<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
  <channel>
    <title>Administration :: DbGate</title>
    <link>https://dbgate.io/dbgate-classic/admin/index.html</link>
    <description>The administration interface lets a team run DbGate as a shared, multi-user web application: you manage connections centrally, define who can sign in and how, and grant fine-grained access to databases and objects through users, roles and permissions. It also hosts shared team files. Everything configured here is stored in the storage database rather than in local files.&#xA;The administration tool is available only on the Team Premium edition. In the Community edition, please configure DbGate using environment variables instead.</description>
    <generator>Hugo</generator>
    <language>en-us</language>
    <atom:link href="https://dbgate.io/dbgate-classic/admin/index.xml" rel="self" type="application/rss+xml" />
    <item>
      <title>Authentication</title>
      <link>https://dbgate.io/dbgate-classic/admin/auth/index.html</link>
      <pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
      <guid>https://dbgate.io/dbgate-classic/admin/auth/index.html</guid>
      <description>Authentication tab There are several methods of authentication. Use will choose authentication method on login page. If you have only one authentication method enabled and authentication method doesn’t require login page, login page is skipped.&#xA;Local authentication method - user is selected from user list in storage database (configured in “Users” tab) Anonymous - no credentials are required, user have permissions from “anonymous-user” role Use database login - credentials are redirected to database server. User will choose connection from “Connections” tab OAuth 2.0 - generic OAuth provider. With some little effort and proper knowledge, could be configured with most of recent identity providers, like Google, Facebook, Keycloak Active Directory - AD access via LDAP protocol Microsoft Entra - former Azure Active Directory - single sign-on access to Azure databases Option “Allow only defined logins” For external identity providers, user doesn’t have to exist in DbGate storage database. If this checkbox is checked, user, which is not found in storage database, is not allowed to login</description>
    </item>
    <item>
      <title>Connections</title>
      <link>https://dbgate.io/dbgate-classic/admin/connection/index.html</link>
      <pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
      <guid>https://dbgate.io/dbgate-classic/admin/connection/index.html</guid>
      <description>Connections tab Configure connections available in DbGate. Connections must be mapped to users or roles to be available.&#xA;Direct access to storage database Admin user has also access to internal storage database, so you could make operations on database directly (eg. exports/imports of users etc.). This permission could be also granted to any other user, “Interal storage” permission</description>
    </item>
    <item>
      <title>Team Files</title>
      <link>https://dbgate.io/dbgate-classic/admin/team-files/index.html</link>
      <pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
      <guid>https://dbgate.io/dbgate-classic/admin/team-files/index.html</guid>
      <description>Team files are SQL, diagram or other files stored in DbGate internal storage. Desktop DbGate stores files in users folder, Team edition allows storing files in the same manner (in docker volume), but more appropriate is to store files in storage database, which is not recreated when DbGate container is recreated.&#xA;Disk files files stored on disk or docker volume unless you don’t define docker volume explicitly (eg. in docker-compose.yaml), files are recreated when container is recreated. Team files files stored in storage database are not lost when container is recreated, without need to define docker volume allow to define fine-grained access permissions for users and roles Save SQL file as team file When saving SQL file, just check “Save to team folder” checkbox. The file will be saved as team file.</description>
    </item>
    <item>
      <title>Users</title>
      <link>https://dbgate.io/dbgate-classic/admin/users/index.html</link>
      <pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
      <guid>https://dbgate.io/dbgate-classic/admin/users/index.html</guid>
      <description>Users tab Configure users, passwords, user permissions and user-connection mapping. Passwords are used only for “Local” authentication methods. But all methods with external identity providers use user lookup, so you could configure permissions and connections available for user, even for externaly authenticated user.&#xA;User detail tabs Info Configure user permissions Configure roles assigned to this user Team files - configure access to team files Connections - configure connections assigned to this user Databases - configure database permissions for this user Tables/views/objects - configure table permissions for this user Disk files - configure access to files on disk/docker volume</description>
    </item>
    <item>
      <title>Roles</title>
      <link>https://dbgate.io/dbgate-classic/admin/roles/index.html</link>
      <pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
      <guid>https://dbgate.io/dbgate-classic/admin/roles/index.html</guid>
      <description>Roles tab Configure roles, role permissions and role-connection mapping. You could create custom roles and assign users to them, so that permissions and linked connections are shared between all users assigned to this role.&#xA;There are some predefined roles:&#xA;superadmin - role used for admin page, https://your_dbgate_instance/admin.html logged-user - role used for all logged users. You could ovveride permission for specific users anonymous-user - role used for users logged with “Anonymous” authentication method</description>
    </item>
    <item>
      <title>Permissions</title>
      <link>https://dbgate.io/dbgate-classic/admin/permissions/index.html</link>
      <pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
      <guid>https://dbgate.io/dbgate-classic/admin/permissions/index.html</guid>
      <description>DbGate’s permissions use two dimensions:&#xA;Source of permissions (who sets them) Permissions cascade from broad to specific. More specific settings override more general ones:&#xA;Predefined permission sets Predefined roles (superadmin, logged user, anonymous) Custom roles Individual user Object scope Permissions can target specific databases and tables/objects. See Database permissions and Table permissions.&#xA;Basic Permissions Configure global/basic permissions in the permission tree in User detail or Role detail.&#xA;A greyed checkbox means the permission is inherited (e.g., from a role or a predefined permission set), not set directly on that user/role.</description>
    </item>
  </channel>
</rss>