User Access Management

TigerGraph’s user access management features are based on the role-based access control (RBAC) model, on top of which there are additional features that give users finer-grain data access control. Particularly, users can use access control lists (ACL) to govern access to GSQL queries and even override RBAC.

Below is a list of the key features of TigerGraph’s user access management system:

Users and Credentials

A TigerGraph user is a database-level security principal on the TigerGraph platform. When user authentication is enabled, only clients who can provide credentials that identify themselves as a user can interact with the TigerGraph database.

The TigerGraph platform offers two options for credentials:

  • A username-password pair used to log in to GSQL and make HTTP requests.

  • A token - a unique 32-character string with an expiration date, used for REST++ requests.

  • An ACL password used to run commands to alter the ACL privileges of a query.