Skip to main content
Version: 2.x (Latest)

Databases

Supported Databases

Authorizer v2 configures the database via CLI flags. The required flags are --database-type and --database-url.

  • Postgres

    --database-type=postgres --database-url="postgres://username:password@localhost:5432/postgres"

  • Yugabyte

    --database-type=yugabyte --database-url="postgres://username:password@localhost:5432/postgres"

  • CockroachDB

    --database-type=postgres --database-url="postgres://username:password@localhost:5432/postgres"

  • MySQL

    --database-type=mysql --database-url="username:password@tcp(localhost:port)/database_name"

  • PlanetScale

    --database-type=planetscale --database-url="username:password@tcp(localhost:port)/database_name"

  • MariaDB

    --database-type=mariadb --database-url="username:password@tcp(localhost:port)/database_name"

  • SQLite

    --database-type=sqlite --database-url=test.db

  • SQLServer

    --database-type=sqlserver --database-url="sqlserver://gorm:LoremIpsum86@localhost:9930?database=gorm"

  • MongoDB

    --database-type=mongodb --database-url="mongodb://localhost:27017" --database-name=authorizer

  • ArangoDB

    --database-type=arangodb --database-url="https://root:password@localhost.arangodb.cloud:8529" --database-name=authorizer

  • CassandraDB

    --database-type=cassandradb \
    --database-host="db-connection-string" \
    --database-username="test" \
    --database-password="*********" \
    --database-cert="Base64 encoded cert string" \
    --database-cert-key="Base64 encoded cert key" \
    --database-ca-cert="Base64 encoded CA cert"

    Note for CassandraDB: If using a cloud provider like DataStax, they don't allow creating keyspace. Please create a keyspace named authorizer from their GUI.

  • ScyllaDB

    --database-type=scylladb \
    --database-host="192.168.0.1,192.168.0.2,192.168.0.3" \
    --database-username="scylladb" \
    --database-password="*********"

  • DynamoDB

    --database-type=dynamodb \
    --aws-region=ap-south-1 \
    --aws-access-key-id=YOUR_ACCESS_KEY \
    --aws-secret-access-key=YOUR_SECRET

  • Couchbase

    --database-type=couchbase \
    --database-url="couchbase://127.0.0.1" \
    --database-username="admin" \
    --database-password="*********" \
    --couchbase-bucket="authorizer" \
    --couchbase-bucket-ram-quota=1000 \
    --couchbase-scope="_default"

Note: For MongoDB and ArangoDB, use --database-name since the database name is not part of the connection URL.

Tables / Collections

Authorizer creates and manages the following tables/collections:

  • authorizer_users -- stores basic user information
  • authorizer_verification_requests -- stores email verification and forgot password requests
  • authorizer_sessions -- stores user sessions

Session Store

For each request requiring authorization, Authorizer validates the HTTP Cookie or Authorization header. To improve throughput, an in-memory store is used.

Authorizer supports two session stores:

  • Redis -- configured via --redis-url. Persisted as long as Redis is running.
  • In-memory -- default when no Redis URL is set. Not recommended for production.

Example with Redis:

./build/server \
  --database-type=sqlite \
  --database-url=test.db \
  --jwt-type=HS256 \
  --jwt-secret=test \
  --admin-secret=admin \
  --client-id=123456 \
  --client-secret=secret \
  --redis-url=redis://localhost:6379