ScyllaDB Docs ScyllaDB Node.js Driver Authentication

Caution

You're viewing documentation for an unstable version of ScyllaDB Node.js Driver. Switch to the latest stable version.

Authentication¶

The Node.js RS Driver supports both username/password authentication and SSL/TLS connections.

Important: Authentication credentials are sent in plain text to the server. For this reason, it is strongly recommended to use authentication together with SSL/TLS encryption, or only in a trusted network environment.

Username and Password Authentication¶

To connect with username/password credentials, provide them in the credentials option:

const { Client } = require('@scylladb/driver');

(async () => {
  const client = new Client({
    contactPoints: ['127.0.0.1'],
    localDataCenter: 'datacenter1',
    credentials: {
      username: 'cassandra',
      password: 'cassandra',
    },
  });

  await client.connect();
})();

The credentials object accepts:

username - the username to authenticate with
password - the password to authenticate with

These map directly to ScyllaDB’s built-in PasswordAuthenticator. Ensure that the authenticator is enabled in your ScyllaDB configuration (authenticator: PasswordAuthenticator in scylla.yaml).

SSL/TLS¶

To connect over SSL, provide an sslOptions object. The SSL options are passed directly to Node.js’s tls.connect():

const fs = require('fs');
const { Client } = require('@scylladb/driver');

(async () => {
  const client = new Client({
    contactPoints: ['127.0.0.1'],
    localDataCenter: 'datacenter1',
    sslOptions: {
      ca: fs.readFileSync('/path/to/ca.crt'),
      cert: fs.readFileSync('/path/to/client.crt'),
      key: fs.readFileSync('/path/to/client.key'),
      rejectUnauthorized: true,
    },
  });

  await client.connect();
})();

Common SSL options:

Option	Description
`ca`	CA certificate (Buffer or string) to verify the server cert
`cert`	Client certificate for mutual TLS authentication
`key`	Client private key for mutual TLS authentication
`rejectUnauthorized`	Whether to reject connections with invalid certificates

Using Both Authentication and SSL¶

You can combine username/password authentication with SSL for secure connections:

const fs = require('fs');
const { Client } = require('@scylladb/driver');

(async () => {
  const client = new Client({
    contactPoints: ['127.0.0.1'],
    localDataCenter: 'datacenter1',
    credentials: {
      username: 'cassandra',
      password: 'cassandra',
    },
    sslOptions: {
      ca: fs.readFileSync('/path/to/ca.crt'),
      rejectUnauthorized: true,
    },
  });

  await client.connect();
})();

Was this page helpful?