 715392000})
+    );
+
+    let (document, code) = index.get_document(10006, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "id": 10006, "title": "Wild Seven", "genres": ["Action", "Crime", "Drama"], "overview": "In this darkly karmic vision of Arizona, a man who breathes nothing but ill will begins a noxious domino effect as quickly as an uncontrollable virus kills. As he exits Arizona State Penn after twenty-one long years, Wilson has only one thing on the brain, leveling the score with career criminal, Mackey Willis.", "poster": "https://image.tmdb.org/t/p/w500/y114dTPoqn8k2Txps4P2tI95YCS.jpg", "release_date": 1136073600})
+    );
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn import_dump_v2_rubygems_with_settings() {
+    let temp = tempfile::tempdir().unwrap();
+
+    let options = Opt {
+        import_dump: Some(GetDump::RubyGemsWithSettingsV2.path()),
+        ..default_settings(temp.path())
+    };
+    let server = Server::new_with_options(options).await.unwrap();
+
+    let (indexes, code) = server.list_indexes(None, None).await;
+    assert_eq!(code, 200);
+
+    assert_eq!(indexes["results"].as_array().unwrap().len(), 1);
+    assert_eq!(indexes["results"][0]["uid"], json!("rubygems"));
+    assert_eq!(indexes["results"][0]["primaryKey"], json!("id"));
+
+    let index = server.index("rubygems");
+
+    let (stats, code) = index.stats().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        stats,
+        json!({ "numberOfDocuments": 53, "isIndexing": false, "fieldDistribution": {"description": 53, "id": 53, "name": 53, "summary": 53, "total_downloads": 53, "version": 53 }})
+    );
+
+    let (settings, code) = index.settings().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        settings,
+        json!({"displayedAttributes": ["name", "summary", "description", "version", "total_downloads"], "searchableAttributes": ["name", "summary"], "filterableAttributes": ["version"], "sortableAttributes": [], "rankingRules": ["typo", "words", "fame:desc", "proximity", "attribute", "exactness", "total_downloads:desc"], "stopWords": [], "synonyms": {}, "distinctAttribute": null, "typoTolerance": {"enabled": true, "minWordSizeForTypos": {"oneTypo": 5, "twoTypos": 9}, "disableOnWords": [], "disableOnAttributes": [] }, "faceting": { "maxValuesPerFacet": 100 }, "pagination": { "maxTotalHits": 1000 }})
+    );
+
+    let (tasks, code) = index.list_tasks().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        tasks["results"][0],
+        json!({"uid": 92, "indexUid": "rubygems", "status": "succeeded", "type": "documentAdditionOrUpdate", "details": {"receivedDocuments": 0, "indexedDocuments": 1042}, "duration": "PT14.034672S", "enqueuedAt": "2021-09-08T08:40:31.390775Z", "startedAt": "2021-09-08T08:51:39.060642Z", "finishedAt": "2021-09-08T08:51:53.095314Z"})
+    );
+
+    // finally we're just going to check that we can still get a few documents by id
+    let (document, code) = index.get_document(188040, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "name": "meilisearch", "summary": "An easy-to-use ruby client for Meilisearch API", "description": "An easy-to-use ruby client for Meilisearch API. See https://github.com/meilisearch/MeiliSearch", "id": "188040", "version": "0.15.2", "total_downloads": "7465"})
+    );
+
+    let (document, code) = index.get_document(191940, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "name": "doggo", "summary": "RSpec 3 formatter - documentation, with progress indication", "description": "Similar to \"rspec -f d\", but also indicates progress by showing the current test number and total test count on each line.", "id": "191940", "version": "1.1.0", "total_downloads": "9394"})
+    );
+
+    let (document, code) = index.get_document(159227, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "name": "vortex-of-agony", "summary": "You dont need to use nodejs or go, just install this plugin. It will crash your application at random", "description": "You dont need to use nodejs or go, just install this plugin. It will crash your application at random", "id": "159227", "version": "0.1.0", "total_downloads": "1007"})
+    );
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn import_dump_v3_movie_raw() {
+    let temp = tempfile::tempdir().unwrap();
+
+    let options = Opt {
+        import_dump: Some(GetDump::MoviesRawV3.path()),
+        ..default_settings(temp.path())
+    };
+    let server = Server::new_with_options(options).await.unwrap();
+
+    let (indexes, code) = server.list_indexes(None, None).await;
+    assert_eq!(code, 200);
+
+    assert_eq!(indexes["results"].as_array().unwrap().len(), 1);
+    assert_eq!(indexes["results"][0]["uid"], json!("indexUID"));
+    assert_eq!(indexes["results"][0]["primaryKey"], json!("id"));
+
+    let index = server.index("indexUID");
+
+    let (stats, code) = index.stats().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        stats,
+        json!({ "numberOfDocuments": 53, "isIndexing": false, "fieldDistribution": {"genres": 53, "id": 53, "overview": 53, "poster": 53, "release_date": 53, "title": 53 }})
