Add a Google Drive for Work source | Coveo Platform

"Configuration" tab

In the Add a Google Drive for Work Source panel, the Configuration tab is selected by default. It contains your source’s general and authentication information, as well as other parameters.

General information

Source name

Enter a name for your source.

Optical character recognition (OCR)

If you want Coveo to extract text from image files or PDF files containing images, enable the appropriate option.

The extracted text is processed as item data, meaning that it’s fully searchable and will appear in the item Quick view . See Enable optical character recognition for details on this feature.

"Users to include" section

Choose All to index the Google Drive content of all your domain users. If you want to index the content of specific users, select Specific and enter their email addresses.

By default, the Google Drive source only indexes a user’s My Drive content. However, you can configure the source to index content from the user’s Shared drives as well, or exclusively from the Shared drives .

After saving your changes in the Add a Google Drive for Work Source panel, see how to index content of shared drives .

"Additional content to include" section

Trashed items

Check this box to index the items in the trash folder.

Custom properties

Check this box to include custom properties that Google applications or your custom applications added on items.

Including custom properties significantly increases communication traffic between the source and the Google Drive. This, in turn, significantly increases indexing time.

"Content security" tab

Select who will be able to access the source items through a Coveo-powered search interface . For details on this parameter, see Content security .

If your source uses the Same users and groups as in your content system content security option, see the Link Sharing and the "Same Users and Groups as in Your Content System" Content Security Option section for information on how a Google Drive file’s link-sharing options affect who can access the corresponding file in a Coveo-powered search interface.

"Access" tab

In the Access tab, set whether each group (and API key, if applicable) in your Coveo organization can view or edit the current source.

For example, when creating a new source, you could decide that members of Group A can edit its configuration while Group B can only view it.

See Custom access level for more information.

Completion

Finish adding or editing your source:

When you want to save your source configuration changes without starting a build/rebuild, such as when you know you want to do other changes soon, click Add source / Save .

When you’re done editing the source and want to make changes effective, click Add and build source / Save and rebuild source .

Back on the Sources ( platform-ca | platform-eu | platform-au ) page, you can follow the progress of your source addition or modification.

Once the source is built or rebuilt, you can review its content in the Content Browser .

On the Sources ( platform-ca | platform-eu | platform-au ) page, click your source, and then click More > View and map metadata in the Action bar.

If you want to use a currently not indexed metadata in a facet or result template, map it to a field.

Click the metadata and then, at the top right, click Add to Index .

In the Apply a mapping on all item types of a source panel, select the field you want to map the metadata to, or add a new field if none of the existing fields are appropriate.

Depending on the source type you use, you may be able to extract additional metadata from your content. You can then map that metadata to a field, just like you did for the default metadata.

More on custom metadata extraction and indexing

Some source types let you define rules to extract metadata beyond the default metadata Coveo discovers during the initial source build.

For example:

GraphQL API

In the JSON configuration ( REST API | GraphQL API ) of the source, define metadata names ( REST API | GraphQL API ) and specify where to locate the metadata values in the JSON API response Coveo receives.

Database

Add <CustomField> elements in the XML configuration. Each element defines a metadata name and the database field to use to populate the metadata with.

Configure web scraping configurations that contain metadata extraction rules using CSS or XPath selectors.

Extract metadata from JSON-LD <script> tags .

Configure web scraping configurations that contain metadata extraction rules using CSS or XPath selectors.

Extract JSON-LD <script> tag metadata.

Extract <meta> tag content using the IndexHtmlMetadata JSON parameter .

Some source types automatically map metadata to default or user created fields, making the mapping process unnecessary. Some source types automatically create mappings and fields for you when you configure metadata extraction.

See your source type documentation for more details.

When you’re done reviewing and mapping metadata, return to the Sources ( platform-ca | platform-eu | platform-au ) page.

To reindex your source with your new mappings, click Launch rebuild in the source Status column.

Once the source is rebuilt, you can review its content in the Content Browser .

On the Sources ( platform-ca | platform-eu | platform-au ) page, click the Google Drive for Work source, and then click More > Edit configuration with JSON .

In the Edit configuration with JSON panel, set the IndexUserDrives and IndexSharedDrives to true or false , depending on your requirements.

For maximum control over indexed content and source ease of management, consider creating a dedicated user account and indexing the handpicked drives you share with this account .

If your source has the Same users and groups as in your content system content security option enabled, a user sees a Google Drive file in their Coveo search results only if the user is authorized to access the file based on the file’s link-sharing setting in Google Drive. In other words, if the file is shared with the user in Google Drive, the user will see the file in their Coveo search results.

Depending on a Google Drive file’s link-sharing settings, access is either:

When you set the link-sharing options for a folder in Google Drive, all files in the folder automatically inherit the folder’s link-sharing settings. This means that if you set the link-sharing options for a specific file, and then set the options for the file’s folder, the file’s link-sharing settings change to match its folder settings.

Restrict access to searchable content only

If the link-sharing options for a Google Drive file is set to allow access to everyone in your organization, you can use the OnlyIndexFilesSharedToDomainAndSearchable source parameter in conjunction with the People in [organization] can search for this file link setting in Google Drive to index the file only if it’s set as searchable in Google Drive. You can use this parameter, for instance, if you want to exclude a file from Coveo search results but make the file accessible in Google Drive.

