This page explains the procedures for various user management tasks under TigerGraph's authorization model.
Syntax
Required privilege
WRITE_USER
Procedure
From the GSQL shell, run the CREATE USER
command:
Enter the user information in the prompts that follow:
Syntax
Required privilege
READ_USER
for displaying roles of other users
Procedure
From the GSQL shell, run the SHOW USER
command:
If the user running the command has the READ_USER
privilege, role information on all users will be displayed. Otherwise, only the current user's roles will be displayed.
Syntax
Required privilege
READ_USER
Procedure
From the GSQL shell, run the SHOW PRIVILEGE ON USER
command :
The above command will show the privileges of user tigergraph
:
Syntax
Required privilege
WRITE_ROLE
Procedure
Start the GSQL shell and make sure you are using the correct graph
From the GSQL shell, run the GRANT ROLE
command. You can grant multiple roles to multiple users:
The above command will grant roles role1
and role2
on graph example_graph
to users user1
and user2
.
Syntax
Required privilege
WRITE_ROLE
Procedure
Start the GSQL shell and make sure you are using the correct graph
From the GSQL shell, run the REVOKE_ROLE
command. You can revoke multiple roles from multiple users at the same time:
The above command will revoke roles role1
and role2
on graph example_graph
from users user1
and user2
.
Syntax
Required privilege
WRITE_USER
for changing the password of a user other than the current user
Procedure
From the GSQL shell, run the following command. Replace username
with the user whose password you want to change
Enter the new password in the prompt that follows.
Syntax
Required privilege
WRITE_USER
Procedure
From the GSQL shell, run the DROP USER
command. You can drop multiple users in the same command.
GSQL will confirm that the users you entered have been dropped