Username and password based authentication
Note
The article is being updated.
Below are examples of the code for authentication based on a username and token in different YDB SDKs.
C++
Go (native)
Go (database/sql)
Java
Node.js
Python
Python (asyncio)
C# (.NET)
PHP
auto driverConfig = NYdb::TDriverConfig()
.SetEndpoint(endpoint)
.SetDatabase(database)
.SetCredentialsProviderFactory(NYdb::CreateLoginCredentialsProviderFactory({
.User = "user",
.Password = "password",
}));
NYdb::TDriver driver(driverConfig);
You can pass the username and password in the connection string. For example:
"grpcs://login:password@localohost:2135/local"
You can also explicitly pass them using the ydb.WithStaticCredentials
parameter:
package main
import (
"context"
"os"
"github.com/ydb-platform/ydb-go-sdk/v3"
)
func main() {
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
db, err := ydb.Open(ctx,
os.Getenv("YDB_CONNECTION_STRING"),
ydb.WithStaticCredentials("user", "password"),
)
if err != nil {
panic(err)
}
defer db.Close(ctx)
...
}
You can pass the username and password in the connection string. For example:
package main
import (
"context"
_ "github.com/ydb-platform/ydb-go-sdk/v3"
)
func main() {
db, err := sql.Open("ydb", "grpcs://login:password@localohost:2135/local")
if err != nil {
panic(err)
}
defer db.Close()
...
}
You can also explicitly pass the username and password at driver initialization via a connector using the ydb.WithStaticCredentials
parameter:
package main
import (
"context"
"os"
"github.com/ydb-platform/ydb-go-sdk/v3"
)
func main() {
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
nativeDriver, err := ydb.Open(ctx,
os.Getenv("YDB_CONNECTION_STRING"),
ydb.WithStaticCredentials("user", "password"),
)
if err != nil {
panic(err)
}
defer nativeDriver.Close(ctx)
connector, err := ydb.Connector(nativeDriver)
if err != nil {
panic(err)
}
db := sql.OpenDB(connector)
defer db.Close()
...
}
public void work(String connectionString, String username, String password) {
AuthProvider authProvider = new StaticCredentials(username, password);
GrpcTransport transport = GrpcTransport.forConnectionString(connectionString)
.withAuthProvider(authProvider)
.build());
TableClient tableClient = TableClient.newClient(transport).build();
doWork(tableClient);
tableClient.close();
transport.close();
}
import { Driver, StaticCredentialsAuthService } from 'ydb-sdk';
export async function connect(endpoint: string, database: string, user: string, password: string) {
const authService = new StaticCredentialsAuthService(user, password, endpoint, {
tokenExpirationTimeout: 20000,
})
const driver = new Driver({endpoint, database, authService});
const timeout = 10000;
if (!await driver.ready(timeout)) {
console.log(`Driver has not become ready in ${timeout}ms!`);
process.exit(1);
}
console.log('Driver connected')
return driver
}
import os
import ydb
config = ydb.DriverConfig(
endpoint=os.environ["YDB_ENDPOINT"],
database=os.environ["YDB_DATABASE"],
)
credentials = ydb.StaticCredentials(
driver_config=config,
user=os.environ["YDB_USER"],
password=os.environ["YDB_PASSWORD"]
)
with ydb.Driver(driver_config=config, credentials=credentials) as driver:
driver.wait(timeout=5)
...
import os
import ydb
import asyncio
config = ydb.DriverConfig(
endpoint=os.environ["YDB_ENDPOINT"],
database=os.environ["YDB_DATABASE"],
)
credentials = ydb.StaticCredentials(
driver_config=config,
user=os.environ["YDB_USER"],
password=os.environ["YDB_PASSWORD"],
)
async def ydb_init():
async with ydb.aio.Driver(driver_config=config, credentials=credentials) as driver:
await driver.wait()
...
asyncio.run(ydb_init())
using Ydb.Sdk;
using Ydb.Sdk.Auth;
const string endpoint = "grpc://localhost:2136";
const string database = "/local";
var config = new DriverConfig(
endpoint: endpoint, // Database endpoint, "grpcs://host:port"
database: database, // Full database path
credentials: new StaticCredentialsProvider(user, password)
);
await using var driver = await Driver.CreateInitialized(config);
<?php
use YdbPlatform\Ydb\Ydb;
use YdbPlatform\Ydb\Auth\Implement\StaticAuthentication;
$config = [
// Database path
'database' => '/local',
// Database endpoint
'endpoint' => 'localhost:2136',
// Auto discovery (dedicated server only)
'discovery' => false,
// IAM config
'iam_config' => [
'insecure' => true,
// 'root_cert_file' => './CA.pem', // Root CA file (uncomment for dedicated server)
],
'credentials' => new StaticAuthentication($user, $password)
];
$ydb = new Ydb($config);