Edit a Group

Members of the Administrators built-in group can edit groups.

As an administrator, once you created a group, you must add members to your group. You typically need to invite only a few people per group, those who should be entitled to perform Coveo Cloud organization management tasks associated with the group.

On the Groups page, grayed-out groups are groups for which you only have the View access level (see Custom Access Level). You cannot edit these groups, but you can click View in the Action bar to review their configuration.

Access the “Edit a Group” Subpage

  1. On the Groups page, click the desired group, and then, in the Action bar, click Edit.

  2. In the Edit a Group subpage, the Configuration tab is shown by default. Other tabs are Members, Privileges, and Access.

“Configuration” Tab

The Configuration tab shows the group name.

Rename a Group

Use role names for group names such as Search Content Managers, Analytics Managers, and Relevance Analysts.

In the Configuration tab, in the Group name box, change the original group name, and then click Save.

“Members” Tab

The Members tab allows you to add members to a group. There are two ways to do so:

Import Members

You can add several members at once to a group by selecting an OpenID domain, single sign-on groups, or Salesforce user profiles. The corresponding users will then be able to log in to your organization.

  1. Log in to the Coveo Cloud platform with a user from the same OpenID domain as the users you want to add.

    Select Log in with Salesforce, when you want to add members from a Salesforce group.

    Similarly, if you want to add users retrieved from a single sign-on (SSO) identity provider, log in using the SSO.

  2. On the Groups page, double-click the group to which you want to add the identity set.

  3. On the Edit a Group subpage, in the Members tab, under Include the following identities, select an OpenID domain, single sign-on groups, or Salesforce user profiles to add to the group.

    • Supported OpenID domains are Google, Salesforce, and Office 365.

    • The SSO provider groups displayed in the Identity set menu are the groups provided in the user.groups attribute of the identity provider assertion. Thus, only SSO provider groups in which your account is included are available; as an administrator, you may therefore want to be a member of all groups. This limitation does not apply when configuring this feature via API calls rather than with the Coveo Console (see SAML Authentication API documentation).

    • SSO provider groups are available in the drop-down menu only once you have:

  4. Click Save.

    Although the users in the identity sets you import into your organization can access Coveo Cloud, they do not appear on the organization member list (see Adding and Managing Members).

Add Specific Members to a Group

You can individually invite people to a group, which is useful when a group should contain only a few users.

  1. Access the “Members” tab.

  2. In the Members tab, under Additional members, click Invite member.

  3. In the Provider drop-down menu:

    • Select the OpenID domain (Google, Salesforce, or Office 365) in which the desired user is defined.

    • Select Single sign-on if the desired user is defined within a SSO identity provider.

    • Select Any listed to let the user choose the supported provider of their choice when they will log in to your organization for the first time.

  4. (When you select Google, Salesforce, or Office 365) In the Username box, enter the user account name for the Provider you select above for the user that you want to add in the group.

  5. (When you select Single sign-on) In the Username box, enter the SSO NameID value that Coveo Cloud should expect from the SSO provider for this user.

  6. (When you select Any listed) In the Email box, enter an email address linked to a valid account in one of the available providers.

    The user will receive an email notification, inviting them to join your Coveo Cloud organization (see Join a Coveo Cloud Organization).

  7. (When you select Google, Salesforce, Office 365, or Single sign-on) When you want the user to receive an email notification:

    1. Enable the Send an email notification toggle button.

    2. For Salesforce and Office 365, since the Username is not necessarily an email address, in the Email box appearing below the toggle, you must enter the user email address to which you want to send the notification.

  8. Click Invite Member.

    The user appears in the Additional Members list with the Invited tag. The user must log in once to platform.cloud.coveo.com/login and authorize Coveo Cloud to use his or her account to become a group and organization member (see Join a Coveo Cloud Organization). The invitation expires after 14 days if the user does not log in.

  9. Click Save.

Delete Members from a Group

  1. Access the “Members” tab.

  2. In the Members tab, click the member you want to remove from the group.

  3. In the Action bar, click Delete.

  4. Next to the Are you sure? confirmation prompt, click Delete.

“Privileges” Tab

The Privileges tab lists privileges granted to the members of the selected group. You can edit this list to grant or revoke privileges.

See Navigating the “Privileges” Tab and Grant Privileges for further information on how this tab is organized and Privilege Reference for an exhaustive list of the abilities associated with each domain and access level.

Coveo also recommends reviewing the rest of the Privilege Management documentation before granting or revoking any privilege.

Grant only the minimal privileges required for members of a group to perform their Coveo Cloud organization tasks (see Determine the Privileges to Grant).

“Access” Tab

The Access tab allows you to determine whether each group in your organization can view or edit the selected group (see Understanding Resource Access).

Grant Access Rights

In the Access tab, use the Access level drop-down menus to determine whether each group or API key allowed to view groups should also be allowed to edit the current group configuration.

Groups for which there is no drop-down menu in the Access Level column are either groups that can edit all groups created in the organization or groups that are not allowed to see groups at all (see Groups Domain). Since these groups’ access level is already determined, you have no decision to make regarding them in the Access tab.

If you remove the Edit access level from all the groups of which you are a member, you will not be able to edit your group once it is saved. Only administrators and members of other groups that have the Edit access level on this group will be able to do so. To keep your ability to edit this group, set the Access level to Edit for at least one of the groups of which you are a member.

Recommended Articles