Enable PII Using QuickStart

Before you begin

You need:

About this task


  1. Edit your entity model definition to mark properties as PII.
    1. Start QuickStart and log in to your MarkLogic server.
    2. Edit the entity model. You might have to expand the card to display the entity descriptor.
    3. In the row of the property to designate as PII, click on the PII column.
      Entity properties that are designated as PII have a padlock icon in their PII column.

When you save a model that includes PII entity properties, QuickStart automatically generates security configuration files from the model. Specifically, it performs the following:
  • Deploys the model descriptor to the FINAL database.
  • Requests MarkLogic to generate a security configuration for the PII properties in the model.
  • Saves the resulting configuration files to your project.
The PII security configuration files are saved in the following locations in your project:
  • Protected paths are stored in PROJECT_DIR/src/main/ml-config/security/protected-paths/.
  • Query rolesets are stored in PROJECT_DIR/src/main/ml-config/security/query-rolesets/.
  1. Run the Gradle task hubDeploy or hubDeployAsDeveloper.


After the configuration files are deployed, only users with the pii-reader role will be able to view PII values in harmonized documents that they are allowed to view.