Skip to main content

CREATE USER

The CREATE USER statement creates new Databend accounts. It enables authentication, resource-limit, password-management, for new accounts.

See also:

Syntax

CREATE USER <name> IDENTIFIED [WITH auth_type ] BY 'password_string'

Where:

auth_type: {
double_sha1_password
| sha256_password
}

auth_type default is double_sha1_password.

tip

In order to make MySQL client/drivers existing tools easy to connect to Databend, we support two authentication plugins which is same as MySQL server did:

  • double_sha1_password
    • mysql_native_password is one of MySQL authentication plugin(long time ago), this plugin uses double_sha1_password to store the password(SHA1(SHA1(password)).
  • sha256_password
    • caching_sha2_password is a new default authentication plugin starting with MySQL-8.0.4, it uses sha256 to transform the password.

More of the MySQL authentication plugin, please see A Tale of Two Password Authentication Plugins.

Examples

Create Default auth_type User

CREATE USER user1 IDENTIFIED BY 'abc123';
SHOW USERS;
+-----------+----------+----------------------+------------------------------------------+---------------+
| name | hostname | auth_type | auth_string | is_configured |
+-----------+----------+----------------------+------------------------------------------+---------------+
| user1 | % | double_sha1_password | 6691484ea6b50ddde1926a220da01fa9e575c18a | NO |
+-----------+----------+----------------------+------------------------------------------+---------------+

Create a sha256_password auth_type User

CREATE USER user1 IDENTIFIED WITH sha256_password BY 'abc123';
SHOW USERS;
+-----------+----------+----------------------+------------------------------------------------------------------+---------------+
| name | hostname | auth_type | auth_string | is_configured |
+-----------+----------+----------------------+------------------------------------------------------------------+---------------+
| user1 | % | sha256_password | 6ca13d52ca70c883e0f0bb101e425a89e8624de51db2d2392593af6a84118090 | NO |
+-----------+----------+----------------------+------------------------------------------------------------------+---------------+

Grant Privileges to the User

GRANT ALL ON *.* TO user1;
show grants for user1;
+---------------------------------+
| Grants |
+---------------------------------+
| GRANT ALL ON *.* TO 'user1'@'%' |
+---------------------------------+