+    );
+
+    let (settings, code) = index.settings().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        settings,
+        json!({"displayedAttributes": ["*"], "searchableAttributes": ["*"], "filterableAttributes": [], "sortableAttributes": [], "rankingRules": ["words", "typo", "proximity", "attribute", "exactness"], "stopWords": [], "synonyms": {}, "distinctAttribute": null, "typoTolerance": {"enabled": true, "minWordSizeForTypos": {"oneTypo": 5, "twoTypos": 9}, "disableOnWords": [], "disableOnAttributes": [] }, "faceting": { "maxValuesPerFacet": 100 }, "pagination": { "maxTotalHits": 1000 } })
+    );
+
+    let (tasks, code) = index.list_tasks().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        tasks,
+        json!({ "results": [{"uid": 0, "indexUid": "indexUID", "status": "succeeded", "type": "documentAdditionOrUpdate", "details": { "receivedDocuments": 0, "indexedDocuments": 31944 }, "duration": "PT41.751156S", "enqueuedAt": "2021-09-08T08:30:30.550282Z", "startedAt": "2021-09-08T08:30:30.553012Z", "finishedAt": "2021-09-08T08:31:12.304168Z" }], "limit": 20, "from": 0, "next": null })
+    );
+
+    // finally we're just going to check that we can still get a few documents by id
+    let (document, code) = index.get_document(100, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({"id": 100, "title": "Lock, Stock and Two Smoking Barrels", "overview": "A card shark and his unwillingly-enlisted friends need to make a lot of cash quick after losing a sketchy poker match. To do this they decide to pull a heist on a small-time gang who happen to be operating out of the flat next door.", "genres": ["Comedy", "Crime"], "poster": "https://image.tmdb.org/t/p/w500/8kSerJrhrJWKLk1LViesGcnrUPE.jpg", "release_date": 889056000})
+    );
+
+    let (document, code) = index.get_document(500, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({"id": 500, "title": "Reservoir Dogs", "overview": "A botched robbery indicates a police informant, and the pressure mounts in the aftermath at a warehouse. Crime begets violence as the survivors -- veteran Mr. White, newcomer Mr. Orange, psychopathic parolee Mr. Blonde, bickering weasel Mr. Pink and Nice Guy Eddie -- unravel.", "genres": ["Crime", "Thriller"], "poster": "https://image.tmdb.org/t/p/w500/AjTtJNumZyUDz33VtMlF1K8JPsE.jpg", "release_date": 715392000})
+    );
+
+    let (document, code) = index.get_document(10006, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({"id": 10006, "title": "Wild Seven", "overview": "In this darkly karmic vision of Arizona, a man who breathes nothing but ill will begins a noxious domino effect as quickly as an uncontrollable virus kills. As he exits Arizona State Penn after twenty-one long years, Wilson has only one thing on the brain, leveling the score with career criminal, Mackey Willis.", "genres": ["Action", "Crime", "Drama"], "poster": "https://image.tmdb.org/t/p/w500/y114dTPoqn8k2Txps4P2tI95YCS.jpg", "release_date": 1136073600})
+    );
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn import_dump_v3_movie_with_settings() {
+    let temp = tempfile::tempdir().unwrap();
+
+    let options = Opt {
+        import_dump: Some(GetDump::MoviesWithSettingsV3.path()),
+        ..default_settings(temp.path())
+    };
+    let server = Server::new_with_options(options).await.unwrap();
+
+    let (indexes, code) = server.list_indexes(None, None).await;
+    assert_eq!(code, 200);
+
+    assert_eq!(indexes["results"].as_array().unwrap().len(), 1);
+    assert_eq!(indexes["results"][0]["uid"], json!("indexUID"));
+    assert_eq!(indexes["results"][0]["primaryKey"], json!("id"));
+
+    let index = server.index("indexUID");
+
+    let (stats, code) = index.stats().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        stats,
+        json!({ "numberOfDocuments": 53, "isIndexing": false, "fieldDistribution": {"genres": 53, "id": 53, "overview": 53, "poster": 53, "release_date": 53, "title": 53 }})
+    );
+
+    let (settings, code) = index.settings().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        settings,
+        json!({ "displayedAttributes": ["title", "genres", "overview", "poster", "release_date"], "searchableAttributes": ["title", "overview"], "filterableAttributes": ["genres"], "sortableAttributes": [], "rankingRules": ["words", "typo", "proximity", "attribute", "exactness"], "stopWords": ["of", "the"], "synonyms": {}, "distinctAttribute": null, "typoTolerance": {"enabled": true, "minWordSizeForTypos": { "oneTypo": 5, "twoTypos": 9 }, "disableOnWords": [], "disableOnAttributes": [] }, "faceting": { "maxValuesPerFacet": 100 }, "pagination": { "maxTotalHits": 1000 } })
+    );
+
+    let (tasks, code) = index.list_tasks().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        tasks,
+        json!({ "results": [{ "uid": 1, "indexUid": "indexUID", "status": "succeeded", "type": "settingsUpdate", "details": { "displayedAttributes": ["title", "genres", "overview", "poster", "release_date"], "searchableAttributes": ["title", "overview"], "filterableAttributes": ["genres"], "stopWords": ["of", "the"] }, "duration": "PT37.488777S", "enqueuedAt": "2021-09-08T08:24:02.323444Z", "startedAt": "2021-09-08T08:24:02.324145Z", "finishedAt": "2021-09-08T08:24:39.812922Z" }, { "uid": 0, "indexUid": "indexUID", "status": "succeeded", "type": "documentAdditionOrUpdate", "details": { "receivedDocuments": 0, "indexedDocuments": 31944 }, "duration": "PT39.941318S", "enqueuedAt": "2021-09-08T08:21:14.742672Z", "startedAt": "2021-09-08T08:21:14.750166Z", "finishedAt": "2021-09-08T08:21:54.691484Z" }], "limit": 20, "from": 1, "next": null })
+    );
+
+    // finally we're just going to check that we can["results"] still get a few documents by id
+    let (document, code) = index.get_document(100, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "id": 100, "title": "Lock, Stock and Two Smoking Barrels", "genres": ["Comedy", "Crime"], "overview": "A card shark and his unwillingly-enlisted friends need to make a lot of cash quick after losing a sketchy poker match. To do this they decide to pull a heist on a small-time gang who happen to be operating out of the flat next door.", "poster": "https://image.tmdb.org/t/p/w500/8kSerJrhrJWKLk1LViesGcnrUPE.jpg", "release_date": 889056000 })
+    );
+
+    let (document, code) = index.get_document(500, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "id": 500, "title": "Reservoir Dogs", "genres": ["Crime", "Thriller"], "overview": "A botched robbery indicates a police informant, and the pressure mounts in the aftermath at a warehouse. Crime begets violence as the survivors -- veteran Mr. White, newcomer Mr. Orange, psychopathic parolee Mr. Blonde, bickering weasel Mr. Pink and Nice Guy Eddie -- unravel.", "poster": "https://image.tmdb.org/t/p/w500/AjTtJNumZyUDz33VtMlF1K8JPsE.jpg", "release_date": 715392000})
+    );
+
+    let (document, code) = index.get_document(10006, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "id": 10006, "title": "Wild Seven", "genres": ["Action", "Crime", "Drama"], "overview": "In this darkly karmic vision of Arizona, a man who breathes nothing but ill will begins a noxious domino effect as quickly as an uncontrollable virus kills. As he exits Arizona State Penn after twenty-one long years, Wilson has only one thing on the brain, leveling the score with career criminal, Mackey Willis.", "poster": "https://image.tmdb.org/t/p/w500/y114dTPoqn8k2Txps4P2tI95YCS.jpg", "release_date": 1136073600})
+    );
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn import_dump_v3_rubygems_with_settings() {
+    let temp = tempfile::tempdir().unwrap();
+
+    let options = Opt {
+        import_dump: Some(GetDump::RubyGemsWithSettingsV3.path()),
+        ..default_settings(temp.path())
+    };
+    let server = Server::new_with_options(options).await.unwrap();
+
+    let (indexes, code) = server.list_indexes(None, None).await;
+    assert_eq!(code, 200);
+
+    assert_eq!(indexes["results"].as_array().unwrap().len(), 1);
+    assert_eq!(indexes["results"][0]["uid"], json!("rubygems"));
+    assert_eq!(indexes["results"][0]["primaryKey"], json!("id"));
+
+    let index = server.index("rubygems");
+
+    let (stats, code) = index.stats().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        stats,
+        json!({ "numberOfDocuments": 53, "isIndexing": false, "fieldDistribution": {"description": 53, "id": 53, "name": 53, "summary": 53, "total_downloads": 53, "version": 53 }})
+    );
+
+    let (settings, code) = index.settings().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        settings,
+        json!({"displayedAttributes": ["name", "summary", "description", "version", "total_downloads"], "searchableAttributes": ["name", "summary"], "filterableAttributes": ["version"], "sortableAttributes": [], "rankingRules": ["typo", "words", "fame:desc", "proximity", "attribute", "exactness", "total_downloads:desc"], "stopWords": [], "synonyms": {}, "distinctAttribute": null, "typoTolerance": {"enabled": true, "minWordSizeForTypos": {"oneTypo": 5, "twoTypos": 9}, "disableOnWords": [], "disableOnAttributes": [] }, "faceting": { "maxValuesPerFacet": 100 }, "pagination": { "maxTotalHits": 1000 } })
+    );
+
+    let (tasks, code) = index.list_tasks().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        tasks["results"][0],
+        json!({"uid": 92, "indexUid": "rubygems", "status": "succeeded", "type": "documentAdditionOrUpdate", "details": {"receivedDocuments": 0, "indexedDocuments": 1042}, "duration": "PT14.034672S", "enqueuedAt": "2021-09-08T08:40:31.390775Z", "startedAt": "2021-09-08T08:51:39.060642Z", "finishedAt": "2021-09-08T08:51:53.095314Z"})
+    );
+
+    // finally we're just going to check that we can still get a few documents by id
+    let (document, code) = index.get_document(188040, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "name": "meilisearch", "summary": "An easy-to-use ruby client for Meilisearch API", "description": "An easy-to-use ruby client for Meilisearch API. See https://github.com/meilisearch/MeiliSearch", "id": "188040", "version": "0.15.2", "total_downloads": "7465"})
+    );
+
