---
title: Add user identities to a search request
slug: '2246'
canonical_url: https://docs.coveo.com/en/2246/
collection: coveo-for-sitecore-v5
source_format: adoc
---
# Add user identities to a search request
> **Legacy feature**
>
> The Coveo Hive Framework is now in maintenance mode and is no longer recommended for new implementations.
> 
> To build new search experiences, use one of Coveo's more modern, lightweight, and responsive libraries.
> To get started, see the [Build search](https://docs.coveo.com/en/2473/) article.

The `getSearchUserIdentities` pipeline allows for additional user identities to pass when performing a search query against the search index.
This feature is especially useful when querying external content as it uses a different security model than Sitecore (Active Directory, SharePoint, Salesforce, etc).

> **Note**
>
> The `getSearchUserIdentities` pipeline gets executed even when you disable the Coveo for Sitecore reverse proxy.

## Adding a Static Identity

The following code sample shows how to add a static identity to a user using the `Coveo.SearchProvider.Rest.Processors.GetSearchUserIdentities.AddIdentity` processor.
Add this code snippet in the `Coveo.SearchProvider.Custom.config` file.

```xml
<getSearchUserIdentities>
    <processor type="Coveo.SearchProvider.Rest.Processors.GetSearchUserIdentities.AddIdentity">
        <identityName><!-- Put the identity name here --></identityName>
        <identityType><!-- Put the identity type here --></identityType>
        <securityProviderName><!-- Put the security provider name here --></securityProviderName>
    </processor>
</getSearchUserIdentities>
```

In `identityName`, you should set the identity name that you want to pass (for example, `sitecore\john.smith` ; `john.smith@local.net`).

In `identityType`, you should set the type of the identity that you want to pass (for example, user ; group).

In `securityProviderName`, you should set the name of the security provider you want to use to handle these identities (for example, `Email Security Provider`).

## Adding a Dynamic Identity

In this example, there's a Sitecore instance that wants to present external content.
This external content consists of files secured with Active Directory;
they're not stored in Sitecore but are already indexed by Coveo.
Different methods exist to achieve this behavior.
The approach presented here is to take an Active Directory account that can access the file and inject it to the Sitecore identities.
In other words, when performing a search query, Sitecore uses two identities: the current Sitecore identity and the Active Directory identity allowed to read the files.
To achieve this task, you have to implement a pipeline processor.
Here is a code sample to do it.

[example.code]
#### **AddSpecificUserIdentity.cs**

[source,c#]
```
using Coveo.Framework.Processor;
using Coveo.Framework.Security;
using Coveo.SearchProvider.Rest.Pipelines;

namespace Tutorials.Lib.GetSearchUserIdentities
{
    /// <summary>
    /// This processor injects an additional user identity at query time.
    /// </summary>
    public class AddSpecificUserIdentity : IProcessor<GetSearchUserIdentitiesArgs>
    {
        /// <summary>
        /// The process method is called when the <b>getSearchUserIdentities</b> pipeline is invoked.
        /// </summary>
        /// <param name="p_Args">The arguments contains the active user and the list of user identities used to perform the search query.</param>
        public void Process(GetSearchUserIdentitiesArgs p_Args)
        {
            // In this case, we have an Active Directory account (PublicContent) that can see
            // every public item. Adding this PublicContent identity at query time will allow
            // the website to present the public items to everybody, regardless of the
            // Sitecore user that's currently in use.
            p_Args.Identities.Add(new Identity {
                Name = "PublicContent",
                SecurityProviderName = "Active Directory",
                Type = IdentityType.User
            });
        }
    }
}
```
#### . Build the code.
In this sample, it generates the `Tutorials.Lib.dll` file.
. Copy the `Tutorials.Lib.dll` file in the website **bin** folder.
. Edit the `Coveo.SearchProvider.Rest.Custom.config` file to register the processor.
Sitecore will then be able to use it.
To do so, add this code under the `getSearchUserIdentities` node.

```xml
 <processor type="Tutorials.Lib.GetSearchUserIdentities.AddSpecificUserIdentity, Tutorials.Lib" />
```

> **Important**
>
> You may have to copy the `getSearchUserIdentities` node from the `Coveo.SearchProvider.Rest.config` file.
> Note that you're discouraged from modifying this file, as it may cause upgrading issues.

. Sitecore can now retrieve the content that's granted to the **PublicContent** user.

> **Note**
>
> To validate which user identities are passed to the search index, you can use the `debug=1` query string parameter when calling the `/coveo/rest` endpoint.
> 
> For example, `\http://<INSTANCE_HOSTNAME>/coveo/rest?debug=1` returns a JSON document containing the `userIdentities` attribute.
> The content of this attribute looks like this.
> 
> ```json
"userIdentities": [
  {
    "name": "extranet\Anonymous",
    "provider": "Sitecore Security Provider",
    "type": "User"
  },{
    "name": "PublicContent",
    "provider": "Active Directory",
    "type": "User"
  }
]
```