On this page

    JDBC

    Dremio provides a JDBC driver that allows client applications to connect to Dremio Cloud.

    You can download the JDBC driver from here. The driver does not require installation.

    Supported Authentication Methods

    Connection strings can authenticate to Dremio Cloud by using a personal access token (PAT) obtained from Dremio Cloud or a JSON Web Token (JWT). You can use a PAT with or without OAuth enabled. To use a JWT, you must have OAuth enabled.

    Construct a Connection String for JDBC Applications

    note:

    If you are using the JDBC driver to connect to Dremio Cloud from a supported client application, refer to the documentation for creating connections from that application.

    note:

    If you want to start with the base JDBC connection string for your Dremio Cloud project: ‎‎‎

    1. In Dremio Cloud, hover over the Settings icon and select Project Settings.

    2. On the left side of the page, click General Information.

    3. Copy the connection string that is in the JDBC Connection field.

    To construct a connection string:

    1. Set the subprotocol to jdbc:dremio:.

    2. Set the property direct equal to sql.dremio.cloud:443.

    3. Add one of these types of authentication credentials for connecting from your JDBC client application to Dremio Cloud:

      • Use a personal access token (PAT) in either of the following ways:

        • Set username to $token and use the PAT as the password when the client application does not support OAuth:

          jdbc:dremio:direct=sql.dremio.cloud:443;username=$token;password=<personal-access-token>;
          
        • Set token_type to personal_access_token, use the PAT as the password, and set username to null when the client application supports OAuth:

          jdbc:dremio:direct=sql.dremio.cloud:443;token_type=personal_access_token;password=<personal-access-token>;username=;
          
      • Use a JSON Web Token (JWT):

        You can use a JWT when the tool used with the JDBC driver supports OAuth:

        jdbc:dremio:direct=sql.dremio.cloud:443;token_type=jwt;password=<jwt>;username=;
        
    4. Set the property ssl equal to true.

      Example:

      jdbc:dremio:direct=sql.dremio.cloud:443;token_type=personal_access_token;password=<personal-access-token>;username=;ssl=true;
      
    5. (Optional) Route queries to a particular engine in your project, set the property engine to the name of an engine.

      Example:

      jdbc:dremio:direct=sql.dremio.cloud:443;token_type=personal_access_token;password=<personal-access-token>;username=;ssl=true;engine=<engine-name>
      

    Encryption Properties

    SSL JDBC Connection ParameterTypeDescriptionDefault ValueRequired
    disableCertificateVerificationbooleanControls whether the driver verifies the host certificate against the trust store.
    • The driver will verify the certificate against the trust store when it is set to false.
    • The driver will not verify the certificate against the trust store when the value is set to true
    .
    falseNo
    disableHostVerificationbooleanForces the driver to verify that the host in the certificate is the host being connected to.
    • The driver will verify the certificate against the host being connected to when it is set to false.
    • The driver will not verify the certificate against the host whe it is set to true.
    falseNo
    sslbooleanForces the client to use an SSL encrypted connection to communicate with the Dremio server.
    • SSL encryption is disabled with the client when it is set to false.
    • The client communicates with the Dremio server only using SSL encryption when it is set to true.
    Note:
    To connect to Dremio Cloud, SSL must be enabled.
    falseYes
    trustStoreTypestringThe trustStore type. Accepted value is: JKS PKCS12

    The following property only applies to Windows.
    • If the useSystemTrustStore parameter is set to true, the accepted values are: Windows-MY and Windows-ROOT.
    • Import the certificate into the Trusted Root Certificate Authorities and set trustStoreType=Windows-ROOT.
    • Import the certificate into Trusted Root Certificate Authorities or Personal and set trustStoreType=Windows-MY.
    NoneNo
    trustStorestringPath to the truststore.
    If this parameter is not specified, it defaults to Java truststore ($JAVA_HOME/lib/security/cacerts) and the trustStorePassword parameter is ignored.
    $JAVA_HOME/lib/security/cacertsNo
    useSystemTrustStorebooleanBypasses trustStoreType and automatically picks the correct truststore based on the operating system:trueNo
    trustStorePasswordstringPassword to the truststore.NoneNo