If your site is:
- available to both authorized users and guest users who are likely to have different search patterns/habits (ie: authorized users search based on SKU or a specific model)
- your authorized users have access to (potentially sensitive) records/products that are hidden to guest users
...you may need to implement your Query Suggestions in a way that prevents irrelevant or sensitive data from being displayed to guest users based on previous authorized user searches.
Depending on your specific use case, we would recommend one of the following approaches to addressing this concern:
Use analyticsTags to filter based on user authorization. Although this example describes segmenting by mobile/desktop, the principle would be essentially the same for authorized/unauthorized user segments. You could create a separate query suggestions index for each segment (as described in the previously linked example).
Only display Query Suggestions based on guest user searches. Though the suggestions displayed to authorized users may not be as relevant with one of the other approaches, you could once again use analyticsTags based on user type but the Query Suggestions implementation would be simplified by only displaying the same suggestions for all users. This would ensure that sensitive data contained in authorized user searches would not ever be displayed as a suggestion.
- Split your private and public products into two indices. You could then modify your existing implementation so that guest users are only searching the public product index while the authorized users have access to a multi-index search. You would need to create separate Query Suggestions indices from each product index, which would be reflected in your implementation.