---
title: Query security basics
slug: '127'
canonical_url: https://docs.coveo.com/en/127/
collection: build-a-search-ui
source_format: adoc
---
# Query security basics
[indexes](https://docs.coveo.com/en/204/) in the [Coveo Platform](https://docs.coveo.com/en/186/) support [item](https://docs.coveo.com/en/210/)-level security, which means that their [users](https://docs.coveo.com/en/250/) can only access the content that they're allowed to see.
Internally, the [index](https://docs.coveo.com/en/204/) removes confidential [items](https://docs.coveo.com/en/210/) from result sets using information retrieved by [connectors](https://docs.coveo.com/en/2734/) during the [indexing](https://docs.coveo.com/en/204/) process.
The processes of live [indexing](https://docs.coveo.com/en/204/) and incremental [refresh](https://docs.coveo.com/en/2710/) keep this information up to date.

Each time a [query](https://docs.coveo.com/en/231/) is executed, the [Coveo Platform](https://docs.coveo.com/en/186/) associates this [query](https://docs.coveo.com/en/231/) to a unique email address.
Internally, the [Coveo Platform](https://docs.coveo.com/en/186/) maps this email address to [users](https://docs.coveo.com/en/250/) from different [indexed](https://docs.coveo.com/en/204/) systems, such as a Salesforce user or a Dropbox account, which makes it possible to search securely across many content repositories using a single [security identity](https://docs.coveo.com/en/240/) and [search interface](https://docs.coveo.com/en/2741/).

## What's next?

* The [Coveo Platform](https://docs.coveo.com/en/186/) provides several different [authentication methods](https://docs.coveo.com/en/102/).

* Learn more about [managing security identities and item permissions](https://docs.coveo.com/en/1719/).