Adding Server-Side Coveo Lightning Component Configuration
You may need to securely inject mandatory filter expressions, additional identities, or analytics groups to the search token used by your Coveo Lightning component. You can add secure server-side configuration to do that using the Advanced Server-Side Configuration panel. Because this configuration is stored server-side and encrypted in the search token, it can’t be accessed, seen, or modified by users or client-side code.
Your Coveo Cloud organization index includes a Salesforce Knowledge source that contains articles for internal and external audiences. You add a server-side mandatory expression to the search token to filter out internal articles from search results showed in the community search to prevent internal articles from showing in the community search results.
Adding a Server-Side Coveo Lightning Component Configuration
Log in to your Salesforce organization using an administrator account.
In Salesforce, set the permissions for the Coveo Lightning Settings object:
- Access the Profiles page.
With Salesforce Lightning With Salesforce Classic Under Administration, select Users > Profiles. Under Administer, select Manage Users > Profiles.
Next to the selected profile, click Edit. On the appropriate users profile(s) who should be able to change the object configuration:
At the object level, grant all permissions by selecting a profile and accessing the Custom Object Permissions section.
At the field level, select the Visible and clear Read-only check boxes for the Configuration and Site Name fields in the Custom Field-Level Security section.
- On the appropriate users profile(s) who will use the Coveo Lightning component, grant only read permissions to the object and its fields.
- Access the Profiles page.
Access the Community Builder.
In the Community Builder, access the page that contains your Coveo Lightning component.
At the top right of the page, select Preview to ensure that you can interact with the Coveo components.
- Open the Advanced Lightning Configuration panel:
With Coveo for Salesforce v3.25+ With Coveo for Salesforce V3 With Coveo for Salesforce V2 In the upper-right corner of the component, click the Edit button.
In the upper-left corner of the component, click the Edit button.
In the lower-right corner of the component, click the arrow button to expand the box; then, click Edit.
Changing options on the Advanced Lightning Configuration page generates a special configuration in the
The object and the field should be accessible (in read-only) by all users of the site.
The object and the field should be writable only by a user with an administrative role in Salesforce.
If the object isn’t configured correctly, there will be an
Unsufficient read access to Coveo Lightning Configuration objecterror page.
In the Advanced Server-Side Configuration panel, specify the information to inject in the search token (see Using the Server-Side Configuration Parameters).
The panel may be above the search interface.
These configurations are saved in a Salesforce custom object (
CoveoLightningSettings__c). This object MUST be properly configured in Salesforce for security reasons.
This means that the object MUST be readable by all the user of the site, and MUST be writable only by administrative users in your Salesforce instance.
Each site in your Salesforce instance can contain a different configuration, and each Coveo component in each site can contain a different configuration.
The Name attribute on the Coveo Lightning component is used to determine which configuration should be applied to which component (see Base Lightning Component - name and Searchbox Lightning Component - name).
For a given site:
If you have no configuration for any Coveo component, then a search token with no special configuration will be sent to the Lightning components
If you have a configuration for a Coveo component (using the name as the key), then a search token will be sent to the corresponding components.
If you have a configuration for at least one Coveo component (using the name as the key), then ALL components on your site must also contain a configuration. This can be the exact same configuration. It must however be explicitly configured for each and every component in your site. Otherwise, any component that aren’t configured will refuse to initialize and will output the following error message:
No configuration for the current Component.
Using the Server-Side Configuration Parameters
You should test your configuration changes to ensure that the Coveo Lightning component behaves as expected.
When using more than one Coveo Lightning component, as soon as one of them has a server-side configuration, you must also create a server-side configuration for each of them.
Coveo Lightning components with no server-side configuration won’t initialize, instead showing the following message:
Unknown page name for current site configuration Access the Configuration page installed with the Coveo package.
In the Query expression box, enter the desired query expression to inject in the search token (see Coveo Cloud Query Syntax Reference). All queries made from this Coveo Lightning component include this filter. This query is included in all queries, and can’t be overridden by client code.
You want to ensure that only the Salesforce Knowledge articles that have an Online status appear in search results by adding the following expression:
In the Coveo Cloud Administration Console, you can use the Content Browser to test your expression performance (see Inspect Search Result Items).
This determines the user identity to be used when a user that isn’t logged in uses Coveo components.
This is especially useful with the Coveo for Salesforce Free edition (deprecated), as a guest user needs to be created in order to enable API usage, else no query can be returned (see Creating a Guest User Profile for Your Community).
You created the
firstname.lastname@example.org guest user profile that you want to use whenever non-connected users interact with the Coveo components.
In the Anonymous User section, you enter the guest user e-mail:
Additional User Identities
In the Additional user identities box, enter one or more identities to inject in the search token. Separate your identities using semicolons. All queries made from this Coveo Lightning component include the specified identities, and its associated search results items for which the specified identities have read permissions.
You can fully specify your identity using the following parameters (see Globals Class):
name: the actual
group) name, as defined in the security provider, typically an email.
The Coveo Lightning component
nameproperty value is used as the key to identify the server-side configuration for each component (see Integrating Coveo Components in a Lightning Community). When using the Coveo Standalone Searchbox (see Including the Standalone Searchbox in Your Community), you must thus ensure that its
nameproperty is the same as its associated search component, so the same settings are applied.
provider: the security provider name, by default
Email Security Provider.
In a Coveo Cloud organization, the identities associated with cloud-based content sources are typically resolved with email addresses, which are used as an internal SSO.
Contact Coveo Support when you need to know the other security provider names available in your Coveo Cloud organization.
You can enter only the name without the key when the default
type are appropriate. Otherwise, specify all parameters with values other than the default.
One of your Coveo Cloud Organization source contains items that are meant to be public and for which the dummy user
email@example.com has access. You want all community users (authenticated or not) to be able to see these items. You enter the
Usage Analytics Group
In the Usage analytics group box, enter one or more usage analytics group names to which you want to associate the current user and inject in the search token. Separate your groups using semicolons (see Group).
You want the analytics of your Coveo component to be sent using the custom group
Sales, for easier classification and searchability in Usage Analytics.
Under Usage Analytics Group, you enter
If you’re a developer and you want meaningful usage analytics group information, you could write custom code to detect if the current user is authenticated or not. If so, you should test if they belong to particular repository groups, and then set the usage analytics group accordingly. In such case, you would need to select Bypass above settings to rather generate the search token from a custom Apex class.
Select the Bypass above settings to rather generate the search token from a custom Apex class only when a developer added custom code to generate a search token. The page will simply not initialize if you select this option and no custom code takes care of generating the search token.
In many cases, you’ll want to have the same configuration for all Coveo Lightning components in your community. You can, however, leave all parameters empty and click Save to create an empty server-side configuration.
For more information on how to fix this issue, see Unknown Page for the Current Site Configuration Error With Coveo Lightning Components.
Bypass Above Settings to Rather Generate the Search Token from a Custom Apex Class
Checking this box bypasses the settings and uses a custom Apex class.
Under the hood, the Advanced Configuration panel uses the generateSearchToken method that a developer can use to dynamically customize and generate the search token. To learn how to generate your own search token, see Generating a Custom Search Token for Lightning Components.