Most of the security features are available only in TypeDB Enterprise & TypeDB Cloud.
Access control features are a part of TypeDB Enterprise & TypeDB Cloud.
TypeDB Enterprise & TypeDB Cloud have the following security features:
User account management,
User identification and authentication,
Password hashing with salt,
Password complexity requirements and expiration settings.
All external connections to a cluster of TypeDB (TypeDB Enterprise or TypeDB Cloud) require user account credentials.
Users can use usernames and passwords to identify and authenticate themselves. Passwords are stored only as irreversible password hash + salt.
Administrators can adjust settings for password strength requirements and reset users passwords.
For TypeDB auth we should use the user account from the cluster we are connecting to, not the user account from TypeDB Cloud web portal.
User management features are a part of TypeDB Enterprise & TypeDB Cloud.
typedb console --cluster=<address> --username=<username> --password
After issuing this command we will be prompted to provide a password.
Only the administrator account (username
Use the following TypeDB Console commands to manage users.
Retrieve a list of all users:
Create a new user:
user create <username>
Set password for a user:
user set-password <username>
Update password of the current user:
Delete a user:
user delete <username>
TypeDB Enterprise & TypeDB Cloud encrypt all network traffic:
TLS encryption is used for client/server communication.
CurveZMQ is used for cluster communication (TypeDB Enterprise & TypeDB Cloud).
TypeDB Enterprise & TypeDB Cloud clusters accept external communications only with valid credentials and internal cluster communications only from servers that are set to be a part of the cluster.
All external and internal communications are encrypted on the fly.
Set a CA certificate explicitly to be able to use a self-signed certificate or to avoid using default certificates from an operating system. If no certificate is provided then the default operating system root certificates will be used to establish TLS encryption.