Changing Credentials, Access Rules, and User Roles

The set-db-user operation is used for changing credentials of a database user, specifying access control records for MySQL databases, restricting access to databases by IP addresses, and granting pre-defined roles to database users.

In this chapter:

Request Packet Structure

Response Packet Structure

Samples

 

Request Packet Structure

A request XML packet changing database user settings includes the set-db-users operation node:

<packet>
<database>
   <set-db-user>
   ...
   </set-db-user>
</database>
</packet>

 

The set-db-user node is presented by type DatabaseSetDBUserInputType (database_input.xsd), and its graphical representation is as follows:

Remarks

You can change the settings of multiple database users in a single packet. Add as many set-db-user operations to the packet as the number of different users you want to update.

<packet>
  <database>
    <set-db-user>
    ...
    </set-db-user>
    ...
    <set-db-user>
    ...
    </set-db-user>
  </database>
</packet>

Important: When creating request packets, put nodes and elements in the order they follow in the packet structure.

 

Response Packet Structure

The set-db-user node of the output XML packet is presented by the type DatabaseSetDBUserOutputType (database_output.xsd) and is structured as follows:

 

 

Samples

This request packet sets a new password for the database user identified by ID 61, adds an ACL record, restricts access by IP address, and grants the user the Read Only role.

<packet>
 <database>
   <set-db-user>
    <id>61</id>
    <password>a1b2c3d</password>
    <acl>
       <host>127.0.0.1</host>
    </acl>
    <allow-access-from>
       <ip-address>10.12.13.14</ip-address>
    </allow-access-from>
    <role>readOnly</role>
  </set-db-user>
 </database>
</packet>

Reponse:

<packet>
<database>
<set-db-user>
   <result>
      <status>ok</status>
      <id>61</id>
   </result>
</set-db-user>
</database>
</packet>