Navigate the Privileges tab

This is for:

System Administrator

If you have permission to create or edit member groups, you can access the Privileges tab to manage the privileges granted to a member group.

Privileges tab | Coveo

1

List of services
Coveo consists of several services, which each include several related domains (see Services, Domains, and Access Levels). In the Coveo Administration Console, each section of the navigation menu corresponds to a service.

2

List of domains
Domains in the selected service.

3

Access Level column
Each Access Level dropdown menu contains a list of your access level options. Users with the No access (dash) access level can’t access or use the corresponding features of Coveo.

4

List of resources
When you select the Custom option offered for some domains, a list of the resources in this domain appears, allowing you to select an access level for each source individually.

5

Can Create ability
See Can Create Ability Dependence.

6

Template menu

7

Discard changes button
Clicking this button discards all changes made on a domain.

8

Unsaved changes indicator
You made changes on n domains in the corresponding service. These changes will apply once you click Save.

9

Warning indicator
Your changes are subject to a warning. We encourage you to review the Privilege reference documentation before saving.
Notes

  • When you edit the privileges of a member group, your options may vary. For each domain, the access levels you can grant depend on your own access level and the level that currently applies. See Confirm your options for more information.

  • Although services and domains are organized similarly to the Coveo Administration Console, not all domains affect a single page or resource type. See the Privilege reference page for details on the abilities granted by each access level.

Example

The following example shows the potential effects of varying access levels on the Coveo Administration Console. The access levels assigned to a member group are as follows:

  • The Extensions domain isn’t assigned any access level.

  • The Sources domain is set to View all.

Privileges for domains of the Content service | Coveo

As a result, the Extensions page isn’t visible in the navigation menu for a member of this group.

Navigation bar of resulting Administration Console | Coveo

On the Sources page, members can review source configurations but not edit them. Additionally, the Add Source button is grayed out and unresponsive. When a member hovers over this button, a tooltip appears indicating that the member has insufficient privileges for adding a new source.

Resulting Administration Console Sources page | Coveo

About the Template menu

To quickly and broadly grant privileges to a group, use the Template dropdown menu in the Privileges tab Action bar. Your selection applies to all services.

In other words, when you grant a custom access level configuration, you can save time by selecting the template configuration closest to the access level set you want to grant, and then you can edit its privileges. The Template dropdown menu then indicates: Custom.

Note

If you don’t have all the privileges in the template you select, the missing privileges can’t be applied to the group. To fully apply a template, you must have the same or a higher access level for each domain, as the access levels you can grant depend on your own the access level.

For example, if you have the privilege to view all sources, you can’t grant the Edit all or Custom access levels on the Sources domain to a group. Your only options are View all and No access.

Template menu options

When granting privileges to a group, your options in the Template menu are:

  • Full access, which allows grantees to edit all domains. Full access is typically granted to administrators only.

  • View all, which allows grantees to see all domains of the Administration Console but forbids editing resources or creating new ones. This template can be granted to users who only have monitoring tasks.

  • Minimal access, which only grants the View access level for the Organization domain, so that users can log in to the Coveo Administration Console. You must select an access level for the desired domains to allow grantees to access the corresponding resources.

  • Six templates that correspond to the default privilege set of the built-in groups. However, this option is only available when granting privileges to a group.

Examples

  • You only want the members of a member group to be able to edit sources and fields. You select the Minimal access template, click the Content services in the menu on the left, and then select the Edit access level for Sources and Fields.

  • You want the members of a member group to be able to edit resources of the Usage Analytics, Machine Learning, and Search services, and view the resources of other services. You select the Full access template and then, for the domains of the Content and Organization services, change the access levels from Edit to View.

What’s next?

Learn about granting privileges.