Managing Users

Version 22.0.8486

Managing Users

Version 22.0.8486

In order to access the data exposed by Connect in the Virtual SQL Server or OData endpoints, the admin must first define Connect users.

Creating New Users

To create a new user, open the Users page and follow these steps:

  1. Click + Add
  2. Enter the requested information:
    • Name—a username to be used in HTTP-based authentication.
    • Password—a password for Virtual SQL Server authentication. For the admin user, this password can also be used to access the Connect admin console.
    • Token Lifetime—the lifetime (in days) of the authtoken for HTTP-based authentication.
    • Active—toggles the user’s access to connections.
    • 2nd Token Active—check this box to give the user an alternative token.
  3. Click Save Changes.

The new user appears in the user list. Each user has a randomly-generated authentication token to use with HTTP-based authentication (see Authentication). Note that this authentication token cannot be used for Virtual SQL Server authentication.

Authentication Token Expiration

If you define a non-zero Token Lifetime, the authentication token used for HTTP-based authentication will become perishable. After the lifetime of the token expires, attempting to use this authentication token to connect to the OData endpoint of CData Connect will result in an authentication error. A zero value for Token Lifetime indicates that the authentication token never expires. You may specify a default value for the token lifetime in OData Settings.

Modifying Users

It is also possible to modify any of the above settings for existing users. To do so, click the user you wish to modify and click Edit. In the modal that appears, you can change the user’s password, refresh the authentication token, and specify a new token lifetime.

Authenticating a User

When accessing any of the Connect endpoints, a user must authenticate itself. Please consult the appropriate page for information about each endpoint:

  • OData: See Connecting to OData for examples of OData connections using the authtoken that is automatically generated for each user.
  • Virtual SQL Server: See Connecting to Virtual SQL Server for specific examples of connections to the Virtual SQL Server endpoint of CData Connect using the password assigned to an user.

User Permissions

Strong access control over your data is crucial to any modern data solution. Some users may only be allowed to access a single connection, or may be given read-only access.

By default, only the admin user has access to newly-created connections. To give read and write access to non-admin users, follow these steps:

  1. Open the Data Model page.
  2. Choose a connection in the Connections list.
  3. Open the Permission tab. The permissions specified here affect all data endpoints of CData Connect—OData and Virtual SQL Server. Click the checkbox for a user to toggle their permission for the connection. The following permissions are available:
    • SELECT: Allows a user to read from a table or view
    • INSERT: Allows a user to add new records to a table
    • UPDATE: Allows a user to modify existing records to a table
    • DELETE: Allows a user to remove records from a table
    • EXECUTE: Allows a user to run procedures