Product DocsMenu

Configuring a Salesforce Security Provider for the Legacy Connector


The Coveo legacy connector needs to resolve mappings between users and groups from your Salesforce environment and Microsoft Active Directory.

Once the security provider is created, you must associate it to the Salesforce source. The security provider is invoked every time a user performs a query and validates with Salesforce if the user performing the query has the right to view each document in the query results. This process can be slow; however it allows individual security permissions for each document instead of having permissions for each object type. Users are required to enter their account information for Salesforce sources in the Search Interface when using this security method.

Note: You can get familiar with how Coveo components deal with permissions on documents both at indexing and query time (see Security) .

To configure a Salesforce security provider for the legacy connector

  1. On the Coveo server, access the Administration Tool (see Opening the Administration Tool).

  2. Select Configuration > Security.

  3. In the Security page, in the navigation panel on the left, click Security Providers.

  4. In the Security Providers page, click Add to create a new security provider.

  5. In the Modify Security Provider page:

    1. Configure the following required parameters:


      Choose a meaningful name to identify the security provider.

      Example: Salesforce Security Provider (Legacy Connector)

      Security Provider Type

      In the drop-down list, select Salesforce (Legacy) (x64).

      Note: CES 7.0.5639– (July 2013) The Salesforce Legacy connector appears in the list as Salesforce (x64).

      User Identity

      In the drop-down list, select the user identity that you created for this source.

    2. Revise the default value for the following parameters that generally do not need to be changed:

      Salesforce Login Url​

      The URL used to login to Salesforce Web services. The default value is​.

      Salesforce API Version​

      The API version of Salesforce Web services to connect to, specified in the ##.# format. The default value is 23.0​.

      Timeout​ Time

      The communication timeout allowed for any request sent to the Salesforce Web services. The default value is 100 seconds. ​

    3. In the Parameters section, in rare cases the Coveo Support could instruct you to click Add Parameters to specify other security provider parameter names and values that could help to troubleshoot security provider issues.

    4. Leave the Allow Complex Identities option cleared as it does not apply to this type of security provider.

    5. Click Apply Changes.

What's Next?

Create you Salesforce source (see Configuring and Indexing a Salesforce Source for the Legacy Connector).

People who viewed this topic also viewed