Coveo Security with Sitecore 9.3 Federated Authentication

I’m in the middle of upgrading an existing 8.1 Sitecore solution to Sitecore 9.3. During the same time, I’m also upgrading to the Coveo up to 5. On my Intranet website, security is applied to ensure that you are a Mathematica employee. When rolling out Federated Authentication, I noticed that my Intranet search results were all empty. I noticed that it was treating me like an unauthenticated user despite being logged in with the proper permissions (Tested via Coveo console). Using the Coveo debugger, I could identify that Coveo was still treating me as the extranet/anonymous user. The problem was that the Coveo site entries were not part of my site map entries within my identityProvidersPerSites.

These sites must be there if using Coveo secure search: 

<site>coveorest</site>
<site>coveoanalytics</site> 

Finally identityProvidersPerSites:

     <identityProvidersPerSites>
        <mapEntry name="MathematicaSites" type="Sitecore.Owin.Authentication.Collections.IdentityProvidersPerSitesMapEntry, Sitecore.Owin.Authentication" resolve="true">
          <sites hint="list">
            <site>intranet</site>
            <site>website</site>
            <site>coveorest</site>
            <site>coveoanalytics</site>
          </sites>
          <identityProviders hint="list:AddIdentityProvider" patch:source="Sitecore.Owin.Authentication.IdentityServer.config">
            <identityProvider id="SitecoreIdentityServer" ref="federatedAuthentication/identityProviders/identityProvider[@id='math_azure_ad']" />
          </identityProviders>
          <externalUserBuilder  type="MPRIntranet.Library.MPR.IntranetUserBuilder, MPRIntranet"  resolve="true">
            <IsPersistentUser>true</IsPersistentUser>
          </externalUserBuilder>
        </mapEntry>
      </identityProvidersPerSites>

Comments