Skip to content

credentials-database-engine.md

Latest commit

 

History

History
49 lines (41 loc) · 3.48 KB

credentials-database-engine.md

File metadata and controls

49 lines (41 loc) · 3.48 KB

title: "Credentials (Database Engine) | Microsoft Docs" ms.custom: "" ms.date: "02/27/2017" ms.prod: sql ms.prod_service: "database-engine, sql-database, sql-data-warehouse, pdw" ms.reviewer: "" ms.suite: "sql" ms.technology: security ms.tgt_pltfrm: "" ms.topic: conceptual helpviewer_keywords:

  • "principals [SQL Server], credentials"
  • "schemas [SQL Server], credentials"
  • "permissions [SQL Server], credentials"
  • "groups [SQL Server], credentials"
  • "ALTER ANY CREDENTIAL permission"
  • "security [SQL Server], credentials"
  • "authentication [SQL Server], credentials"
  • "users [SQL Server], credentials"
  • "credentials [SQL Server], about credentials"
  • "credentials [SQL Server]" ms.assetid: c8df6022-e0b4-46b8-9670-3f86938d3177 caps.latest.revision: 31 author: CarlRabeler ms.author: carlrab manager: craigg monikerRange: ">= aps-pdw-2016 || = azuresqldb-current || = azure-sqldw-latest || >= sql-server-2016 || = sqlallproducts-allversions"

Credentials (Database Engine)

[!INCLUDEappliesto-ss-asdb-asdw-pdw-md]

A credential is a record that contains the authentication information (credentials) required to connect to a resource outside [!INCLUDEssNoVersion]. This information is used internally by [!INCLUDEssNoVersion]. Most credentials contain a Windows user name and password.

The information stored in a credential enables a user who has connected to [!INCLUDEssNoVersion] by way of [!INCLUDEssNoVersion] Authentication to access resources outside the server instance. When the external resource is Windows, the user is authenticated as the Windows user specified in the credential. A single credential can be mapped to multiple [!INCLUDEssNoVersion] logins. However, a [!INCLUDEssNoVersion] login can be mapped to only one credential.

For credentials that are stored in the master database and can be used throughout the instance of [!INCLUDEssNoVersion], see CREATE CREDENTIAL (Transact-SQL). For credentials used by a specific database, and portable with that database, see CREATE DATABASE SCOPED CREDENTIAL (Transact-SQL).

System credentials are created automatically and are associated with specific endpoints. Names for system credentials start with two hash signs (##).

For more information about credentials, see the sys.credentials and sys.database_scoped_credentials catalog views.

Related Content

Create a Credential
CREATE CREDENTIAL (Transact-SQL)
CREATE DATABASE SCOPED CREDENTIAL (Transact-SQL)
Securing SQL Server