Cloud V2 for Administrators
- New Features
- Searching With Coveo Cloud
- Administration Console
- Management of Security Identities and Item Permissions
- Coveo Cloud V2 SAML SSO
- Troubleshooting Querying Issues
- IPs to Whitelist
- Coveo Index Items
- Supported File Formats
- Indexing by Reference
- Leverage Multiple Coveo Indexes
- About the Coveo Cloud HIPAA Platform
- About Non-Production Organizations
- GDPR Compliance FAQ
- Security FAQ
- Application Change Control Process
Coveo Cloud V2 Management of Security Identities and Item Permissions
Many enterprise systems are secured, meaning that users must authenticate to access the system and have the appropriate permissions to retrieve a specific item in the system. Each secured enterprise system type has its own permission model, i.e., a set of rules determining who can access an item.
Coveo Cloud can fully respect the permission model of each of its supported content sources, thus ensuring that every search result is returned only to the search users allowed to access it. To achieve this level of protection, Coveo Cloud crawlers extract the permissions associated to each item at the same moment they extract the item data, which ensures that every piece of information is correctly protected.
This series of articles provides an overview of the permission management within Coveo Cloud, as well as a glossary of the most important related terms (see Glossary).
To place the focus on item permission management, all the examples in this series of articles assume that the query made by the search page user matches the title of the desired items.
The identity and permission management articles are divided as follows. Readers are advised to browse these pages in order.
In a basic secured search scenario, a user makes a query using a security identity that has access to an item. The search API then returns the desired item in the search results (see Basic Secured Search).
The articles in this section make use of the following terms (see Documentation Subdivision). Hover over a term to display a short definition or click the term for a complete definition.
- Crawling account
- Effective Permissions
- Granted identity
- Permission level
- Permission model
- Permission set
- Security identity
- Security identity cache
- Security identity provider
- Security identity relationship
- Virtual group
See also the complete Coveo Glossary.