Setting IBM IAM authentication
Set your authentication method to IBMIAM
with the REGISTER EXTERNAL AUTHENTICATION SYSTEM
SQL statement.
Two factor authentication is not supported with an external authentication system.
See also Managing IAM access for NPSaaS.
Syntax
REGISTER EXTERNAL AUTHENTICATION SYSTEM 'IBMIAM' with { PRODUCTION | STAGING | DEVELOPMENT }
Setting IBM IAM authentication with the web console
-
Log in to the web console as an
admin
. -
Go to the Query editor.
-
Register an
IBM IAM
external authentication system. Specify thePRODUCTION
environment type.REGISTER EXTERNAL AUTHENTICATION SYSTEM 'IBMIAM' with 'PRODUCTION'
-
Create a user or users with the external authentication method set to
IBM IAM
as desribed in Creating users. -
Verify whether the user was created successfully.
- Go to Users and groups > Users.
- Locate the user.
- Check the Authentication type section for the user.
Setting IBM IAM authentication with the command-line
-
Connect to NPSaaS as an
admin
.In the example, the 'nzsql' command is used. You can also use the the ODBC or JDBC drivers.
nzsql -host <nps_host_ip> -u admin -pw XXXXX
Example Input Description nps_host_ip Specifies the IP address of your instance.
To retrieveNPS HOST IP
:- Log in to your IBM Cloud account.
- Go to Private endpoints > Service instance details.
- Select your instance.
Your instance IP address is displayed on the page now.
user Specifies the user name. password When MFA is not configured:
specify theaccess-key
andsecret-key
for the user.
When MFA is configured:
specify theaccess-key
,secret-key
, andmfa-code
.Example:
nzsql -host X.XX.XXX.XXX -u admin -pw password Welcome to nzsql, the IBM Netezza SQL interactive terminal. Type: \h for help with SQL commands \? for help on internal slash commands \g or terminate with semicolon to execute query \q to quit SYSTEM.ADMIN(ADMIN)=>
-
As admin, register an
IBMIAM
external authentication system. Specify thePRODUCTION
environment type.REGISTER EXTERNAL AUTHENTICATION SYSTEM 'IBMIAM' with 'PRODUCTION'
-
Create a user or users with the external authentication method set to
IBMIAM
.CREATE USER USER AUTH EXTERNAL 'IBMIAM';
Example:
CREATE USER xyz@ibm.com AUTH EXTERNAL 'IBMIAM';
-
Verify whether the user was created successfully.
\q nzsql -u '"USER"' -pw PASSWORD
Example:
\q nzsql -u '"xyz@ibm.com"' -pw XXXXXXXXXXXXX Welcome to nzsql, the IBM Netezza SQL interactive terminal. Type: \h for help with SQL commands ? for help on internal slash commands \g or terminate with semicolon to execute query \q to quit SSL enabled connection. Cipher: ECDHE-RSA-AES256-GCM-SHA384, bits: 256, protocol: TLSv1.2 SYSTEM.ADMIN(xyz@ibm.com)=>