+    let (document, code) = index.get_document(191940, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "name": "doggo", "summary": "RSpec 3 formatter - documentation, with progress indication", "description": "Similar to \"rspec -f d\", but also indicates progress by showing the current test number and total test count on each line.", "id": "191940", "version": "1.1.0", "total_downloads": "9394"})
+    );
+
+    let (document, code) = index.get_document(159227, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "name": "vortex-of-agony", "summary": "You dont need to use nodejs or go, just install this plugin. It will crash your application at random", "description": "You dont need to use nodejs or go, just install this plugin. It will crash your application at random", "id": "159227", "version": "0.1.0", "total_downloads": "1007"})
+    );
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn import_dump_v4_movie_raw() {
+    let temp = tempfile::tempdir().unwrap();
+
+    let options = Opt {
+        import_dump: Some(GetDump::MoviesRawV4.path()),
+        ..default_settings(temp.path())
+    };
+    let server = Server::new_with_options(options).await.unwrap();
+
+    let (indexes, code) = server.list_indexes(None, None).await;
+    assert_eq!(code, 200);
+
+    assert_eq!(indexes["results"].as_array().unwrap().len(), 1);
+    assert_eq!(indexes["results"][0]["uid"], json!("indexUID"));
+    assert_eq!(indexes["results"][0]["primaryKey"], json!("id"));
+
+    let index = server.index("indexUID");
+
+    let (stats, code) = index.stats().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        stats,
+        json!({ "numberOfDocuments": 53, "isIndexing": false, "fieldDistribution": {"genres": 53, "id": 53, "overview": 53, "poster": 53, "release_date": 53, "title": 53 }})
+    );
+
+    let (settings, code) = index.settings().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        settings,
+        json!({ "displayedAttributes": ["*"], "searchableAttributes": ["*"], "filterableAttributes": [], "sortableAttributes": [], "rankingRules": ["words", "typo", "proximity", "attribute", "exactness"], "stopWords": [], "synonyms": {}, "distinctAttribute": null, "typoTolerance": {"enabled": true, "minWordSizeForTypos": {"oneTypo": 5, "twoTypos": 9}, "disableOnWords": [], "disableOnAttributes": [] }, "faceting": { "maxValuesPerFacet": 100 }, "pagination": { "maxTotalHits": 1000 } })
+    );
+
+    let (tasks, code) = index.list_tasks().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        tasks,
+        json!({ "results": [{"uid": 0, "indexUid": "indexUID", "status": "succeeded", "type": "documentAdditionOrUpdate", "details": { "receivedDocuments": 0, "indexedDocuments": 31944 }, "duration": "PT41.751156S", "enqueuedAt": "2021-09-08T08:30:30.550282Z", "startedAt": "2021-09-08T08:30:30.553012Z", "finishedAt": "2021-09-08T08:31:12.304168Z" }], "limit" : 20, "from": 0, "next": null })
+    );
+
+    // finally we're just going to check that we can still get a few documents by id
+    let (document, code) = index.get_document(100, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "id": 100, "title": "Lock, Stock and Two Smoking Barrels", "overview": "A card shark and his unwillingly-enlisted friends need to make a lot of cash quick after losing a sketchy poker match. To do this they decide to pull a heist on a small-time gang who happen to be operating out of the flat next door.", "genres": ["Comedy", "Crime"], "poster": "https://image.tmdb.org/t/p/w500/8kSerJrhrJWKLk1LViesGcnrUPE.jpg", "release_date": 889056000})
+    );
+
+    let (document, code) = index.get_document(500, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "id": 500, "title": "Reservoir Dogs", "overview": "A botched robbery indicates a police informant, and the pressure mounts in the aftermath at a warehouse. Crime begets violence as the survivors -- veteran Mr. White, newcomer Mr. Orange, psychopathic parolee Mr. Blonde, bickering weasel Mr. Pink and Nice Guy Eddie -- unravel.", "genres": ["Crime", "Thriller"], "poster": "https://image.tmdb.org/t/p/w500/AjTtJNumZyUDz33VtMlF1K8JPsE.jpg", "release_date": 715392000})
+    );
+
+    let (document, code) = index.get_document(10006, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "id": 10006, "title": "Wild Seven", "overview": "In this darkly karmic vision of Arizona, a man who breathes nothing but ill will begins a noxious domino effect as quickly as an uncontrollable virus kills. As he exits Arizona State Penn after twenty-one long years, Wilson has only one thing on the brain, leveling the score with career criminal, Mackey Willis.", "genres": ["Action", "Crime", "Drama"], "poster": "https://image.tmdb.org/t/p/w500/y114dTPoqn8k2Txps4P2tI95YCS.jpg", "release_date": 1136073600})
+    );
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn import_dump_v4_movie_with_settings() {
+    let temp = tempfile::tempdir().unwrap();
+
+    let options = Opt {
+        import_dump: Some(GetDump::MoviesWithSettingsV4.path()),
+        ..default_settings(temp.path())
+    };
+    let server = Server::new_with_options(options).await.unwrap();
