Product DocsMenu

About Administration Roles

In an organization using the Coveo Platform, one or more persons may need to access the Coveo Web tools (Administration Tool, Interface Editor) to configure and manage various aspects of the Coveo solution. The Coveo Platform includes administration roles that allow to securely manage who has access to which features from the Coveo Web tools (see Assigning Users to Administration Roles).

Notes:

  • When a member of an administration role has partial access to the Coveo Administration Tool, the features to which access is restricted (tabs, menus, parameters...) are visible but disabled, appearing shaded.

  • When you add a local Windows administrator account while CES is running, CES does not automatically become aware of the existence of the new account.

    Depending on your CES version, allow access to this new user:

Important: A user having administrator permissions on the Coveo server automatically gets the equivalent of the System Administrator (Limited Access) role. The administration roles apply to web connections to the Coveo Administration Tool and Interface Editor.

Administration Role Feature Comparison

The following tables respectively provide a comparative list of operation and configuration available to each administration role.

Operation Administration roles
System Admin. (Full) System Admin. (Limited) Index Admin. (Full) Index Admin. (Limited) Relevance Analysts Search Interface Designer Usage Analysts Index Browser (Full) Index Browser (Limited)
Change license              
Enable read-only              
Control remote mirrors              
Delete index content              
Delete old logs              
Access Usage Analytics module            
Display top queries            
View query logs            
View system logs              
View index logs          
Rebuild sources          
Refresh/increment sources          
Pause/resume sources          
Refresh/remove documents          
Refresh converter scripts            
Test converters            
Commit current transactions            
Clean GroupBy cache            
Refresh security cache            
Browse index          
Browse index without checking permissions              
Modifications through Web services                
Configuration Administration roles
System Admin. (Full) System Admin. (Limited) Index Admin. (Full) Index Admin. (Limited) Relevance Analysts Search Interface Designer Usage Analysts Index Browser (Full) Index Browser (Limited)
System              
System/transaction update frequency            
System performance cache memory            
System performance mode            
Log              
Mail alert              
Mirrors              
Slices              
Remote indexes              
Administration roles              
Super user tokens              
Search pages to keep hot              
Crawlers/top queries count              
Crawlers/crawling paused              
Crawlers/live history size              
Collections/add            
Collections/remove            
Sources/add            
Sources/remove            
Source/schedule            
Source/filters            
Source/fields            
Source/XML definition            
Source/document type            
Source/Crawler source parameters            
Source/language            
Source/scripts            
Converter scripts            
Converters            
Language hint            
Schedules            
Security providers            
Document types            
Field aliases            
Fields            
XML document definitions            
SharePoint references            
User identities            
Top Results            
Ranking            
Result clustering            
Collaborative ranking            
Thesaurus            
Search interfaces            
Search hubs            
Search data            

Administration Role Short Descriptions

Administration role name format is [Role]([Permissions|Collections]).

When you add a role in the Configuration > Security > Roles > Assign administration roles page, you make a selection in the Roles and Permissions or Collections lists.

Example: When you want to give a user the System Administrator (Full Access) role, you first select System Administrator, and then select Full Access under Index Browser in the Permissions box that appears.

System Administrator (Full Access)

Members of this role have the same access as the System Administrators (Limited Access) role but also full read access to document details for all indexed documents, like for the Index Browsers (Full Access) role. This role is typically assigned to IT persons who need to review details from all indexes documents to be able to troubleshoot Coveo Platform issues.

Important: Members of the System Administrators (Full Access) role can see potentially sensitive information such as document titles, document summaries, metadata values. This role provides Super User-like access but index browser queries made with this role are logged so that they become traceable. Assign this role with care.

System Administrator (Limited Access)

Members of this role have access to all Coveo Web tool features, including read access to index browser document details but only for documents that they normally have access, like for the Index Browsers (Limited Access) role. For other documents, inaccessible to the member, document details are hidden, protecting potentially sensitive information. A number of features are exclusive to this role, including assigning other users to administration roles (see Assigning Users to Administration Roles). This role is typically assigned to IT persons in charge of the Coveo solution.

Relevance Analyst

Members of this role have access to Top Results (for all collections and sources), ranking, clustering, and thesaurus configuration to control how the index content is returned for end-user queries. This role is typically assigned to persons in charge of ensuring search users can easily find documents they are looking for.

Usage Analyst

Members of this role have access to query logs/history and the Usage Analytics module to analyze how the Coveo solution is used. This role is typically assigned to persons in charge of evaluating the adoption of the Coveo solution, such as the project manager or the solution owner.

Important: Usage Analysts gain full access to the Usage Analytics module interface where potentially sensitive information can be exposed as all queries by all users can be viewed. Assign this role with care.

Index Administrator (Full Access)

Members of this role have access to all index operation and configuration for all collections and sources, but do not have access to the index browser. They can change configuration affecting many or all collections and sources. This role is typically assigned to IT persons in charge of the Coveo solution.

Index Administrator (Limited Access)

Members of this role have access to basic index operation and configuration for selected collections and sources. Users member of this role cannot change configuration affecting more than one collection or sources. This role can be assigned to persons in charge of specific indexed repositories to give them access to basic index operation and configuration for the corresponding collections and sources.

Index Browser (Full Access)

Members of this role have access to the index browser with read access to document details for all indexed documents. Access to this information is useful when required to see what documents and metadata are available in the index while attempting to troubleshoot unexpected behavior of the Coveo Platform. This role is typically assigned to IT persons or information managers who need to review details from all indexed documents to be able to troubleshoot Coveo Platform issues.

Important: Members of the Index Browser (Full Access) role can see potentially sensitive information such as document titles, document summaries, metadata values. This role provides Super User-like access but index browser queries made with this role are logged so that they become traceable. Assign this role with care.

Index Browser (Limited Access)

Members of this role have read access to index browser document details but only for documents this user has normally access to. For other documents, inaccessible to the current user, document details are hidden, protecting potentially sensitive information. This role is typically assigned to IT persons or information managers in charge of troubleshooting Coveo Platform issues.

Search Interface Designer

Members of this role have access to the Interface Editor where out-of-the-box search hubs and search interfaces can be customized, as well as new ones created and configured. This role is typically assigned to IT persons in charge of the search interfaces for the Coveo Platform.

People who viewed this topic also viewed