# Apply entity access when generating documents

<table><thead><tr><th width="138">Check ID</th><th>MF_0004</th></tr></thead><tbody><tr><td>Category</td><td>Security</td></tr><tr><td>Summary</td><td>When generating documents in a microflow it is possible to configure if the action should <strong>Apply entity access</strong> or not. If <strong>Apply entity access</strong> is enabled, the access rights of the current user executing the microflow will be used to restrict the data retrieved from the database for the document. If this setting is not enabled, all data matching the database query will be retrieved. It is recommended to always have <strong>Apply entity access</strong> enabled so that users do not accidentally gain access to data in a generated document that they usually don't have access to in the app.</td></tr><tr><td>Options</td><td>This check does not have any options.</td></tr><tr><td>Pass</td><td>If your microflow uses the generate document action, <strong>Apply entity access</strong> is enabled.</td></tr><tr><td>Fail</td><td>If your microflow uses the generate document action, <strong>Apply entity access</strong> is disabled.</td></tr></tbody></table>