TDV Adapter for Cosmos DB

Build 21.0.8137

Basic Tab

Authenticating to Cosmos DB

Authenticating using the AccountKey

To obtain the connection string needed to connect to a Cosmos DB account using the SQL API, log in to the Azure Portal, select Azure Cosmos DB, and select your account. In the Settings section, click Connection String and set the following values:

  • AccountEndpoint-the Cosmos DB account URL from the Keys blade of the Cosmos DB account.
  • AccountKey-in the Azure portal, navigate to the Cosmos DB service and select your Azure Cosmos DB account. From the resource menu, go to the Keys page. Find the PRIMARY KEY value and set the property to this value.
  • TokenType-(optional). Set this to 'master' if you are using a Master Token, which is a full permissions token generated during account creation. Otherwise, set this property to 'resource' if you are using a Resource Token, which is custom permissions token generated when a database user is set up. The default value is 'master'. Check the TokenType connection property description for more details.

Authenticating using Azure AD or Azure Service Principal

In both cases, you must make sure that the Azure identity has the correct role assignment. The identity is the account that you log in to the browser during AzureAD authentication or the Application itself for AzureServicePrincipal authentication. Please visit the link below for more details:

Configure role-based access control for your Azure Cosmos DB account with Azure AD

You can either assign one of the built-in role definitions:

  • CosmosDB Built-in Data Reader
  • CosmosDB Built-in Data Contributor

or create your own custom role definitions. You must also set the scope of the role assignment, where '/' means that the identity has access to all the databases.

Authenticating using Azure AD

Azure AD is a connection type that goes through OAuth. Set your AuthScheme to AzureAD and see Using OAuth Authentication for an authentication guide.

Authenticating using Azure Service Principal

Azure Service Principal is a connection type that goes through OAuth. Set your AuthScheme to AzureServicePrincipal and see Using Azure Service Principal Authentication for an authentication guide.

Copyright (c) 2022 CData Software, Inc. - All rights reserved.
Build 21.0.8137