> ## Documentation Index
> Fetch the complete documentation index at: https://doc.lucidworks.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Build a security filter

> Build a security filter using the specified collections and optional connector configuration IDs.



## OpenAPI

````yaml /api-reference/5.9/fusion-api-connectors.json post /security_filter
openapi: 3.0.1
info:
  title: Fusion Connectors Service API
  description: A Lucidworks Fusion microservice for Connectors management.
  contact:
    name: Lucidworks
    url: www.lucidworks.com
    email: support@lucidworks.com
  license:
    name: License of API
    url: https://lucidworks.com/legal/developer-license-agreement/
  version: '5.9'
servers:
  - url: https://{FUSION HOST}/api
    description: Fusion
    variables:
      FUSION HOST:
        default: FUSION_HOST
        description: Your environment host.
  - url: https://{FUSION HOST}/api/apps/{APP_NAME}
    description: Fusion app
    variables:
      FUSION HOST:
        default: FUSION_HOST
        description: Your environment host.
      APP_NAME:
        default: APP_NAME
        description: The name of your Fusion application.
security: []
tags:
  - name: Connector Plugins API
    description: >-
      The Connector Plugins API allows you to list, install, update and
      uninstall connector plugins.
  - name: Connector Plugins Repository API
    description: >-
      The Connector Plugins Repository API gives you access to connector plugins
      from the plugin repository.
  - name: Connector Schema API
    description: >-
      The Connector Schema API provides you with the available configuration
      properties for any connector plugin type.
  - name: Datasource Configuration API
    description: >-
      The Datasource Configuration API allows you to manage datasource
      configurations for both Classic and V2 (SDK) connectors. These are the
      configurations that define settings for crawling a specific repository,
      database, API, or other content source.
  - name: Datasource Configuration V2 API
    description: >-
      The Datasource Configuration V2 API allows you to manage V2 (SDK)
      datasource configurations. These are the configurations that define
      settings for crawling a specific repository, database, API or other
      content source.
  - name: Datasource Jobs API
    description: >-
      The Datasource Jobs API allows you to to list, start or stop, and check
      the status of datasource crawl jobs.
  - name: Connectors Configuration Suggestion API
    description: >-
      The Configuration Suggestion API allows to get suggestion on which
      connector plugin can be used for crawling provided content source.
  - name: Connectors Security Filter API
    description: >-
      The Connectors Security Filters API provides security filter queries
      generated for a specific collection, user and connector type. These filter
      queries are used by the query pipeline to filter out documents returned to
      specific users and group of users depending on their permissions.
externalDocs:
  description: Lucidworks Documentation.
  url: https://doc.lucidworks.com/
paths:
  /security_filter:
    post:
      tags:
        - Connectors Security Filter API
      summary: Build a security filter
      description: >-
        Build a security filter using the specified collections and optional
        connector configuration IDs.
      operationId: getSecurityFilter_1
      parameters:
        - name: collections
          in: query
          required: true
          description: >-
            A list of collection names. Security filters will be built for
            connector configurations linked to these collections.
          schema:
            uniqueItems: true
            type: array
            items:
              type: string
        - name: configIds
          in: query
          required: false
          description: >-
            Optional list of specific connector configuration IDs to build
            filters for. If omitted, filters are built for all configurations.
          schema:
            uniqueItems: true
            type: array
            items:
              type: string
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/Subject'
      responses:
        '200':
          description: Successfully built a security filter.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SecurityFilter'
components:
  schemas:
    Subject:
      type: object
      properties:
        userId:
          type: string
        permissions:
          type: array
          items:
            $ref: '#/components/schemas/GlobPermission'
        roles:
          type: array
          items:
            type: string
        realm:
          $ref: '#/components/schemas/SubjectRealm'
        principal:
          type: string
    SecurityFilter:
      type: object
      properties:
        filter:
          type: string
        nestedClauses:
          type: object
          additionalProperties:
            type: string
    GlobPermission:
      type: object
      properties:
        methods:
          uniqueItems: true
          type: array
          items:
            type: string
            enum:
              - GET
              - POST
              - PUT
              - DELETE
              - HEAD
              - PATCH
              - OPTIONS
        path:
          type: string
        params:
          type: object
          additionalProperties:
            type: array
            items:
              type: string
    SubjectRealm:
      type: object
      properties:
        type:
          type: string
        name:
          type: string
        principal:
          type: string
        data:
          type: object
          additionalProperties:
            type: object

````