Adding and Managing Groups

Members of a Coveo organization that have the privilege to view groups (i.e., the View access level on the Groups domain) can see the groups of their organization, while members that have the privilege to edit groups (i.e., the Edit access level on the Groups domain) can modify the privilege set of a group (see Privilege Management and Groups Domain). Changes in the privilege set of a group affect all members of this group.

The purpose of a group is to grant a set of privileges to one or more members of your Coveo Cloud organization. Most privileges give access to a specific administration console main menu page and related API calls (see Privilege Management).

Grant the privilege to edit groups (i.e., the Edit access level on the Groups domain) only to the smallest possible number of people, ideally the authority in your company that manages access rights in corporate systems, to ensure only legitimate members have the power to assign privileges to other members.

Coveo Cloud organizations come with built-in groups, which you can use, duplicate, or edit (see Built-In Groups). You can also create your own groups (see Create a New Group).

Access the “Groups” Page

  1. If not already done, log in to the Coveo Cloud platform as a member of a group with the required privileges to manage groups in the target Coveo Cloud organization.

  2. In the main menu on the left, under Organization, select Groups.

Create a New Group

Create a group when you want to give a specific set of privileges (not offered by any existing group) to one or more Coveo Cloud organization members.

  1. On the Groups page, click Add Group.

    If the Add Group button is grayed and unresponsive, you do not have all of the required privileges to perform this action.

  2. In the Add a Group panel:

    1. In the Configuration tab, in the Group name box, enter the name for your group.

      Use role names for group names such as Search Content Managers, Analytics Managers, and Relevance Analysts.

    2. In the Privileges tab, select a service in the menu on the left, and then, for each privilege, select an Access Level to grant to the group members (see Privilege Management).

      Grant only the minimal privileges required for members of a group to perform their Coveo Cloud organization tasks.

      To quickly and broadly grant privileges, you can use the Preset drop-down menu in the panel Action bar. Your selection applies to all services. Your options are:

      • Full access, which allows grantees to edit all resources. Full access is typically granted to administrators.

      • View all, which allows grantees to see all resources in the administration console but forbids to edit them or create new ones.

      • Minimal access, which only grants the group the View access level for Organization, so that users can log in to the Coveo Cloud administration console (see Organization Domain and Logging in to Coveo Cloud V2). You must then select an access level for the desired domains to allow grantees to access the corresponding resources.

      • Five templates corresponding to the default privileges of the built-in groups (see Built-In Groups).

      • The minimal access level required to allow members of a group to access any Coveo Cloud administration console page is the View access level on the Organization domain in the Organization section.

      • When you grant privileges to a group, your options may vary. For each domain, the access levels you can grant depend on the access level you have yourself (see Confirm Your Options).

      • Depending on the privilege, the View and Edit access levels may not be applicable, i.e., users can only be Allowed or not to access the resource.

      • If you do not have all the privileges in the preset you select, the missing privileges cannot be applied to the group. To fully apply a preset, your user must have the same or a higher access level for each domain, as the access levels you can grant depend on the access level you have yourself (see About the Preset Menu).

      When granting a custom access level configuration, you can save time by selecting the preset configuration closest to the access level set you want to grant, and then editing the desired privileges. The Preset drop-down menu should then indicate: Custom.

      • You want the members of a group to only be able to edit sources and fields. You therefore select the Minimal access preset configuration, select the Content services in the menu on the left, and then select the Edit access level for Sources and Fields.

      • You want the members of a group to be able to edit resources of the Usage Analytics, Machine Learning, and Search services and view the resources of other services. You therefore select the Full access preset configuration and then, for the domains of the Content and Organization services, change the access levels from Edit to View.

    3. In the Access tab, use the Access level drop-down menus to determine whether each group allowed to view groups should also be allowed to edit the current group configuration.

      Groups for which there is no drop-down menu in the Access Level column are either groups that can edit all groups created in the organization or groups that are not allowed to see groups at all (see Groups Domain). Since these groups’ access level is already determined, you have no decision to make regarding them in the Access tab.

      If you remove the Edit access level from all the groups of which you are a member, you will not be able to edit your group once it is saved. Only administrators and members of other groups that have the Edit access level on this group will be able to do so. To keep your ability to edit this group, set the Access level to Edit for at least one of the groups of which you are a member.

    4. Click Add Group.

  3. In your new group, add at least one member:

    1. Back on the Groups page, double-click the group.

      OR

      Click the group, and then in the Action bar, click Edit.

    2. In the Edit a Group: [GroupName] panel, add one or more members (see Edit a Group).

Edit a Group

  1. On the Groups page, double-click the group that you want to modify.

    OR

    Click the desired group, and then in the Action bar, click Edit.

    Grayed-out groups are groups for which you only have the View access level (see Understanding the Custom Access Level). You cannot edit these groups, but you can click View in the Action bar to review their configuration.

  2. Edit the group name, members, privileges, or access (see Edit a Group).

    • If you have the Edit access level on the Groups domain, you can remove yourself from a group, and thus remove your access to the organization, so proceed with caution when managing groups and privileges.

    • Changes are not applied to logged-in members right away. Your changes will be effective the next time these members log in to Coveo Cloud.

    • When you edit the privileges of a group, your options may vary. For each domain, the access levels you can grant depend on the access level you have yourself, as well as the level that was last saved (see Confirm Your Options).

Duplicate a Group

You can only duplicate groups that are granted fewer privileges than yours.

Your group has been granted the four following privileges:

Service Domain Access level
Analytics View all reports Allowed
Organization Activities View
Organization Groups Edit
Organization Organization View

You can therefore duplicate groups that have three or fewer privileges.

  1. On the Groups page, click the group that you want to duplicate.

  2. In the Action bar, click Duplicate.

  3. In the Duplicate a Group: [GroupName] panel, enter a Group name, and then click Duplicate Group.

  4. In the Edit a Group: [GroupName] screen, edit the group privileges or members (see Edit a Group).

Search for a Group

  1. On the Groups page, in the Action bar, click the Filter box.

  2. Enter a name or a number that you want to find.

The filter automatically applies itself as you type.

Delete a Group

You cannot delete the Administrators group.

  1. On the Groups page, click the group you want to remove from your organization.

  2. In the Action bar, click Delete.

  3. Next to the Are you sure? confirmation prompt, click Delete.

Review the Activity Regarding Groups

On the Groups page, in the right section of the page header, click the Activity icon (ac8-icon-clock) (see Review Events Related to Specific Coveo Cloud Administration Console Resources).

If the Activity icon is grayed and unresponsive, you do not have all of the required privileges to perform this action.

Required Privileges

The following table indicates the privileges required to view or edit elements of the Groups page and associated panels (see Privilege Management and Privilege Reference).

Action Service - Domain Required access level
View groups

Organization - Activities

Organization - Groups

Organization - Organization

View
Edit groups

Organization - Activities

Organization - Organization

View

Organization - Groups

Edit