JDBC driver properties

The JDBC driver for YDB supports the following configuration properties, which can be specified in the JDBC URL or passed via additional properties:

  • saKeyFile — a path to the service account key file for authentication.

  • iamEndpoint — custom IAM endpoint for authentication using a service account key.

  • token — token value for authentication.

  • tokenFile — a path to the file with token value for authentication.

  • useMetadata — indicates whether to use metadata authentication. Valid values are:

    • true — use metadata authentication.
    • false — do not use metadata authentication.

    Default value: false.

  • metadataURL — custom metadata endpoint.

  • localDatacenter — the name of the data center local to the application being connected.

  • secureConnectionCertificate — a path to the custom CA certificate file for TLS connections.

Note

The values of the saKeyFile, tokenFile, or secureConnectionCertificate properties can be either absolute paths from the file system root or relative paths from the user's home directory. Examples:

  • saKeyFile=~/mysakey1.json

  • tokenFile=/opt/secret/token-file

  • secureConnectionCertificate=/etc/ssl/cacert.cer

JDBC URL examples

  • Local Docker container with anonymous authentication and without TLS:
    jdbc:ydb:grpc://localhost:2136/local
  • Remote self-hosted cluster:
    jdbc:ydb:grpcs://<host>:2135/Root/<testdb>?secureConnectionCertificate=~/<myca>.cer
  • A cloud database instance with a token:
    jdbc:ydb:grpcs://<host>:2135/<path/to/database>?tokenFile=~/my_token
  • A cloud database instance with a service account:
    jdbc:ydb:grpcs://<host>:2135/<path/to/database>?saKeyFile=~/sa_key.json
Previous
Authentication modes
Next
Building