Enable PII Manually


  1. Edit your entity model definition to mark properties as PII.
    1. In your favorite text editor, open your entity model definition.
    2. Under the definitions node, search for the key named pii.
    3. Add the name of the property to be marked as PII. This property must be defined under the properties node.

      For example, the following model snippet defines a Customer entity that contains an address property designated as PII:

         { "info": { ... },
          "definitions": {
            "Customer": {
              "pii" : ["address"],
              "properties": {
                "address": {
                  "datatype": "string",
                  "collation": "http://marklogic.com/collation/codepoint"
  2. To generate and deploy the PII security configuration files, run the Gradle task hubDeploy or hubDeployAsDeveloper.


The PII security configuration files are saved in the following locations in your project:
  • Protected paths are stored in PROJECT_DIR/src/main/ml-config/security/protected-paths/.
  • Query rolesets are stored in PROJECT_DIR/src/main/ml-config/security/query-rolesets/.

After the configuration files are deployed, only users with the pii-reader role will be able to view PII values in harmonized documents that they are allowed to view.