By default, the OnlyIndexFilesSharedToDomainAndSearchable parameter value is set to false , which means that all shared files are indexed and appear in Coveo search results for everyone in your organization. To restrict file access in Coveo search results only to files that are set as searchable in Google Drive:

On the Sources ( platform-ca | platform-eu | platform-au ) page, click the Google Drive for Work source, and then click More > Edit configuration with JSON in the Action bar.

In the Edit configuration with JSON panel, set the OnlyIndexFilesSharedToDomainAndSearchable parameter value to true .

Click Save or Save and Rebuild .

The best way to ensure that your indexed content is seen only by the intended users is to enforce content security by selecting the Same users and groups as in your content system option. Should this option be unavailable, select Specific users and groups instead.

However, if you need to configure your source so that the indexed source content is accessible to Everyone , you should adhere to the following leading practices. These practices ensure that your source content is safely filtered and only accessible by the appropriate users:

Configure query filters : Apply filter rules on a query pipeline to filter the source content that appears in search results when a query goes through that pipeline.

Use condition-based query pipeline routing : Apply a condition on a query pipeline to make sure that every query originating from a specific search hub is routed to the right query pipeline.

Configure the search token : Authenticate user queries via a search token that’s generated server side that enforces a specific search hub.

Following the above leading practices results in a workflow whereby the user query is authenticated server side via a search token that enforces the search hub from which the query originates. Therefore, the query can’t be modified by users or client-side code. The query then passes through a specific query pipeline based on a search hub condition, and the query results are filtered using the filter rules.

Configure query filters

Filter rules allow you to enter hidden query expressions to be added to all queries going through a given query pipeline . They’re typically used to add a field-based expression to the constant query expression ( cq ) .

Example

You apply the @objectType=="Solution" query filter to the pipeline to which the traffic of your public support portal is directed. As a result, the @objectType=="Solution" query expression is added to any query sent via this support portal.

Therefore, if a user types Speedbit watch wristband in the search box, the items returned are those that match these keywords and whose objectType has the Solution value. Items matching these keywords but having a different objectType value aren’t returned in the user’s search results.

Use condition-based query pipeline routing

The most recommended and flexible query pipeline routing mechanism is condition-based routing .

When using this routing mechanism, you ensure that search requests are routed to a specific query pipeline according to the search interface from which they originate, and the authentication is done server side.

To accomplish this:

Apply a condition to a query pipeline based on a search hub value , such as Search Hub is Community Search or Search Hub is Agent Panel . This condition ensures that all queries that originate from a specific search hub go through that query pipeline.

Authenticate user queries via a search token that’s generated server side and that contains the search hub parameter that you specified in the query pipeline.

Configure the search token

When using query filters to secure content, the safest way to enforce content security is to authenticate user queries using a search token that’s generated server side. For instance, when using this approach, you can enforce a search hub value in the search token. This makes every authenticated request that originates from a component use the specified search hub, and therefore be routed to the proper query pipeline. Because this configuration is stored server side and encrypted in the search token, it can’t be modified by users or client-side code.

Implementing search token authentication requires you to add server side logic to your web site or application. Therefore, the actual implementation details will vary from one project to another.

The following procedure provides general guidelines:

Call a service exposed through Coveo to request a search token for the authenticated user.

Specify the userIDs for the search token, and enforce a searchHub parameter in the search token.

You can assign privileges to allow access to specific tools in the Coveo Administration Console . The following table indicates the privileges required to view or edit elements of the Sources ( platform-ca | platform-eu | platform-au ) page and associated panels. See Manage privileges and Privilege reference for more information.

The Edit all privilege isn’t required to create sources. When granting privileges for the Sources domain, you can grant a group or API key the View all or Custom access level, instead of Edit all , and then select the Can Create checkbox to allow users to create sources. See Can Create ability dependence for more information.

View sources, view source update schedules, and subscribe to source notifications

Content

Fields

Sources

Organization

Edit sources, edit source update schedules, and view the View and map metadata subpage

Content

Fields

Sources

Content

Source metadata

Organization

1 . By default, the Google Drive for Work source indexes files of the My Drive folder for each user, but you can configure the source to index files only for specific users. You can also choose to index files in users' Shared Drives . Shared items are indexed with the associated permissions, so that whoever is authorized to see the items can find them in Coveo search results. 2 . The comments and replies are indexed in the


   coveo.comments

and


   coveo.comments.authors

metadata of their parent item rather than as separate items. This way, users can search for the content of a comment or reply and find the parent item. Need help with our product? Please open a support case for expert assistance. Use this feedback option to comment on the article only. Need help with our product? Please open a support case for expert assistance. Use this feedback option to comment on the article only.

"Configuration" tab

General information

Source name

Optical character recognition (OCR)

"Users to include" section

"Additional content to include" section

Trashed items

Custom properties

"Content security" tab

"Access" tab

Completion

Link sharing and the "Same users and groups as in your content system" content security option

Restrict access to searchable content only

Configure query filters

Use condition-based query pipeline routing

Configure the search token