Dremio supports the following four Authentication options.
Enterprise Edition only
Note: LDAP, Azure AD and OpenID Authentication options are only available in Enterprise Edition
Supported login credential and access control settings for each Authentication option are provided in the following chart.
| Authentication Option | Login Credentials - UI | Login Credentials - ODBC/JDBC/REST | User Access Controls | Group Access Controls |
|---|---|---|---|---|
| Local | Username / Password & Personal Access Token |
Username / Password & Personal Access Token |
Yes | No |
| LDAP | Username / Password & Personal Access Token |
Username / Password & Personal Access Token |
Yes | Yes |
| Azure AD | Single Sign-On & Personal Access Token |
Personal Access Token | Yes | Yes |
| OpenID | Single Sign-On & Personal Access Token |
Personal Access Token | Yes | No |
The options available for users to authenticate to Dremio over either the Web UI interface or ODBC, JDBC & Rest sessions are:
Note: With OpenID authentication when adding User Access Controls user names are assumed correct and not validated against a directory service.
If the authentication option supports user-level access controls for PDS, VDS and other objects. When supported access to individual objects can be configured based on the User ID used for authentication.
If the authentication option supports group-level access controls for PDS, VDS and other objects. When supported access to individual objects can be configured based upon groups associated with the User ID used for authentication.
To configure LDAP refer to Setting Up LDAP
To configure Azure AD or OpenID with Single Sign On refer to Configuring Single Sign On