Safely apply content filtering
Safely apply content filtering
When you configure your Zendesk source, we recommend that you enforce content security in order to ensure that your indexed items are only accessible by the intended users. The Same users and groups as in your content system option replicates the original permission system of your organization, which means that users only see the intended content in Zendesk when obtaining search results from a Coveo index.
However, there may be occasions where you must configure your Zendesk source so that it’s accessible to Everyone. When this occurs, we recommend specific guidelines to ensure that your content is safely filtered. Depending on your integration type, the methods will differ since Zendesk Support and Zendesk Guide use different methods to authenticate requests.
Apply Content Filtering for Zendesk Support
When using the Zendesk Support integration, the
searchhub value corresponding to the search interface is already enforced in the server-side generated JWT token.
Therefore, when the content is available to Everyone, we recommend the following steps to ensure that your content is only accessible by the intended users:
Apply Content Filtering for Zendesk Guide
When using the Zendesk Guide integration, an aspect to take into consideration is that it uses an API key rather than a search token to implement the Coveo search box. Therefore, when the content is available to Everyone, it’s important to limit the scope of the API key in order to ensure that your content is only accessible by the intended users.
We recommend the following steps to safely filter content from your source:
Configure query filters in the query pipeline linked to the corresponding search interface.
This ensures that queries originating from a specific search interface are routed to the appropriate query pipeline.
Configure the API key by enforcing a
searchHubvalue corresponding to the search interface.
Configure Query Filters
Filter rules allow you to enter hidden query expressions to be added to all queries going through a given query pipeline.
They’re typically used to add a field-based expression to the constant query expression (
You apply the
@objectType=="Solution" query filter to the pipeline to which the traffic of your public support portal is directed.
As a result, the
@objectType=="Solution" query expression is added to any query sent via this support portal.
Therefore, if a user types
Speedbit watch wristband in the searchbox, the items returned are those that match these keywords and whose
objectType has the
Items matching these keywords but having a different
objectType value aren’t returned in the user’s search results.
To learn how to configure query pipeline filter rules, see Manage filter rules.
Use the Proper Query Pipeline Routing Mechanism
In this scenario, search requests are authenticated with a search token that contains a
searchHub parameter, and each query pipeline except the default one has a distinct query pipeline condition based on a specific search hub value.
When using this routing mechanism, you ensure that search requests are routed according to the search interface from which they originate.