Enable authentication

Enable authentication

Enable authentication to have clients provide valid credentials before they can connect to a YugabyteDB cluster.

Enabling user authentication in YSQL and YCQL requires setting the appropriate flags on server startup:

  • --ysql_enable_auth=true in YSQL
  • --use_cassandra_authentication=true in YCQL

In YSQL, further fine-grained control over client authentication is provided by setting the --ysql_hba_conf_csv flag. You can define rules for access to localhost and remote clients based on IP addresses, authentication methods, and use of TLS (aka SSL) certificates.