Managing Document Access & Permissions for Content Sourcesedit

The following guide applies to first-party content sources. For more information on Custom Sources, visit the Document permissions for Custom Sources guide.

Workplace Search is designed to provide a tailored search experience to every user for best-in-class relevance and privacy. Every user on the platform has a unique perspective on the content they collaborate on and consume over time. By creating a personalized view into the sources and documents that support their daily tasks, Workplace Search creates an engaging and sticky knowledge platform for contributors from all horizons.

There are many strategies that can be used to ensure relevance, security, and privacy at scale. This guide provides all the necessary pointers to help you make the best use of all access features, based on your organization’s needs.


Organizational Sources and Private Sourcesedit

Content sources represent one of the atomic units of Workplace Search. A content source is a repository of information made accessible to a user or collection of users, based on a number of parameters.

To better understand the hierarchy of access, let’s break down the three sharing levels:

  1. Organizational source, all users: also known as shared sources, connected by an administrative user of Workplace Search, usually with an account with access limited to globally available information or documents.
  2. Organizational source, specific groups: also known as shared sources, connected by an administrative user of Workplace Search, usually with an account with access limited to information or documents generally available to members of a group, like an engineering or marketing team.
  3. Private source: connected by a user, with personal credentials to the content source. The source must first be configured by an administrative user, and then it can be connected by an individual user. Afterwards, the content is available to the connecting user exclusively.

Organizational sources are always connected by Workplace Search administrative users. The account credentials used to connect the source can be one of two types:

  1. A standard user of the platform being connected, with restricted access to certain documents — in general mapping exactly with the group structure at the Workplace Search level.
  2. A superadmin user of the platform with access to document-level permission information for the source being synchronized.

When using a standard user, all documents accessible to the user will be synchronized and be made available to the organization’s users, or group’s users. Documents are immediately available for search.

When a superadmin user is used to connect a source that supports document-level access synchronization, all documents found on the platform are indexed, along with access information for each file, record, and document. For documents to be searchable, permission information mapping must be provided via the External Identities API reference. Not all content platforms offer superadmin user privileges.

Refer to Content sources guides to learn more on each connector’s ability to extract and synchronize document-level access information.


Which strategy should I choose?edit

Perhaps the most effective way to understand the various strategies is to look at some practical examples.

Organization-Wide Intranetedit

If your organization uses a platform like Confluence to power internal knowledge sharing via an Intranet-style portal, you could choose to create a user with access limited to all global spaces and articles, which should represent most of the information available on the platform. Concretely, this means using the Confluence integration provided with Workplace Search, with document permission synchronization turned off, and access granted via a workplace-search-global-confluence@acme.co standard user. All information available will be made searchable as is to all users of the Workplace Search platform.

Team-Wide Legal Document Repositoryedit

Perhaps your Legal team uses OneDrive as a way to store and collaborate on all contracts created for your organization. You may deem the content to be a little too sensitive for your Accounting and Engineering teams. You may choose to connect the source as a group-specific source, with a workplace-search-legal-team@acme.co standard user created at the OneDrive level, with document permission synchronization turned off.

High-Traffic Productivity Suiteedit

Some content repositories are both personal and team-driven by nature. For example, Google Drive often encompasses a mix of globally available content via Team Drives, group-level items via shared documents, and personal documents, like Google Docs and Sheets used on a daily basis. For cases like this one, a superadmin account can be used to connect the source, with document permission synchronization enabled. This way, all documents found for every user of the source will be extracted along with the associated access data.


Synchronizing document-level permission informationedit

First-party content sourcesedit

Document permission synchronization can be enabled for sources when connecting an instance to Workplace Search (support may vary). When selected, document access information must be explicitly mapped to user values as they appear on the Workplace Search platform.

Using the External Identities API reference, you may provide the external source_user_id and link it to its associated Workplace Search user:

{
	"source_user_id": "john.doe@example.com",
	"user": "john.doe"
}

Document-level permissions are not supported with SAML-enabled Workplace Search deployments.

Custom Sourcesedit

Custom Sources allow you to ingest document access information using the _allow_permissions and _deny_permissions fields. For more information, refer to Custom API sources guide.


Enabling Private Sourcesedit

Privates sources are easily enabled from the Security area in the Workplace Search administrative dashboard. Once enabled, users of the platform will be allowed to connect any configured source with their own credentials. Learn more about Configuring First-Party Content Sources.

An individual synchronization process will be created, and automatically run at a set interval, similar to Organizational Sources. Every new Private Source creates a new copy of the content in the search index, which can only be accessed by the user who created the Private Source.


Further Readingedit