Datatype ACL

  • Release version: Australia
  • Updated June 23, 2026
  • 1 minute to read
  • The datatype ACL enables you to write ACLs that apply to all fields of a specific type.

    Datatype ACLs provide a targeted approach to access controls by restricting table fields based on data type. This allows for broader security constraints than wildcard(*) ACLs. The syntax for datatype ACLs follows the format *.[(field to be restricted)].

    Conventional field ACLs are limited to specific table-field identifiers, all fields in a table, or all tables with a specific field name, in contrast the datatype ACLs enable you to apply security uniformly across fields that share certain metadata. This helps prevent creating additional ACLs to apply security uniformly across all fields.

    When implementing datatype ACLs, its essential to validate all affected fields before and after adding them to avoid unexpected security issues. See Create a datatype ACL to create your own datatype ACL.

    To review existing datatype ACLs, navigate to All > System Security > Access Control (ACL) and use the Name field to search for ACLs that start with *.[.

    Note:
    Scripting Governance uses datatype ACLs by default for scripting restrictions. For more information, see Scripting Governance Tool.