---
title: Push source item permissions
slug: obqg0494
canonical_url: https://docs.coveo.com/en/obqg0494/
collection: index-content
source_format: adoc
---
# Push source item permissions
Each secured [item](https://docs.coveo.com/en/210/) must have a [permission model](https://docs.coveo.com/en/225/) which you can define or modify using the `permissions` property when you add or update an item in a secured Push [source](https://docs.coveo.com/en/246/).
The [index](https://docs.coveo.com/en/204/) uses the permission model of an item, along with the currently available information in the [security identity cache](https://docs.coveo.com/en/241/), to evaluate the [effective permissions](https://docs.coveo.com/en/194/) of that item (that is, who can or can't see the item in [query](https://docs.coveo.com/en/231/) results).

The Push API supports two types of permission models to support secured enterprise systems of varying complexity: the simplified permission model and the complete permission model.

The following articles describe each of these permission models in detail:

- [Simplified permission model](https://docs.coveo.com/en/107/)
- [Complete permission model](https://docs.coveo.com/en/25/)