(Optional) Implement Privacy Restrictions

1. (Optional) Enable data query masking.

   1. Navigate to Enterprise Components > Data Privacy Framework > Query Masking > Query Masking System Settings.

   2. Select Enable Query Masking.

2. Add records.

   1. Navigate to Enterprise Components > Data Privacy Framework > Maintain Data Privacy Settings.

   2. Add record fields as appropriate. For example, for national ID to be present in the payload, add record fields.

      • PERS_NID.NATIONAL_ID as person identifier, national identifier

      • PERS_NID.NATIONAL_ID_TYPE as person identifier, national identifier

   3. Save your changes.

3. Authorize Roles for Query Masking.

   1. Navigate to Enterprise Components > Data Privacy Framework > Query Masking > Query Masking Authorized Roles.

   2. Add roles as appropriate to omit from payload. For example, the role EduApi_AllAccess would have authorization for fields of these records:

      • ADDRESSES

      • EMAIL_ADDRESSES

      • EMERGENCY_CNTCT

      • EMERGENCY_PHONE

      • PERSON

      • PERSONAL_PHONE

      • RELATIONSHIPS

      • SCC_AFL_PERSON

   National ID will only be displayed if the record PERS_NID field NATIONAL_ID is granted access code Authorized for that role. Otherwise, it's omitted from the Person payload.

   Unlike NATIONAL_ID, the other fields are granted access by default and don't need to be specified. If you specify access code Not Authorized to a record-field for a role, then that field will be omitted from the Person payload.

4. Save your changes.