Enum TeradataAuthenticationMethod
- Namespace
- YndigoBlue.Velocity.Data.Teradata
- Assembly
- YndigoBlue.Velocity.dll
Specifies the authentication mechanism used when connecting to a Teradata database
with integrated authentication (UseIntegratedSecurity = true).
public enum TeradataAuthenticationMethodFields
Ldap = 0LDAP authentication via the Teradata Gateway. Maps to
AuthenticationMechanism=LDAPin the connection string. The Teradata Gateway delegates authentication to the configured LDAP/Active Directory server. No Teradata-level password is sent; the LDAP server performs credential verification. Requires the Teradata Gateway to be configured with an LDAP server address and the database user account to be mapped to an LDAP identity.Spnego = 1Kerberos/SPNEGO single sign-on authentication. Maps to
IntegratedSecurity=truein the connection string. The .NET Data Provider for Teradata uses TeraGSS to automatically select the highest-ranked SSO mechanism configured on the client, typically SPNEGO/Kerberos. No credentials are sent — the OS Kerberos TGT is used. The client machine must hold a valid Ticket Granting Ticket from the domain KDC, and TeraGSS must be installed and configured on the client.Tdnego = 2Teradata negotiated authentication — the server automatically selects the best available mechanism. Maps to
AuthenticationMechanism=TDNEGOin the connection string. TeraGSS must be installed on both the client and the Teradata server.Jwt = 3JSON Web Token (JWT) authentication. Maps to
AuthenticationMechanism=JWTin the connection string. The Teradata Gateway must be configured to accept JWT tokens from your identity provider. Supply the token viaAuthenticationStringin SetAdvancedSettings(string).Bearer = 4OIDC Bearer token authentication. Maps to
AuthenticationMechanism=BEARERin the connection string. RequiresOidcClientIdandJwsPrivateKeyto be configured via SetAdvancedSettings(string).
Remarks
When UseIntegratedSecurity is
true, Velocity omits UserId and Password from the connection string and
sets either IntegratedSecurity=true (for Spnego) or
AuthenticationMechanism=<value> (for all other mechanisms).
All mechanisms require server-side configuration — the Teradata Gateway, LDAP directory, KDC, or identity provider must be set up before connecting. Velocity only sets the connection string property.
| Value | Connection string produced | External requirement |
|---|---|---|
| Ldap | AuthenticationMechanism=LDAP | Teradata Gateway connected to an LDAP/Active Directory server |
| Spnego | IntegratedSecurity=true | Active Directory / Kerberos KDC; TeraGSS configured for SPNEGO; valid Kerberos TGT on the client |
| Tdnego | AuthenticationMechanism=TDNEGO | Teradata Gateway configured for auto-negotiation; TeraGSS installed on both client and server |
| Jwt | AuthenticationMechanism=JWT | Identity provider that issues JWT tokens; Teradata Gateway configured for JWT |
| Bearer | AuthenticationMechanism=BEARER | OIDC identity provider; OidcClientId and JwsPrivateKey set via SetAdvancedSettings |