Powered by Zoomin Software. For more details please contactZoomin

Secure MarkLogic Server

Table of Contents

Understanding Element Level Security

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
  • Last Updated: May 20, 2026
  • 1 minute read
    • MarkLogic Server
    • Version 12.0
    • Documentation

Elements of a document can be protected from being viewed as part of a query or XPath expression, or from being updated by a user, unless that user has the appropriate role. You specify that an element is part of a protected path by adding the path to the Security database. You also then add the appropriate role to a query roleset, which is also added to the Security database.

Element level security uses query rolesets to determine which elements will appear in query results. If a query roleset does not exist with the associated role that has permissions on the path, the role cannot view the contents of that path.

Note: A user with admin privileges can access documents with protected elements by using fn:doc() to retrieve documents (instead of using a query). To see protected elements as part of query results, however, a user needs the appropriate role(s).

TitleResults for “How to create a CRG?”Also Available inAlert