Skip to content

Click in-app to access the full platform documentation for your version of DataRobot.

MS Azure SQL Connector for Data Prep

User Persona: Data Prep User, Data Prep Admin, Data Source Admin, or IT/DevOps

Note

This document covers all configuration fields available during connector setup. Some fields may have already been filled out by your Administrator at an earlier step of configuration and may not be visible to you. For more information on Data Prep's connector framework, see Data Prep Connector setup. Also, your Admin may have named this connector something else in the list of Data Sources.

Configure Data Prep

The Data Prep JDBC Connector allows you to connect to the Microsoft Azure SQL Database. This topic provides details for setting up a connection to Azure SQL Database. See also the JDBC Connector Documentation for guidelines on configuring the connection.

Example JDBC URI

jdbc:sqlserver://serverName.database.windows.net:serverPortNumber;encrypt=true;trustServerCertificate=false;hostNameInCertificate=*.database.windows.net;loginTimeout=30;database=databaseName'

Example JDBC URI for multi-factor authentication

Following is an example of a JDBC URI for configurations that use Active Directory multi-factor authentication:

jdbc:sqlserver://<serverName>.database.windows.net:<serverPortNumber>;encrypt=true;trustServerCertificate=false;hostNameInCertificate=*.database.windows.net;loginTimeout=30;database=<databaseName>;authentication=ActiveDirectoryInterActive;clientid=<azure_registered_app’s_client_id>;
See Set up Active Directory multi-factor authentication for more information.

Technical Specs

Driver Specs

Microsoft Azure SQL Database driver name and version:

  • Driver Classname: com.microsoft.sqlserver.jdbc.PxMSSQLDriver
  • Version: 9.2.1.jre8

Supported Microsoft Azure SQL Database versions:

  • Azure SQL Database
  • Azure SQL Managed Instance (Extended Private Preview)

Set up Active Directory multi-factor authentication

The MS Azure SQL Connector supports Active Directory (AD) multi-factor authentication (MFA), allowing users to authenticate using two or more verification factors interactively.

To support MFA interactively, add the following connection properties to the JDBC URL:

authentication=ActiveDirectoryInterActive
clientid=<azure_registered_app’s_client_id>

Register the multi-factor authentication app

To set up multi-factor authentication, you need to register an app that allows the Microsoft identity platform to provide authentication and authorization services for the Data Prep (Paxata) MFA application and its users.

Tip

To set up the app in the Microsoft identify platform, follow the guidelines below and also refer to the Quickstart: Register an application with the Microsoft identity platform.

The application client ID from the MFA app is required in the JDBC URL so that once you complete the MFA process, the Microsoft identity platform will redirect you to the Data Prep (Paxata) instance’s endpoint (specified in the Redirect URI format section).

During app registration on the Microsoft identify platform, you must do the following:

  • Ensure that the app is authorized to call the Azure SQL Database API when an AD user grants permission. The following shows an example of the settings in the Microsoft identity platform:

  • On the Platform configurations page, under Mobile and desktop applications, set up the redirect URI. After completing MFA with the Azure SQL database, the Microsoft identity platform uses the URI to redirect and send security tokens from your client to the Data Prep (Paxata) application.

    Note

    You need a separate app registration per instance to manage your organization's account. If your organization has multi-tenant access to Data Prep, you can have one MFA app for all of the tenants. You just need to add the redirect URIs for each tenant on the Platform configurations page.

Redirect URI format

http(s)://<paxata_instance_host_name>/interactive-msal-token

Example Redirect URI

https://datarobot.paxata.com/interactive-msal-token

Once you have set up the app, the configured permissions look similar to the following:

Multi-factor authentication process

  1. Configure the JDBC URL on the Data Prep (Paxata) Data Sources page with these settings:

    authentication=ActiveDirectoryInterActive
    clientid=<azure_registered_app’s_client_id>
    

  2. For Credentials, enter only the Active Directory user name. The password is not needed.

  3. Click Test Data Source.

  4. A new tab opens in the browser with a login screen set to the Active Directory user name and password. Click Sign in.

  5. Once your user name and password are authenticated, perform the second verification factor and any additional required verification factors (the verification factors are based on how your MFA account was set up).

  6. Once you verify all factors, the Microsoft identity platform redirects you to the Data Prep application.

  7. Close the window and return to the Data Source configuration page.

Note

If the MFA authentication process has not completed within two minutes, you will receive a message that either the wrong client ID was specified in the JDBC URL, the authentication token has not been received yet, or you do not have access to the requested resource.

Driver Documentation

Additional Documentation


Updated October 28, 2021
Back to top