Help Center/ TaurusDB/ API Reference/ APIs (Recommended)/ Database User Management/ Granting Permissions to a Database User
Updated on 2025-07-11 GMT+08:00

Granting Permissions to a Database User

Function

This API is used to grant permissions to a database user. Before calling this API:

URI

POST /v3/{project_id}/instances/{instance_id}/db-users/privilege

Table 1 URI parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Definition:

Project ID of a tenant in a region.

To obtain this value, see Obtaining a Project ID.

Constraints:

N/A

Range:

The value can contain 32 characters. Only letters and digits are allowed.

Default value:

N/A

instance_id

Yes

String

Definition:

Instance ID, which uniquely identifies an instance.

Constraints:

N/A

Range:

The value can contain 36 characters with a suffix of in07. Only letters and digits are allowed.

Default value:

N/A

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

Definition:

User token. To obtain this value, call the IAM API for obtaining a user token.

The value of X-Subject-Token in the response header is the token value.

Constraints:

N/A

Range:

N/A

Default value:

N/A

X-Language

No

String

Definition:

Request language type.

Constraints:

N/A

Range:

  • en-us

  • zh-cn

Default value:

en-us

Table 3 Request body parameter

Parameter

Mandatory

Type

Description

users

Yes

Array of GrantDatabasePermission objects

Definition:

List of database users.

Constraints:

The list can contain a maximum of 50 database users.

Table 4 GrantDatabasePermission

Parameter

Mandatory

Type

Description

name

Yes

String

Definition:

Database username.

Constraints:

The value must be the username of the current instance.

Range:

The username can consist of 1 to 32 characters. Only letters, digits, and underscores (_) are allowed.

Default value:

N/A

host

Yes

String

Definition:

Host IP address.

Constraints:

N/A

Range:

% and IP addresses. If the value is 10.10.10.%, all IP addresses in the subnet 10.10.10.X are allowed to access your TaurusDB instance. To specify multiple IP addresses, separate them with commas (,), for example, 192.168.0.1,172.16.213.9 (no spaces before or after the comma).

Default value:

N/A

databases

Yes

Array of DatabasePermission objects

Definition:

List of database permissions. The list contains up to 50 database permissions.

Constraints:

N/A

Table 5 DatabasePermission

Parameter

Mandatory

Type

Description

name

Yes

String

Definition:

Database name.

Constraints:

N/A

Range:

The database name can consist of 1 to 32 characters. Only letters, digits, and underscores (_) are allowed.

Default value:

N/A

readonly

Yes

Boolean

Definition:

Whether the permission is read-only.

Constraints:

N/A

Range:

  • true: read-only

  • false: read/write

Default value:

N/A

Response Parameters

Status code: 201

Table 6 Response body parameter

Parameter

Type

Description

job_id

String

Definition:

ID of the task for granting permissions to a user.

Range:

N/A

Status code: 400

Table 7 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

Status code: 500

Table 8 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

Example Request

Granting the read/write permission to a database user

{
  "users" : [ {
    "name" : "gaussdb_mysql_user1",
    "host" : "127.0.0.1",
    "databases" : [ {
      "name" : "test",
      "readonly" : false
    } ]
  } ]
}

Example Response

Status code: 201

Success.

{
  "job_id" : "dff1d289-4d03-4942-8b9f-463ea07c000d"
}

Status Code

For details, see Status Codes.

Error Code

For details, see Error Codes.