+
+    let (indexes, code) = server.list_indexes(None, None).await;
+    assert_eq!(code, 200);
+
+    assert_eq!(indexes["results"].as_array().unwrap().len(), 1);
+    assert_eq!(indexes["results"][0]["uid"], json!("indexUID"));
+    assert_eq!(indexes["results"][0]["primaryKey"], json!("id"));
+
+    let index = server.index("indexUID");
+
+    let (stats, code) = index.stats().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        stats,
+        json!({ "numberOfDocuments": 53, "isIndexing": false, "fieldDistribution": {"genres": 53, "id": 53, "overview": 53, "poster": 53, "release_date": 53, "title": 53 }})
+    );
+
+    let (settings, code) = index.settings().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        settings,
+        json!({ "displayedAttributes": ["title", "genres", "overview", "poster", "release_date"], "searchableAttributes": ["title", "overview"], "filterableAttributes": ["genres"], "sortableAttributes": [], "rankingRules": ["words", "typo", "proximity", "attribute", "exactness"], "stopWords": ["of", "the"], "synonyms": {}, "distinctAttribute": null, "typoTolerance": {"enabled": true, "minWordSizeForTypos": { "oneTypo": 5, "twoTypos": 9 }, "disableOnWords": [], "disableOnAttributes": [] }, "faceting": { "maxValuesPerFacet": 100 }, "pagination": { "maxTotalHits": 1000 } })
+    );
+
+    let (tasks, code) = index.list_tasks().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        tasks,
+        json!({ "results": [{ "uid": 1, "indexUid": "indexUID", "status": "succeeded", "type": "settingsUpdate", "details": { "displayedAttributes": ["title", "genres", "overview", "poster", "release_date"], "searchableAttributes": ["title", "overview"], "filterableAttributes": ["genres"], "stopWords": ["of", "the"] }, "duration": "PT37.488777S", "enqueuedAt": "2021-09-08T08:24:02.323444Z", "startedAt": "2021-09-08T08:24:02.324145Z", "finishedAt": "2021-09-08T08:24:39.812922Z" }, { "uid": 0, "indexUid": "indexUID", "status": "succeeded", "type": "documentAdditionOrUpdate", "details": { "receivedDocuments": 0, "indexedDocuments": 31944 }, "duration": "PT39.941318S", "enqueuedAt": "2021-09-08T08:21:14.742672Z", "startedAt": "2021-09-08T08:21:14.750166Z", "finishedAt": "2021-09-08T08:21:54.691484Z" }], "limit": 20, "from": 1, "next": null })
+    );
+
+    // finally we're just going to check that we can still get a few documents by id
+    let (document, code) = index.get_document(100, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "id": 100, "title": "Lock, Stock and Two Smoking Barrels", "genres": ["Comedy", "Crime"], "overview": "A card shark and his unwillingly-enlisted friends need to make a lot of cash quick after losing a sketchy poker match. To do this they decide to pull a heist on a small-time gang who happen to be operating out of the flat next door.", "poster": "https://image.tmdb.org/t/p/w500/8kSerJrhrJWKLk1LViesGcnrUPE.jpg", "release_date": 889056000 })
+    );
+
+    let (document, code) = index.get_document(500, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "id": 500, "title": "Reservoir Dogs", "genres": ["Crime", "Thriller"], "overview": "A botched robbery indicates a police informant, and the pressure mounts in the aftermath at a warehouse. Crime begets violence as the survivors -- veteran Mr. White, newcomer Mr. Orange, psychopathic parolee Mr. Blonde, bickering weasel Mr. Pink and Nice Guy Eddie -- unravel.", "poster": "https://image.tmdb.org/t/p/w500/AjTtJNumZyUDz33VtMlF1K8JPsE.jpg", "release_date": 715392000})
+    );
+
+    let (document, code) = index.get_document(10006, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "id": 10006, "title": "Wild Seven", "genres": ["Action", "Crime", "Drama"], "overview": "In this darkly karmic vision of Arizona, a man who breathes nothing but ill will begins a noxious domino effect as quickly as an uncontrollable virus kills. As he exits Arizona State Penn after twenty-one long years, Wilson has only one thing on the brain, leveling the score with career criminal, Mackey Willis.", "poster": "https://image.tmdb.org/t/p/w500/y114dTPoqn8k2Txps4P2tI95YCS.jpg", "release_date": 1136073600})
+    );
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn import_dump_v4_rubygems_with_settings() {
+    let temp = tempfile::tempdir().unwrap();
+
+    let options = Opt {
+        import_dump: Some(GetDump::RubyGemsWithSettingsV4.path()),
+        ..default_settings(temp.path())
+    };
+    let server = Server::new_with_options(options).await.unwrap();
+
+    let (indexes, code) = server.list_indexes(None, None).await;
+    assert_eq!(code, 200);
+
+    assert_eq!(indexes["results"].as_array().unwrap().len(), 1);
+    assert_eq!(indexes["results"][0]["uid"], json!("rubygems"));
+    assert_eq!(indexes["results"][0]["primaryKey"], json!("id"));
+
+    let index = server.index("rubygems");
+
+    let (stats, code) = index.stats().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        stats,
+        json!({ "numberOfDocuments": 53, "isIndexing": false, "fieldDistribution": {"description": 53, "id": 53, "name": 53, "summary": 53, "total_downloads": 53, "version": 53 }})
