Use Case Assist with secured content

This is for:

In this article

Prerequisites
Configure Case Assist to use a platform token

Coveo Case Assist was designed to use API key authentication, which means that only the content visible to an anonymous user, such as public sources or items, is returned.

However, there are times you may need to display secured content, for example, perhaps your Case Assist implementation is dedicated to internal agents who must access secured items.

For situations where secured content must be accessible through the Case Assist Document Suggestion functionality, you’ll need to use a platform token instead of an API key to authenticate requests. This token, just like a search token, will contain the identity of the current user.

Prerequisites

Complete all the steps outlined in the Coveo Case Assist cookbook.
Ensure you have a working Case Assist deployment.

Configure Case Assist to use a platform token

The code deployed by the Coveo Case Assist cookbook includes two important components: the CaseAssistInterface Lightning Web Component (LWC) and the CaseAssistController Apex class.

`CaseAssistInterface` Lightning Web Component

CaseAssistInterface is an extension of the QuanticCaseAssistInterface component. It changes the Apex class that’s called to use the CaseAssistController in order to generate the token that will be used to authenticate the Case Assist API calls.

`CaseAssistController` Apex class

CaseAssistController is the class that must be modified to use a platform token instead of the default API key.

This class provides the following sample method, which is a reference on how to use an API key for Case Assist.

@AuraEnabled
public static String getHeadlessConfiguration() {
    Map<String, String> headlessConfiguration = new Map<String, String>();
    headlessConfiguration.put('organizationId', 'searchuisamples');
    headlessConfiguration.put(
        'accessToken',
        '<API-KEY>'
    );
    return JSON.serialize(headlessConfiguration);
}

Following this sample method, you’ll see another method which shows you how to use a platform token instead.

The following method will be commented out by default.

@AuraEnabled
public static String getHeadlessConfiguration() {
    Map<String, Object> platformTokenParams = new Map<String, Object>();

    // The platform token needs to request the required privileges to use Case Assist. 
    List<CoveoV2.PlatformToken.TokenPrivilege> privileges = new List<CoveoV2.PlatformToken.TokenPrivilege>();
    // Adding the required privilege to use Case Assist.
    privileges.add(
        new CoveoV2.PlatformToken.TokenPrivilege(
            'CUSTOMER_SERVICE',
            'USE_CASE_ASSIST',
            'ENABLE'
        )
    );
    // Adding the required privilege to log analytics.
    privileges.add(
        new CoveoV2.PlatformToken.TokenPrivilege(
            'USAGE_ANALYTICS',
            'ANALYTICS_DATA',
            'EDIT'
        )
    );
    platformTokenParams.put('privileges', privileges);

    // Generate the platform token by calling the Coveo platform. 
    String platformToken = CoveoV2.Globals.generatePlatformToken(
        platformTokenParams
    );

    // Add additional required information to create the Case Assist endpoint. 
    Map<String, Object> headlessEndpointData = CoveoV2.Globals.getEndpointData();
    Map<String, String> headlessConfiguration = new Map<String, String>();
    headlessConfiguration.put('accessToken', platformToken);
    headlessConfiguration.put(
        'organizationId',
        (String) headlessEndpointData.get('organization')
    );
    return JSON.serialize(headlessConfiguration);
}

	Requests the appropriate privileges to be able to use the Case Assist APIs through token privileges.
	Generates a platform token using `CoveoV2.Globals.generatePlatformToken`, a method that’s part of the Coveo for Salesforce package. This method generates the token with the current user’s identity, as well as the privileges requested in step 1.
	Adds additional data to the returned Headless configuration such as the Coveo `organizationId`, as well as the `platformUrl`. This data is required by the Quantic framework to function properly.

To use the quickview functionality with Document Suggestions, add the EXECUTE_QUERY privilege to the list of privileges as follows:

// Adding the required privileges to use the quickview functionality with Document Suggestions.
privileges.add(
    new CoveoV2.PlatformToken.TokenPrivilege(
        'SEARCH_API',
        'EXECUTE_QUERY',
        'ENABLE'
    )
);

To configure Case Assist to use a platform token

Access the CaseAssistController Apex class, and then perform the following steps:
1. Comment out the sample method that uses an API key.
2. Uncomment the method that uses a platform token.
3. (Optional) To use the quickview functionality with Document Suggestions, add the EXECUTE_QUERY privilege to the list of privileges required by the platform token.
Save the Apex class.

Your Case Assist interface is now configured to use a platform token instead of an API key.