--- title: Ensure that content permissions have been correctly applied slug: mc2g0363 canonical_url: https://docs.coveo.com/en/mc2g0363/ collection: project-guide source_format: adoc --- # Ensure that content permissions have been correctly applied > **Important** > > This guide provides guidelines to analyze, review, and test different aspects of a Coveo-powered implementation. > > It shouldn't be considered an official, definitive guide to testing an implementation before it goes live, but rather a guide showcasing the basic components that Coveo implementations typically include. > > Every Coveo implementation is different and may require custom configuration. > > Therefore, you may notice discrepancies between the components and features listed in this guide and those you're using in your actual implementation. > > If you encounter issues, or have any questions related to this article, contact [Coveo Support](https://connect.coveo.com/s/case/Case/Default) for help. When you create a [source](https://docs.coveo.com/en/246/), the **Same users and groups as in your content system** [content security option](https://docs.coveo.com/en/1779/) lets you [index](https://docs.coveo.com/en/204/) your content's permission system and replicate it in your [search interface](https://docs.coveo.com/en/2741/). As a result, authenticated users only see the [items](https://docs.coveo.com/en/210/) that they're allowed to access, while unauthenticated or anonymous users only see the content that has been specified as public. When you select this option, you should check that the permissions have been applied correctly (that is, that your secured content isn't accessible to unauthenticated and anonymous users). To do so, in the [**Content Browser**](https://platform.cloud.coveo.com/admin/#/orgid/content/browser/) ([platform-ca](https://platform-ca.cloud.coveo.com/admin/#/orgid/content/browser/) | [platform-eu](https://platform-eu.cloud.coveo.com/admin/#/orgid/content/browser/) | [platform-au](https://platform-au.cloud.coveo.com/admin/#/orgid/content/browser/)), select the **Empty** pipeline, and then [impersonate the security identity `\**@\**`](https://docs.coveo.com/en/2053#impersonate-an-identity). This identity represents all users, including unauthenticated or anonymous ones. The Content Browser shouldn't display any item that you don't want to be publicly available.