Allowing Coveo to Access Your Content

This page is relevant when installing Coveo for Microsoft Dynamics 365 in a Microsoft Dynamics 365 8.1 or 8.0 instance only. If you want to install Coveo for Microsoft Dynamics 365 in a Microsoft Dynamics 365 9 or 8.2 instance, see Installing Coveo for Microsoft Dynamics 365.

Coveo needs to access your data to make it searchable. The process of making Microsoft Dynamics 365 data searchable is called indexing, and consists in the following steps:

Microsoft Dynamics 365 CE versus Coveo Cloud

  1. Coveo connects to Microsoft Dynamics 365 and requests content to index.
  2. Microsoft Dynamics 365 provides Coveo with the content to index.
  3. Coveo organizes the content into an index and makes it searchable.

To connect to Microsoft Dynamics 365, Coveo requires the permission to access your data. Coveo creates a security role that defines what it can do. In Microsoft Dynamics 365 8.1 and 8.0 instances, a system administrator must then manually:

  1. Create a system user that Coveo can use to access the content.
  2. Assign the Coveo security role to this system user.

Configuring Coveo to use your own system administrator credentials should work as well, but it is not recommended to do so in production. You should use such a configuration for testing purposes only.

Creating a Non-Interactive System User

As mentioned above, Coveo requires a CRM identity to authenticate to Microsoft Dynamics 365 and properly index your data.

  1. Back to the Security Roles screen, click Security at the top of the window to go back to the Security page.
  2. On the Security page, click Users.
  3. In the Enabled Users screen:

    1. Click New.
    2. In the Add and License Users window, click Add and License Users.
    3. In the Office admin center tab/window, in the Active users page (see About the Office 365 admin center):
      1. Click Add a user.
      2. In the new user panel:
        1. Enter a Display name and a User name (such as Coveo Indexing and coveoindexing respectively).
        2. Under Product licenses, enable your Microsoft Dynamics license.
        3. Click Add.
    4. Go back to the Enabled Users page, and then refresh the page until you see your new user appear. Double-click this user. It should be prefixed with a pound sign (#).
    5. In the full-read user account administration page:
      1. In the action bar, click Approve Email.
      2. In the Approve Primary Email dialog, click OK.
      3. Scroll down the full-read user account administration page to Administration, and under Client Access License (CAL) Information, in Access Mode, choose Non-interactive.
      4. Click Save.
  4. Go back to the Office admin center.
  5. Navigate to Users > Active users.

  6. Click the user you created in step 3.
  7. In the user configuration panel:
    1. In the Product licenses section, on the Microsoft Dynamics license line, click Edit.
    2. In the Product licenses panel:
      1. Disable the Microsoft Dynamics license.
      2. Click Save.
      3. Click Close.
    3. Back in the user configuration panel, click Close.

Assigning a Security Role to the Coveo User

Once you created your non-interactive user, you must assign them the Coveo security role.

  1. In the ribbon, go to Settings > System > Security.
  2. In the Security page, select Users.
  3. In the Enabled Users page, select the full-read account that you created before, and then click Edit.
  4. In the toolbar, click Manage Roles.
  5. In the Manage User Roles window:
    1. Select the Coveo Read-Only security role.
    2. Click OK.

The default Coveo security roles does not include custom entities you may have created. If you want to make custom identities searchable, you must allow Coveo to access them as well (see Allow Coveo to Access Custom Identities).

Allow Coveo to Access Custom Identities

When you install Coveo for Microsoft Dynamics 365, a security role is automatically created to allow Coveo for Microsoft Dynamics 365 to access your Microsoft Dynamics 365 entities. However, this security role does not take the custom entities you may have created into account. So, to make these custom entities searchable, you must allow Coveo to access them as well.

  1. Create a new role with the desired permissions:
    1. Navigate to Settings > Security > Security Roles.
    2. In the Security Roles page, click New.
    3. In the window that opens:
      1. In the Details tab, enter a Role Name.
      2. In the next tabs, click the Read circle corresponding to your custom entities until it is set to the Organization permission level (filled in green).
      3. Click Save and close.
  2. Assign your new security role to Coveo (see Assigning a Security Role to the Coveo User).

What’s Next?

Enable auditing of Microsoft Dynamics 365 entities so that Coveo for Microsoft Dynamics 365 can properly index deleted items (see Enabling Auditing of Dynamics 365 Entities).