Default configurations
- Last Updated: May 12, 2026
- 3 minute read
- Progress Data Cloud
- Documentation
Note:
For users with the MarkLogic Administrator role.
Progress Data Cloud provides full access to all MarkLogic Server Service functionality. To maintain the integration between a MarkLogic Server Service and the Progress Data Cloud Interface, you must preserve these configurations. If you need to change any of the items on this list, coordinate with the Progress Data Cloud Operations Team.
Preserve the license and licensee
If the Progress Data Cloud Operations Team has applied your license and licensee, then do not change it yourself.
Preserve the default MarkLogic Server Service Group
The Progress Data Cloud Operations Team uses the Default group to update your infrastructure.
Do not add new groups
If you add a new group to your MarkLogic Server Service cluster, then it will not be preserved if you restart MarkLogic Server Service.
Preserve certain ports and app server configurations
| Port | app server name | Purpose |
|---|---|---|
| 8000 | App-Services | Used by Progress Data Cloud Operations Team to update your infrastructure. |
| 8001 | Admin | Used by Progress Data Cloud Operations Team to update your infrastructure. |
| 8002 | Manage | Used by Progress Data Cloud Operations Team to update your infrastructure. |
| 8880 | AppServicesCloud | Allows Progress Data Cloud to access MarkLogic Server Service app server services. |
| 8881 | AdminCloud | Allows Progress Data Cloud to access the MarkLogic Server Service Admin Interface and API. |
| 8882 | Manage Cloud | Allows Progress Data Cloud to access the MarkLogic Server Service "manage" services of MarkLogic Server Service. |
Preserve the admin MarkLogic Server Service user
Progress Data Cloud uses the admin user for platform maintenance. Do not change anything about the user admin--including the preconfigured password.
Preserve certain roles
MarkLogic Server Service roles can be created, edited, and deleted. Custom roles created by Progress Data Cloud can be edited and deleted.
However, do not delete or modify these MarkLogic Server Service roles or create MarkLogic Server Service roles with these names:
| MarkLogic Server Service | Data Hub Framework Configuration | Data Hub Central Service |
|---|---|---|
| cloud-administrator | cloud-data-hub-admin | cloud-hub-central-curator |
| cloud-developer | cloud-data-hub-developer | cloud-hub-central-developer |
| cloud-monitor | cloud-data-hub-monitor | cloud-hub-central-explorer |
| cloud-pii-reader | cloud-data-hub-operator | cloud-hub-central-modeler |
| cloud-security-administrator | cloud-data-hub-security-admin | cloud-hub-central-operator |
Additionally, those roles have external names configured within MarkLogic Server Service. These external names map the corresponding Progress Data Cloud roles into the corresponding MarkLogic Server Service roles. These are the external names being used in tandem with the ML_CLOUD_TOKEN external security:
| MarkLogic Server Service | Data Hub Framework Configuration | Data Hub Central Service |
|---|---|---|
| CloudAdministrator | CloudDataHubAdmin | CloudHubCentralCurator |
| CloudDeveloper | CloudDataHubDeveloper | CloudHubCentralDeveloper |
| CloudMonitor | CloudDataHubMonitor | CloudHubCentralExplorer |
| CloudPiiReader | CloudDataHubOperator | CloudHubCentralModeler |
| CloudSecurityAdministrator | CloudDataHubSecurityAdmin | CloudHubCentralOperator |
Preserve certain external names
An external name may be assigned to a MarkLogic Server Service role or user.
An external name gives MarkLogic Server Service the ability to map an external entity's role or user to an internal MarkLogic Server Service role or user. Progress Data Cloud uses this MarkLogic Server Service functionality to map its MarkLogic Server Service roles to the MarkLogic Server Service roles in the previous table.
Do not use these external names for other entities that you integrate with your MarkLogic Server Service:
| MarkLogic Server Service | Data Hub Framework Configuration | Data Hub Central Service |
|---|---|---|
| CloudAdministrator | CloudDataHubAdmin | CloudHubCentralCurator |
| CloudDeveloper | CloudDataHubDeveloper | CloudHubCentralDeveloper |
| CloudMonitor | CloudDataHubMonitor | CloudHubCentralExplorer |
| CloudPiiReader | CloudDataHubOperator | CloudHubCentralModeler |
| CloudSecurityAdministrator | CloudDataHubSecurityAdmin | CloudHubCentralOperator |
Preserve the ML_CLOUD_TOKEN external security object
External security objects can be created within the MarkLogic Server Service.
An external security object is a named configuration assigned to an app server. This object specifies which authentication protocol and authorization scheme an app server should use, along with any other parameters necessary for integration with the external agent. Multiple app servers can use the same object.
Any exposed app server needs ML_CLOUD_TOKEN configured as its external security object to function within Progress Data Cloud. Do not delete or modify ML_CLOUD_TOKEN or try to create any other external security object with this name.
Keep required audit events enabled
The Progress Data Cloud Operations Team uses these audit events to detect changes that can impact the system and security health. Do not set Audit Enabled to false nor deselect these events:
-
audit-configuration-change -
authentication-failure -
audit-startup -
audit-shutdown -
external-authentication-failure -
login-dynamic-roles -
role-change-failure -
role-query-change-failure -
user-configuration-change
Preserve the external backup storage credentials
These credentials let MarkLogic Server Service access the external backup storage that Progress Data Cloud provides.
If you change them, then you become responsible for providing backup storage.
If you want to restore MarkLogic Server Service access to the Progress Data Cloud built-in backup storage, then you can update the MarkLogic Server Service to use the Progress Data Cloud external backup storage credentials.