+    );
+
+    let (settings, code) = index.settings().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        settings,
+        json!({ "displayedAttributes": ["name", "summary", "description", "version", "total_downloads"], "searchableAttributes": ["name", "summary"], "filterableAttributes": ["version"], "sortableAttributes": [], "rankingRules": ["typo", "words", "fame:desc", "proximity", "attribute", "exactness", "total_downloads:desc"], "stopWords": [], "synonyms": {}, "distinctAttribute": null, "typoTolerance": {"enabled": true, "minWordSizeForTypos": {"oneTypo": 5, "twoTypos": 9}, "disableOnWords": [], "disableOnAttributes": [] }, "faceting": { "maxValuesPerFacet": 100 }, "pagination": { "maxTotalHits": 1000 } })
+    );
+
+    let (tasks, code) = index.list_tasks().await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        tasks["results"][0],
+        json!({ "uid": 92, "indexUid": "rubygems", "status": "succeeded", "type": "documentAdditionOrUpdate", "details": {"receivedDocuments": 0, "indexedDocuments": 1042}, "duration": "PT14.034672S", "enqueuedAt": "2021-09-08T08:40:31.390775Z", "startedAt": "2021-09-08T08:51:39.060642Z", "finishedAt": "2021-09-08T08:51:53.095314Z"})
+    );
+
+    // finally we're just going to check that we can still get a few documents by id
+    let (document, code) = index.get_document(188040, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "name": "meilisearch", "summary": "An easy-to-use ruby client for Meilisearch API", "description": "An easy-to-use ruby client for Meilisearch API. See https://github.com/meilisearch/MeiliSearch", "id": "188040", "version": "0.15.2", "total_downloads": "7465"})
+    );
+
+    let (document, code) = index.get_document(191940, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "name": "doggo", "summary": "RSpec 3 formatter - documentation, with progress indication", "description": "Similar to \"rspec -f d\", but also indicates progress by showing the current test number and total test count on each line.", "id": "191940", "version": "1.1.0", "total_downloads": "9394"})
+    );
+
+    let (document, code) = index.get_document(159227, None).await;
+    assert_eq!(code, 200);
+    assert_eq!(
+        document,
+        json!({ "name": "vortex-of-agony", "summary": "You dont need to use nodejs or go, just install this plugin. It will crash your application at random", "description": "You dont need to use nodejs or go, just install this plugin. It will crash your application at random", "id": "159227", "version": "0.1.0", "total_downloads": "1007"})
+    );
+}
+
+#[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
+async fn import_dump_v5() {
+    let temp = tempfile::tempdir().unwrap();
+
+    let options = Opt {
+        import_dump: Some(GetDump::TestV5.path()),
+        ..default_settings(temp.path())
+    };
+    let mut server = Server::new_auth_with_options(options, temp).await;
+    server.use_api_key("MASTER_KEY");
+
+    let (indexes, code) = server.list_indexes(None, None).await;
+    assert_eq!(code, 200, "{indexes}");
+
+    assert_eq!(indexes["results"].as_array().unwrap().len(), 2);
+    assert_eq!(indexes["results"][0]["uid"], json!("test"));
+    assert_eq!(indexes["results"][1]["uid"], json!("test2"));
+    assert_eq!(indexes["results"][0]["primaryKey"], json!("id"));
+
+    let expected_stats = json!({
+        "numberOfDocuments": 10,
+        "isIndexing": false,
+        "fieldDistribution": {
+            "cast": 10,
+            "director": 10,
+            "genres": 10,
+            "id": 10,
+            "overview": 10,
+            "popularity": 10,
+            "poster_path": 10,
+            "producer": 10,
+            "production_companies": 10,
+            "release_date": 10,
+            "tagline": 10,
+            "title": 10,
+            "vote_average": 10,
+            "vote_count": 10
+        }
+    });
+
+    let index1 = server.index("test");
+    let index2 = server.index("test2");
+
+    let (stats, code) = index1.stats().await;
+    assert_eq!(code, 200);
+    assert_eq!(stats, expected_stats);
+
+    let (docs, code) = index2
+        .get_all_documents(GetAllDocumentsOptions::default())
+        .await;
+    assert_eq!(code, 200);
+    assert_eq!(docs["results"].as_array().unwrap().len(), 10);
+    let (docs, code) = index1
+        .get_all_documents(GetAllDocumentsOptions::default())
+        .await;
+    assert_eq!(code, 200);
+    assert_eq!(docs["results"].as_array().unwrap().len(), 10);
+
+    let (stats, code) = index2.stats().await;
+    assert_eq!(code, 200);
+    assert_eq!(stats, expected_stats);
+
+    let (keys, code) = server.list_api_keys().await;
+    assert_eq!(code, 200);
+    let key = &keys["results"][0];
+
+    assert_eq!(key["name"], "my key");
+}
--- a/meilisearch-http/tests/index/create_index.rs
+++ b/meilisearch-http/tests/index/create_index.rs
@ -7,14 +7,15 @@ async fn create_index_no_primary_key() {
    let index = server.index("test");
    let (response, code) = index.create(None).await;

