--- title: Safely apply content filtering slug: m3nd7323 canonical_url: https://docs.coveo.com/en/m3nd7323/ collection: coveo-for-zendesk source_format: adoc --- # Safely apply content filtering When you configure your [Zendesk source](https://docs.coveo.com/en/1880/), enforcing content security is vital to ensure that your indexed items are only accessible by the intended users. The [**Same users and groups as in your content system**](https://docs.coveo.com/en/1779/) option replicates the original [permission](https://docs.coveo.com/en/223/) system of your organization, which means that users only see the intended content in Zendesk when obtaining search results from a Coveo [index](https://docs.coveo.com/en/204/). However, there may be occasions where you must configure your Zendesk source so that it's accessible to [**Everyone**](https://docs.coveo.com/en/1779#everyone). When this occurs, following the guidelines in this article ensures that your content is safely filtered. Depending on your [integration type](https://docs.coveo.com/en/3428/), the methods will differ since Zendesk Support and Zendesk Guide use different methods to authenticate requests. ## Apply Content Filtering for Zendesk Support When using the Zendesk Support integration, the `searchhub` value corresponding to the search interface is already enforced in the server-side generated JWT token. Therefore, when the content is available to **Everyone**, follow these steps to ensure that your content is only accessible by the intended users: . [Configure query filters](#configure-query-filters) in the query pipeline linked to the corresponding search interface. . [Use the proper query pipeline routing mechanism](#use-the-proper-query-pipeline-routing-mechanism). This ensures that queries originating from a specific search interface are routed to the appropriate query pipeline. ## Apply Content Filtering for Zendesk Guide When using the Zendesk Guide integration, an aspect to take into consideration is that it uses an [API key rather than a search token](https://docs.coveo.com/en/3428#zendesk-guide-limitation) to implement the Coveo search box. Therefore, when the content is available to **Everyone**, it's important to limit the scope of the API key in order to ensure that your content is only accessible by the intended users. Follow these steps to safely filter content from your source: . [Configure query filters](#configure-query-filters) in the query pipeline linked to the corresponding search interface. . [Use the proper query pipeline routing mechanism](#use-the-proper-query-pipeline-routing-mechanism). This ensures that queries originating from a specific search interface are routed to the appropriate query pipeline. . Configure the API key by enforcing a `searchHub` value corresponding to the search interface. ## Configure query filters [Filter rules](https://docs.coveo.com/en/3410/) allow you to enter hidden [query](https://docs.coveo.com/en/231/) expressions to be added to all queries going through a given [query pipeline](https://docs.coveo.com/en/180/). They're typically used to add a field-based expression to the [constant query expression (`cq`)](https://docs.coveo.com/en/179/). **Example** You apply the `@objectType=="Solution"` query filter to the pipeline to which the traffic of your public support portal is directed. As a result, the `@objectType=="Solution"` query expression is added to any query sent via this support portal. Therefore, if a user types `Speedbit watch wristband` in the searchbox, the items returned are those that match these keywords and whose `objectType` has the `Solution` value. Items matching these keywords but having a different `objectType` value aren't returned in the user's search results. To learn how to configure query pipeline filter rules, see [Manage filter rules](https://docs.coveo.com/en/3410/). ## Use the proper query pipeline routing mechanism The most recommended and flexible [query pipeline routing mechanism](https://docs.coveo.com/en/1666/) is [condition-based routing](https://docs.coveo.com/en/1666#condition-based-routing-recommended). In this scenario, search requests are authenticated with a search token that contains a [`searchHub`](https://docs.coveo.com/en/1075#searchhub-optional) parameter, and each query pipeline except the default one has a distinct [query pipeline condition](https://docs.coveo.com/en/2793/) based on a specific [search hub](https://docs.coveo.com/en/1342/) value. When using this routing mechanism, you ensure that search requests are routed according to the search interface from which they originate.