Source Content Access Options
Defining who will access the source determines the view permissions attached to each item of a source, and consequently, who can see each source item in search results.
The content access options listed in this topic are currently only available for Salesforce sources.
Selecting the appropriate access option for a given source is crucial to ensure that, when returning search results, Coveo Cloud returns only source items that a given user is authorized to see directly in the original system.
Users Following System Permissions
Anonymous or authenticated users contained in the source security identity provider only see search results for items to which they have access within the original system.
The Users following system permissions option is the equivalent of selecting Secured in the Security parameter of source configuration panels.
You can use an existing security identity provider (when the provider contains the same identities — e.g., email addresses — as the source system) to determine allowed and denied identities on source items instead of creating a new provider (see Security - Tab).
In a Salesforce agent console, customer support agents cannot see Salesforce sales opportunities. Since they do not have the required permission in Salesforce, they do not see opportunities in the search results of a Coveo search interface.
Select Users following system permissions whenever this option is available.
The Users following system permissions option is available when the system being made searchable is secured (meaning users must authenticate themselves to gain access to its content) and when Coveo Cloud can extract permissions from the system for each item. Depending on permissions granted within the system, each user can access a distinct set of items. A secured system can also include public content, meaning it is accessible to anonymous users.
All users, anonymous or authenticated, can search the whole content of a shared source that is part of the scope of a search interface to which they have access.
The option is the equivalent of selecting Shared in the Security parameter of source configuration panels.
Before building a source with the Everyone access option, make sure that all the content visible using the supplied source credentials may be disclosed to all search users.
Your Salesforce organization has a knowledge base containing only public articles, so you create a Salesforce source shared to everyone.
Only the specified identities (users and groups) can see this source content in search results.
The option is the equivalent of selecting Private in the Security parameter of source configuration panels.
You can specify more than one identity who can see source items in search results (see Security - Tab).
When a member who created private sources is excluded from the organization:
The sources that the member created remain in the organization.
If the member is the only specified identity on a private source they created, nobody can view its content in search results, because a search token will no longer be generated for them.
A person in your Coveo Cloud organization is a member of your organization through both Google and Salesforce security identity providers that contains the same corporate emails. The member creates a source private to only his work team while being logged in with his corporate Google account.
In a Coveo search interface, the team members can see results from the private source only when they are authenticated with either of their Google or Salesforce accounts. This is because the Coveo Cloud resolves identities to emails through its internal single sign-on system.
Once a private source is created, any other Coveo organization member granted the privilege to edit sources can change the source configuration to become the only identity for whom this source content is private.