Microsoft SQL Server Credentials

Getting Started

What is Infisical?
Quickstart
Guides
Setup

Platform

Organizations
Projects
Folders
Secrets
Internal PKI
Infisical SSH
Key Management (KMS)
KMS Configuration
Identities
Access Control
Audit Logs
Secret Rotation
Dynamic Secrets
Gateway
Project Templates
Workflow Integrations
Admin Consoles
Secret Sharing
Secret Scanning

Authentication Methods

Self-host Infisical

Internals

Contributing

Getting Started
Contributing to platform
Contributing to SDK

Prerequisites

Create a Microsoft SQL Server Connection with the required Secret Rotation permissions
Create two designated database users for Infisical to rotate the credentials for. Be sure to grant each user login permissions for the desired database with the necessary privileges their use case will require.

An example creation statement might look like:

-- create server-level logins
CREATE LOGIN [infisical_user_1] WITH PASSWORD = 'my-password';
CREATE LOGIN [infisical_user_2] WITH PASSWORD = 'my-password';
GRANT CONNECT SQL TO [infisical_user_1];
GRANT CONNECT SQL TO [infisical_user_2];

-- create database-level users with login from above
USE my_database;
CREATE USER [infisical_user_1] FOR LOGIN [infisical_user_1];
CREATE USER [infisical_user_2] FOR LOGIN [infisical_user_2];

-- grant relevant permissions
GRANT SELECT, INSERT, UPDATE, DELETE ON SCHEMA::dbo TO [infisical_user_1];
GRANT SELECT, INSERT, UPDATE, DELETE ON SCHEMA::dbo TO [infisical_user_2];

To learn more about Microsoft SQL Server’s permission system, please visit their documentation.

Create a Microsoft SQL Server Credentials Rotation in Infisical

Navigate to your Secret Manager Project’s Dashboard and select Add Secret Rotation from the actions dropdown.
Select the Microsoft SQL Server Credentials option.
Select the Microsoft SQL Server Connection to use and configure the rotation behavior. Then click Next.

Microsoft SQL Server Connection - the connection that will perform the rotation of the configured database user credentials.
Rotation Interval - the interval, in days, that once elapsed will trigger a rotation.
Rotate At - the local time of day when rotation should occur once the interval has elapsed.
Auto-Rotation Enabled - whether secrets should automatically be rotated once the rotation interval has elapsed. Disable this option to manually rotate secrets or pause secret rotation.

Input the usernames of the database users created above that will be used for rotation. Then click Next.

Database Username 1 - the username of the first user that will be used for rotation.
Database Username 2 - the username of the second user that will be used for rotation.

Specify the secret names that the active credentials should be mapped to. Then click Next.

Username - the name of the secret that the active username will be mapped to.
Password - the name of the secret that the active password will be mapped to.

Give your rotation a name and description (optional). Then click Next.

Name - the name of the secret rotation configuration. Must be slug-friendly.
Description (optional) - a description of this rotation configuration.

Review your configuration, then click Create Secret Rotation.
Your Microsoft SQL Server Credentials are now available for use via the mapped secrets.

Navigate to your Secret Manager Project’s Dashboard and select Add Secret Rotation from the actions dropdown.
Select the Microsoft SQL Server Credentials option.
Select the Microsoft SQL Server Connection to use and configure the rotation behavior. Then click Next.

Microsoft SQL Server Connection - the connection that will perform the rotation of the configured database user credentials.
Rotation Interval - the interval, in days, that once elapsed will trigger a rotation.
Rotate At - the local time of day when rotation should occur once the interval has elapsed.
Auto-Rotation Enabled - whether secrets should automatically be rotated once the rotation interval has elapsed. Disable this option to manually rotate secrets or pause secret rotation.

Input the usernames of the database users created above that will be used for rotation. Then click Next.

Database Username 1 - the username of the first user that will be used for rotation.
Database Username 2 - the username of the second user that will be used for rotation.

Specify the secret names that the active credentials should be mapped to. Then click Next.

Username - the name of the secret that the active username will be mapped to.
Password - the name of the secret that the active password will be mapped to.

Give your rotation a name and description (optional). Then click Next.

Name - the name of the secret rotation configuration. Must be slug-friendly.
Description (optional) - a description of this rotation configuration.

Review your configuration, then click Create Secret Rotation.
Your Microsoft SQL Server Credentials are now available for use via the mapped secrets.

To create a Microsoft SQL Server Credentials Rotation, make an API request to the Create Microsoft SQL Server Credentials Rotation API endpoint.

Sample request

Request
curl --request POST \
--url https://us.infisical.com/api/v2/secret-rotations/mssql-credentials \
--header 'Content-Type: application/json' \
--data '{
    "name": "my-mssql-rotation",
    "projectId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "description": "my database credentials rotation",
    "connectionId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "environment": "dev",
    "secretPath": "/",
    "isAutoRotationEnabled": true,
    "rotationInterval": 30,
    "rotateAtUtc": {
        "hours": 0,
        "minutes": 0
    },
    "parameters": {
        "username1": "infisical_user_1",
        "username2": "infisical_user_2"
    },
    "secretsMapping": {
        "username": "MSSQL_DB_USERNAME",
        "password": "MSSQL_DB_PASSWORD"
    }
}'

Sample response

Response
{
    "secretRotation": {
        "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
        "name": "my-mssql-rotation",
        "description": "my database credentials rotation",
        "secretsMapping": {
            "username": "MSSQL_DB_USERNAME",
            "password": "MSSQL_DB_PASSWORD"
        },
        "isAutoRotationEnabled": true,
        "activeIndex": 0,
        "folderId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
        "connectionId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
        "createdAt": "2023-11-07T05:31:56Z",
        "updatedAt": "2023-11-07T05:31:56Z",
        "rotationInterval": 30,
        "rotationStatus": "success",
        "lastRotationAttemptedAt": "2023-11-07T05:31:56Z",
        "lastRotatedAt": "2023-11-07T05:31:56Z",
        "lastRotationJobId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
        "nextRotationAt": "2023-11-07T05:31:56Z",
        "connection": {
            "app": "mssql",
            "name": "my-mssql-connection",
            "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a"
        },
        "environment": {
            "slug": "dev",
            "name": "Development",
            "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a"
        },
        "projectId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
        "folder": {
            "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
            "path": "/"
        },
        "rotateAtUtc": {
            "hours": 0,
            "minutes": 0
        },
        "lastRotationMessage": null,
        "type": "mssql-credentials",
        "parameters": {
            "username1": "infisical_user_1",
            "username2": "infisical_user_2"
        }
    }
}

Was this page helpful?

Suggest edits Raise issue

PostgreSQL Credentials Overview

On this page

Prerequisites
Create a Microsoft SQL Server Credentials Rotation in Infisical

Getting Started

Platform

Authentication Methods

Self-host Infisical

Internals

Contributing

​Prerequisites

​Create a Microsoft SQL Server Credentials Rotation in Infisical

​Sample request

​Sample response

Prerequisites

Create a Microsoft SQL Server Credentials Rotation in Infisical

Sample request

Sample response