Bewerken

Delen via


Credentials (Database Engine)

Applies to: SQL Server Azure SQL Database Azure SQL Managed Instance Azure Synapse Analytics Analytics Platform System (PDW) SQL database in Microsoft Fabric

A credential is a record that contains the authentication information (credentials) required to connect to a resource outside SQL Server. This information is used internally by SQL Server. Most credentials contain a Windows user name and password.

The information stored in a credential enables a user who has connected to SQL Server by way of SQL Server Authentication to access resources outside the server instance. When the external resource is Windows, the user is authenticated as the Windows user specified in the credential. A single credential can only be mapped to a single SQL Server login. And a SQL Server login can be mapped to only one credential.

For credentials that are stored in the master database and can be used throughout the instance of SQL Server, see CREATE CREDENTIAL (Transact-SQL). For credentials used by a specific database, and portable with that database, see CREATE DATABASE SCOPED CREDENTIAL (Transact-SQL).

System credentials are created automatically and are associated with specific endpoints. Names for system credentials start with two hash signs (##).

For more information about credentials, see the sys.credentials and sys.database_scoped_credentials catalog views.

In Fabric SQL database, Microsoft Entra ID for database users is the only supported authentication method. Only database-scoped credentials are supported.

Create a Credential
CREATE CREDENTIAL (Transact-SQL)
CREATE DATABASE SCOPED CREDENTIAL (Transact-SQL)
Securing SQL Server