Online Documentation for SQL Administrator for SQL Server

Application Roles


An Application Role is a database principal that enables an application to run with its own, user-like permissions. You can use application roles to enable access to specific data to only those users who connect through a particular application. Unlike database roles, application roles contain no members and are inactive by default. Because application roles are a database-level principal, they can access other databases only through permissions granted in those databases to guest. Therefore, any database in which guest has been disabled will be inaccessible to application roles in other databases.

 

Use the context menu or buttons on the work area toolbar to manage application roles:

Create create a new application role

Edit edit selected application role(s)

Drop drop selected application role(s)

  • rename selected application role
  • create the object copy on the same server
  • clone the object copy to another server

Print create and print the report

Alternatively, you can use the 'Insert' button to create a role, 'Enter' button to edit role(s) and 'Delete' button to drop role(s).

 

Security - Application roles

 

 

To view Application Roles select a database from the Database drop-down list which is situated on the toolbar.

The list displays the existing application roles as a grid with the following columns: Name, DB Owner, Default Schema, Created, Modified, Number of Assigned Roles. If more convenient, you can change the order of the columns by dragging their headers horizontally. See the Working with grid section of the SQL Administrator documentation to find out operations that can be performed with the grid.

 

To open an Application Role in the Application role Editor, double-click it in the grid. Alternatively, you can right-click the Application Role alias and select the Edit Application Role(s) context menu item.

 

 


See also:

Logins

Database users

Database roles

Server Roles

Server Permissions

Database Permissions