Using REST for Protected Paths
- Last Updated: May 20, 2026
- 1 minute read
- MarkLogic Server
- Version 12.0
- Documentation
The following XML and JSON examples show what is returned from GET (or used as payload to PUT) when using REST for query rolesets.
This example uses a GET with the response payload in XML:
$ curl -GET --anyauth -u admin:admin \
-H "Accept:application/xml,Content-Type:application/xml" \
http://localhost:8002/manage/v2/security/properties
This returns
<security-properties xmlns="http://marklogic.com/manage">
<protected-paths>
<protect-path>
<path-namespaces>
<path-namespace>
<prefix>ml</prefix>
<namespace-uri>marklogic.com</namespace-uri>
</path-namespace>
</path-namespaces>
<path-expression>/ml:foo/ml:bar</path-expression>
<permissions>
<permission>
<role-name>user1</role-name>
<capability>read</capability>
</permission>
</permissions>
</protected-path>
</protect-paths>
</security-properties>
Here is the same example with a JSON response payload:
$ curl -GET --anyauth -u admin:admin \
-H "Accept:application/json,Content-Type:application/json" \
http://localhost:8002/manage/v2/security/properties
This returns
"protected-path": [
{
"path-namespace": [
{
"prefix" : "ml",
"namespace-uri": "marklogic.com"
}
]
"path-expression": "/some/path",
"permissions": [
{
"role-name": "user1",
"capability": "read"
}
]
}
]
}
Note:
-
When
DELETEis used, aforce=true url paramwill force deletion of “in use” protected paths. -
To specify an options element namespace in a JSON REST payload, you will need to define an
options-nskey to set the namespace.