# Data access control at object level

Through DataControl and DataControlRoleValue is possible to give access only to some specific objects.&#x20;

For instance if we want that the users that belong to the security role with key **59552772** can have access only to the documents connected with the business partner with key 20867070 and 22210381, a DataContol object like this has to be posted:

```
{
    "objectName": "Document",
    "attribute": "businessPartner.key",
    "dataControlRoleValues": [
        {
            "role":  59552772
            "valueType": "Long",
            "value": "20867070"
        },
        {
            "role": 59552772,
            "valueType": "Long",
            "value": "22210381"
        }
    ]
}
```

* **objectName** the Dataloy object that has to be applied the access control
* **attribute** the attribute name to be used to restrict the access
* **role** the security role that will use the access control (use the key, as role names containing spaces might not work)
* **value** the value to use as filter to restrict data
* **valueType** the type of the value (Integer, String)