Blog · Azure

Creating users in Azure SQL DB

Author André Krämer Published July 20, 2020 Reading time approx. 2 minutes

After creating a database under Microsoft Azure, the next step is usually to create a user who is to be authorized in the corresponding database.

Unfortunately, there is currently no direct option for this in the web interface of the Azure portal. Only the admin user for the DB server can be configured there. For security reasons, however, this should not be the user with which you later access the database from your own application.

With a local SQL Server installation, you would now open the SQL Server Management Studio at this point and create the user there conveniently via the interface. If you try to do this with an Azure SQL DB, you will be disappointed to learn that this interface is not available for Azure SQL databases.

Achieving the goal with T-SQL

Instead, you have to create the user with T-SQL. To accomplish this, connect with any SQL client, e.g. SQL Server Management Studio or Azure Data Studio with an administrative user to the corresponding database server with the database master and execute the following SQL statement to create a login:

CREATE LOGIN [MyUser] WITH PASSWORD=N'Test!987'
GO

MyUser and Test!987 are of course only placeholders for the actual username and the corresponding password at this point.

After the login is now known on the server, in the next step we have to create a user for the login in the target database (usually not master). By the way, we need such a user for every database the login should have access to.

So for this purpose, we first change to the corresponding database in our SQL client, e.g. via use [MyDatabase] and then execute the following statement.

CREATE USER [MyUser] FOR LOGIN [MyUser] WITH DEFAULT_SCHEMA=[dbo]
GO

Finally, we have to give the user a suitable role according to the desired access rights.

For example, if the user should be able to read and write data, but not modify database structures, then the groups db_datareader and db_datawriter would be appropriate.

EXEC sp_addrolemember 'db_datareader', 'MyUser';
EXEC sp_addrolemember 'db_datawriter', 'MyUser';
GO

What describes your situation?

André Krämer, Founder & Managing Director von Quality Bytes
André Krämer Founder & Managing Director of Quality Bytes GmbH · 13× Microsoft MVP · book author (.NET MAUI) · supervisory board of ODYSYS AG. In software development since 1997, specialized in .NET since 2002.
Prefer to talk directly?

Some questions no blog post can answer.

If your situation is more concrete than an article, take the shorter route: a 30-minute consultation, free and without obligation.

Book a consultation
The first step

Ready for 30 minutes that create clarity?

30 minutes, free, no obligation. You’ll talk to someone who understands your software. In the end you’ll know whether we’re the right fit. If not, we’ll tell you openly.

Quality Bytes GmbH · Brunnenstraße 21 · 53498 Bad Breisig
+49 2633 4899 430 · info@qualitybytes.de

That didn’t work. Please try again or email us directly at info@qualitybytes.de.
Thank you for your message! We’ll get back to you within one business day with suggested dates.
We use your data solely to process your request. Transmission is handled by our processor Brevo (Brevo privacy policy). Details are in our privacy policy. No spam, no unsolicited newsletter.