Browse security identities

The Browse Security Identities subpage lets you review the security identities managed by a security identity provider. For details on how Coveo leverages the security data in sources that index the repository access permissions, see Coveo management of security identities and item permissions.

Along with each identity, the subpage displays information relevant for troubleshooting purposes: its type, current state, as well as the date and result of its last update.

Note

After you delete users or groups from a security provider, these identities still appear on the Browse Security Identities subpage. Their displayed state is then Disabled (see Identity State).

Alternatively, when encountering access issues with a specific item or user, you can go to the Content Browser (platform-ca | platform-eu | platform-au) to inspect the security identities at play.

Access the "Browse Security Identities" subpage

On the Security Identities (platform-ca | platform-eu | platform-au) page, click the desired security identity provider, and then click Browse identities in the Action bar.

Filter identities

When browsing the identities of a security provider, you might need to filter out some identities to find what you’re looking for.

For instance, when investigating content access issues where users don’t see the content they expect in your search interface, you may want to look at identities refreshed within the last week and for which the process resulted in an error.

On the Browse Security Identities page of your security provider, click filter.

To narrow down your search, choose one of the following modes:

  • Filter by name and/or identity type (user, group, or virtual group).

  • Filter by state (that is, whether it’s been refreshed recently) and/or by date of last update.

Tip
Tips

When searching by name:

  • Select "Name starts with" to get results more quickly, especially if your organization contains a large number of identities.

  • Selecting an identity type can also speed up the search process.

Browse the relationships of an identity

security identity relationships are crucial when evaluating effective permissions, as they allow the index to resolve granted identities, groups, virtual groups, and individual user entities. When troubleshooting permission issues with an identity, it may be useful to review its parent and child relationships.

To browse the relationships of an identity, on the Browse Security Identities subpage, select the desired identity, and then, in the Action bar, click Browse relationships. On the identity’s subpage, the Direct parents, All parents, Direct children, and All children tabs display its relationships. The "Direct" tabs show the immediate parents and children of the selected identity, while the "All" tabs show all parents and children of the selected identity, direct and indirect.

See Child/Parent relationship for details on child/parent relationships between identities.

Search as an identity

You can impersonate an identity and open the Content Browser (platform-ca | platform-eu | platform-au) to view the content this identity is allowed to see. See Inspect items with the Content Browser for details. This is especially useful when troubleshooting permission issues.

To search as an identity, on the Browse Security Identities subpage, select the desired identity, and then, in the Action bar, click Search as.

You’re then redirected to the Content Browser. At the top of the page, a ribbon reads: Searching as [Identity Type] [Identity Name]. On the right side, click X to stop searching as the selected identity and display the entire organization content.

Refresh an identity

Ensure however that the desired security identity is also automatically updated following a scheduled update. See Configure security identity refresh schedules for more information.

Manually refresh a specific security identity

On the Browse Security Identities subpage, select the desired identity, and then, in the Action bar, click Refresh now. The Activity panel showcases details regarding the update process.

A manual refresh of a specific security identity is useful for when you encounter issues with a specific identity. See Security identity state reference for details. You can also perform a manual refresh to ensure that important security identity changes made in a system are taken into account in your searchable content.

Refresh all security identities

You can refresh all securities identities at once by clicking Refresh now on the Security Identities (platform-ca | platform-eu | platform-au) page.

This is useful when you know important security identity changes were made in several systems and want to ensure that they’re now taken into account in your searchable content.

Configure security identity refresh schedules

You can configure refresh schedules for a security identity provider on the Security Identities (platform-ca | platform-eu | platform-au) page. The security identities in this provider are then updated automatically on a regular basis, and may only require a manually triggered refresh when in error.

  1. On the Security Identities (platform-ca | platform-eu | platform-au) page, click the desired security provider, and then in the More menu, select Schedule automatic operations.

  2. In the Edit Provider Schedules panel, select the appropriate recurrence and time of day you want each identity to be refreshed.

  3. Click Save. Changes are effective immediately.