Query without shared credentials

Who can do this?

You need to be a connection admin in Atlan to enable bring your own credentials (BYOC) on a specific connection.

With bring your own credentials (BYOC), users provide their own credentials before they can query data. Each user's permissions in the data store are then applied to each query. This is helpful for organizations that have already invested in defining granular controls in their data stores. With BYOC, you can reuse those controls without any extra work.

Supported connectors

Atlan currently supports the following connectors for BYOC:

• Amazon Athena
• Amazon Redshift
• Databricks
• MySQL
• PostgreSQL
• Presto
• Snowflake
• Trino

Did you know?

To query data using SSO credentials instead, refer to Authenticate SSO credentials to query data.

Enable BYOC on a connection

1. From the left menu of any screen, click Assets.
2. From the pills below the search bar at the top of the screen, click Connection.
3. From the list of results, select the connection for which you want to enable BYOC.
4. From the sidebar on the right, next to Connection settings, click Edit.
5. In the Connection settings dialog:
   • Under Query permissions, for Authentication type, click Basic credentials to enforce user credentials for querying data.
   • Under Display sample data, for Source preview, click Basic credentials to enforce user credentials for viewing sample data.
6. (Optional) Toggle on Enable data policies created at source to apply for querying in Atlan to apply any data policies and user permissions at source to querying data and viewing sample data in Atlan. If toggled on, any existing data policies on the connection in Atlan are deactivated and creation of new data policies is disabled.
7. At the bottom right of the Connection settings dialog, click Update.

See also

• Provide credentials to query data: Learn how users provide their own credentials to query data
• Authenticate SSO credentials to query data: Use SSO credentials instead of basic authentication