Administrating MarkLogic Server

Click the Security icon in the left tree menu.

Click the Roles icon.

Click the Create tab. The Role Configuration page appears.

Type in a name for the role in the Role Name field.

[OPTIONAL] Type in a description for the role.

If you want to place the role into the named compartment, enter name of the compartment in the Compartment field. Compartments provide an additional level of organization and control by grouping together related roles. They act as a higher-level container for roles and can be used to define access privileges for a specific set of resources. For example, you may have a compartment called "Finance" that contains roles such as "Finance Manager," "Accountant," and "Auditor."

If a document has any permissions (role/capability pairs) with roles that have a compartment, then the user must have those roles with each of the compartments (regardless of which permission they are in) to perform any of the capabilities.

If the role is to be mapped for external security purposes, enter one or more External Names. See External Security in Securing MarkLogic Server.

Under the Roles section, select the roles from which this role will inherit.

Under the Execute Privileges section, select from the available execute privileges to be associated with the role.

Under the URI privileges section, select from the available URI privileges to be associated with the role.

[OPTIONAL] Create default permissions for this role. Select a role and pair the role with the appropriate capability (read, insert, update). Click more permissions to add more permissions.

[OPTIONAL] Create default collections for this role. Type in the collection URI for each collection you want to add to the role’s default collections. Click more collections to add more collections.

Click OK.