{"section":"tutorials","requestedLocale":"en","requestedSlug":"restrict-public-access-to-master-data-fields","locale":"en","slug":"restrict-public-access-to-master-data-fields","path":"docs/en/tutorials/master-data/master-data-v1-settings/restrict-public-access-to-master-data-fields.md","branch":"main","content":"In [Master Data v1](/en/docs/tutorials/master-data), it is possible to [create data entities](/en/docs/tutorials/data-entity#creating-data-entities) with different access restrictions for each field:\n\n* Make readable without credentials\n* Allow editing without credentials\n* Allow filtering without credentials\n\nDepending on the data stored, public access without authentication can pose a risk to your business. To enforce authentication and restrict public access to fields containing sensitive data, follow the instructions below.\n\n1. In the VTEX Admin, go to **Store Settings** > **Storefront** > **Master Data.**\n2. In Master Data, click **Applications**.\n3. Click the gear <i class=\"fas fa-cog\"></i> next to **Profile System**:\n\n   ![1-master-data-confidential-data-en](https://cdn.statically.io/gh/vtexdocs/help-center-content/refs/heads/main/docs/en/tutorials/master-data/master-data-v1-settings/restrict-public-access-to-master-data-fields_1.png)\n4. In **Settings**, click **Data structure**.\n\n   ![2-master-data-confidential-data-en](https://cdn.statically.io/gh/vtexdocs/help-center-content/refs/heads/main/docs/en/tutorials/master-data/master-data-v1-settings/restrict-public-access-to-master-data-fields_2.png)\n5. Click the **Data Entities** tab.\n6. In the data entity row, click the edit <i class=\"fas fa-edit\"></i> button.\n\n   ![3-master-data-confidential-data-en](https://cdn.statically.io/gh/vtexdocs/help-center-content/refs/heads/main/docs/en/tutorials/master-data/master-data-v1-settings/restrict-public-access-to-master-data-fields_3.png)\n7. Click the gear icon <i class=\"fas fa-cog\"></i> in the row of a field that contains confidential data.\n\n   ![4-master-data-confidential-data-en](https://cdn.statically.io/gh/vtexdocs/help-center-content/refs/heads/main/docs/en/tutorials/master-data/master-data-v1-settings/restrict-public-access-to-master-data-fields_4.png)\n8. Uncheck the following options:\n\n   * **Make readable without credentials**\n   * **Allow editing without credentials**\n   * **Allow filtering without credentials**\n\n   ![5-master-data-confidential-data-en](https://cdn.statically.io/gh/vtexdocs/help-center-content/refs/heads/main/docs/en/tutorials/master-data/master-data-v1-settings/restrict-public-access-to-master-data-fields_5.png)\n9. Click `Save`.\n10. In the row of the changed data entity, click the Publish button <i class=\"fas fa-save\"></i> to publish the saved settings.\n11. Click `OK`.\n\n## Required permissions\n\nAfter following the previous instructions, it is mandatory to have a [role](/en/docs/tutorials/roles) with the necessary [permissions](/en/docs/tutorials/license-manager-resources) to access the following information:\n\n* At least one resource from the **Generic resources** category in the **Master Data** product: **READONLY_USER_CRM**, **POWER_USER_CRM**, **NOREMOVE_USER_CRM**, or **ADMIN_CRM**.\n* At least one resource from the **Dynamic storage generic resources** category in the **Dynamic Storage** product:** READONLY_USER_DS**, **NOREMOVE_USER_DS**, **POWER_USER_DS**, or **ADMIN_DS**."}