Skip to main content

Connect to Repository Through Impersonation

Notice

Prerequisites

  • Impersonation policy has been created

  • Repository, IdP, sidecar have all been configured

  • Repository, repository users and sidecar have been registered to ALTR

As a data consumer, log into ALTR with single sign-on. Then, generate a proxy access token and generate a connection string. Your access to repositories and users is determined by configured impersonation policies. Learn more.

Use the token to generate a JDBC connection string, which includes everything needed for the sidecar to connect to the repository. Paste this connection string into your SQL tool and start querying data.

To connect to your repository through a sidecar:

  1. Generate an access token.

    1. Log into ALTR through Okta.

      Note

      If you’re an Administrator, select Data ConfigurationData Sources in the Navigation menu to get to the All Data Repositories page.

    2. Click New Access Token.

    3. Select a Token Expiration. You must generate the connection string and connect to the sidecar with the access token before the expiration time runs out.

    4. Click Generate Token; the access token displays.

    5. Click Copy.

      Note

      If you close the modal before copying the access token, generate a new one.

    6. Close the modal.

  2. Generate a connection string

    1. From the All Data Repositories page, click a repository to view it’s details.

    2. Expand your repository user.

    3. Paste in the Access Token.

    4. Select the Oracle identifier type that the service users from the Oracle Service Name / SID dropdown. Options are Oracle Service Name or SID.

    5. Enter the Oracle Service Name / SID value.

    6. Click Generate Connection String. ALTR generates a connection string that contains all the necessary connection details for the sidecar.

  3. Connect to the repository

    1. Copy the connection string for the repository user and paste it as a URL in your SQL tool to connect to the repository. Once connected, you can begin querying data securely.

      Note

      The connection string points to the sidecar port (not the repository port) and specifies the sidecar’s location, your identity, and the repository user you are requesting access.

    2. Repeat for each repository user you need access to.

    Important

    Generating a new access token invalidates the previous token. If your access token is in use and you generate a new token, you must use that new token to generate a new connection string and re-connect to the repository.

In this section: