Database authentication
Secure your YugabyteDB universes
This page documents the preview version (v2.23). Preview includes features under active development and is for development and testing only. For production, use the stable version (v2024.1). To learn more, see Versioning.
YugabyteDB supports LDAP and OIDC for database authentication.
Protocol | Description |
---|---|
LDAP | LDAP authentication is similar to password authentication, except that it uses the LDAP protocol to verify the database user's password. Before LDAP can be used for database authentication, users must already exist in the database and have appropriate permissions. |
OIDC | OpenID Connect (OIDC) is an authentication protocol that allows client applications to confirm the user's identity via authentication by an authorization server. YugabyteDB supports authentication based on the OIDC protocol for access to YugabyteDB databases. This includes support for fine-grained access control using OIDC token claims and improved isolation with tenant-specific token signing keys. |
(For information on configuring user authentication for your YugabyteDB Anywhere instance, refer to Configure authentication for YugabyteDB Anywhere.)