Connector/ODBC supports different authentication methods, including:
Standard authentication using a MySQL username and password, such as caching_sha2_password.
The Kerberos authentication protocol for passwordless authentication. For more information about Kerberos authentication, see Kerberos Pluggable Authentication.
Support added in Connector/ODBC 8.0.26 for Linux clients, and 8.0.27 for Windows clients.
OpenID Connect is supported with the
authentication_openid_connect_client
client-side authentication plugin connecting to MySQL Enterprise Edition with theauthentication_openid_connect
authentication plugin.The required
openid-token-file
connection option defines a path to a file containing the JWT formatted identity token. TLS, socket, and shared memory connection methods are supported.Support was added in Connector/ODBC 9.1.0.
Multi-Factor Authentication (MFA) by utilizing the
PASSWORD1
(alias ofPASSWORD
),PASSWORD2
, andPASSWORD3
connection options. In addition there arePWD1
,PWD2
, andPWD3
aliases.Support added in Connector/ODBC 8.0.28.
FIDO-based authentication is supported and Connector/ODBC supports the FIDO-based WebAuthn Pluggable Authentication plugin. See the general WebAuthn Pluggable Authentication documentation for installation requirements and implementation details.
NoteSupport for the authentication_webauthn plugin was added in Connector/ODBC 8.2.0. Support for the authentication_fido plugin was added in 8.0.29, deprecated in 8.2.0, and removed in 8.4.0.
A callback usage example:
// SQL_DRIVER_CONNECT_ATTR_BASE is not defined in all driver managers. // Therefore use a custom constant until it becomes a standard. #define MYSQL_DRIVER_CONNECT_ATTR_BASE 0x00004000 // Custom constants used for callback #define CB_FIDO_GLOBAL MYSQL_DRIVER_CONNECT_ATTR_BASE + 0x00001000 #define CB_FIDO_CONNECTION MYSQL_DRIVER_CONNECT_ATTR_BASE + 0x00001001 // Usage example // Callback function inside code: void user_callback(const char* msg) { // Do something ... } SQLHENV henv = nullptr; SQLAllocHandle(SQL_HANDLE_ENV, nullptr, &henv); // Set the ODBC version to 3.80 otherwise the custom constants don't work SQLSetEnvAttr(henv, SQL_ATTR_ODBC_VERSION, (SQLPOINTER)SQL_OV_ODBC3_80, 0); SQLHDBC hdbc = nullptr; SQLAllocHandle(SQL_HANDLE_DBC, henv, &hdbc); // CB_FIDO_X is either CB_FIDO_GLOBAL or CB_FIDO_CONNECTION SQLSetConnectAttr(hdbc, CB_FIDO_X, &user_callback, SQL_IS_POINTER); SQLDriverConnect(hdbc, hwnd, conn_str, ....);