-    assert_eq!(code, 201);
-    assert_eq!(response["uid"], "test");
-    assert_eq!(response["name"], "test");
-    assert!(response.get("createdAt").is_some());
-    assert!(response.get("updatedAt").is_some());
-    assert_eq!(response["createdAt"], response["updatedAt"]);
-    assert_eq!(response["primaryKey"], Value::Null);
-    assert_eq!(response.as_object().unwrap().len(), 5);
+    assert_eq!(code, 202);
+
+    assert_eq!(response["status"], "enqueued");
+
+    let response = index.wait_task(0).await;
+
+    assert_eq!(response["status"], "succeeded");
+    assert_eq!(response["type"], "indexCreation");
+    assert_eq!(response["details"]["primaryKey"], Value::Null);
 }

 #[actix_rt::test]
@ -23,14 +24,15 @@ async fn create_index_with_primary_key() {
    let index = server.index("test");
    let (response, code) = index.create(Some("primary")).await;

-    assert_eq!(code, 201);
-    assert_eq!(response["uid"], "test");
-    assert_eq!(response["name"], "test");
-    assert!(response.get("createdAt").is_some());
-    assert!(response.get("updatedAt").is_some());
-    //assert_eq!(response["createdAt"], response["updatedAt"]);
-    assert_eq!(response["primaryKey"], "primary");
-    assert_eq!(response.as_object().unwrap().len(), 5);
+    assert_eq!(code, 202);
+
+    assert_eq!(response["status"], "enqueued");
+
+    let response = index.wait_task(0).await;
+
+    assert_eq!(response["status"], "succeeded");
+    assert_eq!(response["type"], "indexCreation");
+    assert_eq!(response["details"]["primaryKey"], "primary");
 }

 #[actix_rt::test]
@ -42,7 +44,7 @@ async fn create_index_with_invalid_primary_key() {
    let (_response, code) = index.add_documents(document, Some("title")).await;
    assert_eq!(code, 202);

-    index.wait_update_id(0).await;
+    index.wait_task(0).await;

    let (response, code) = index.get().await;
    assert_eq!(code, 200);
@ -61,6 +63,10 @@ async fn test_create_multiple_indexes() {
    index2.create(None).await;
    index3.create(None).await;

+    index1.wait_task(0).await;
+    index1.wait_task(1).await;
+    index1.wait_task(2).await;
+
    assert_eq!(index1.get().await.1, 200);
    assert_eq!(index2.get().await.1, 200);
    assert_eq!(index3.get().await.1, 200);
@ -73,9 +79,11 @@ async fn error_create_existing_index() {
    let index = server.index("test");
    let (_, code) = index.create(Some("primary")).await;

-    assert_eq!(code, 201);
+    assert_eq!(code, 202);

-    let (response, code) = index.create(Some("primary")).await;
+    index.create(Some("primary")).await;
+
+    let response = index.wait_task(1).await;

    let expected_response = json!({
        "message": "Index `test` already exists.",
@ -84,19 +92,17 @@ async fn error_create_existing_index() {
        "link":"https://docs.meilisearch.com/errors#index_already_exists"
    });

-    assert_eq!(response, expected_response);
-    assert_eq!(code, 409);
+    assert_eq!(response["error"], expected_response);
 }

 #[actix_rt::test]
-#[ignore] // TODO: Fix in an other PR: uid returned `test%20test%23%21` instead of `test test#!`
 async fn error_create_with_invalid_index_uid() {
    let server = Server::new().await;
    let index = server.index("test test#!");
    let (response, code) = index.create(None).await;

    let expected_response = json!({
-        "message": "`test test#!` is not a valid index uid. Index uid can be an integer or a string containing only alphanumeric characters, hyphens (-) and underscores (_).",
+        "message": "invalid index uid `test test#!`, the uid must be an integer or a string containing only alphanumeric characters a-z A-Z 0-9, hyphens - and underscores _.",
        "code": "invalid_index_uid",
        "type": "invalid_request",
        "link": "https://docs.meilisearch.com/errors#invalid_index_uid"
--- a/meilisearch-http/tests/index/delete_index.rs
+++ b/meilisearch-http/tests/index/delete_index.rs
@ -8,11 +8,17 @@ async fn create_and_delete_index() {
    let index = server.index("test");
    let (_response, code) = index.create(None).await;

-    assert_eq!(code, 201);
+    assert_eq!(code, 202);
+
+    index.wait_task(0).await;
+
+    assert_eq!(index.get().await.1, 200);

    let (_response, code) = index.delete().await;

-    assert_eq!(code, 204);
+    assert_eq!(code, 202);
+
+    index.wait_task(1).await;

    assert_eq!(index.get().await.1, 404);
 }
@ -21,7 +27,9 @@ async fn create_and_delete_index() {
 async fn error_delete_unexisting_index() {
    let server = Server::new().await;
    let index = server.index("test");
-    let (response, code) = index.delete().await;
+    let (_, code) = index.delete().await;
+
+    assert_eq!(code, 202);

    let expected_response = json!({
        "message": "Index `test` not found.",
@ -30,19 +38,29 @@ async fn error_delete_unexisting_index() {
        "link": "https://docs.meilisearch.com/errors#index_not_found"
    });

-    assert_eq!(response, expected_response);
-    assert_eq!(code, 404);
+    let response = index.wait_task(0).await;
+    assert_eq!(response["status"], "failed");
+    assert_eq!(response["error"], expected_response);
 }

 #[actix_rt::test]
+#[cfg_attr(target_os = "windows", ignore)]
 async fn loop_delete_add_documents() {
    let server = Server::new().await;
    let index = server.index("test");
    let documents = json!([{"id": 1, "field1": "hello"}]);
+    let mut tasks = Vec::new();
    for _ in 0..50 {
        let (response, code) = index.add_documents(documents.clone(), None).await;
+        tasks.push(response["taskUid"].as_u64().unwrap());
        assert_eq!(code, 202, "{}", response);
        let (response, code) = index.delete().await;
-        assert_eq!(code, 204, "{}", response);
+        tasks.push(response["taskUid"].as_u64().unwrap());
+        assert_eq!(code, 202, "{}", response);
+    }
+
+    for task in tasks {
+        let response = index.wait_task(task).await;
+        assert_eq!(response["status"], "succeeded", "{}", response);
    }
 }
--- a/Show More
+++ b/Show More