Start a new topic

Disabling SQL Authentication after switching to Azure AD

Can SQL Authentication for an Azure Database Server be disabled once identity management is configured to use Azure AD authentication and  appropriate users and and roles are set up to use Azure AD as the identity provider?

In other words, is the default built-in authentication where a SQL Admin Account and Password are required, this is only for the initial setup of Semarchy?

Hi Syedhasan,

you can disable the internal authentication, this is not required.

  • Authenticate as an admin using another Identity management
  • Go the Configuration -> Identity Management, turn off Internal - Built-in and click on the save button 

I hope this helps.

Best regards,


The answer from Stephanie Fourrier does not actually answer the question being asked. The question relates to how Semarchy xDM authenticates itself to the backed Repository database server / database. The answer given relates to end-user authentication to the Semarchy xDM application.

Hi Rohan, sorry this was not clear to me.

The connectivity to the repository is not used only when you initialize xDM. This is needed all the time being of your work with the tool as it stores all you model information as well as the batch processing tasks and detailed logging informations.

The connectivity to the repository cannot be disabled.

Does it answer better your question ?

Best regards,


Thank you for the reply Stéphanie.

No, this doesn't answer the question either.

What we want to do is to only use Azure AD authentication with Azure SQL

This would mean that xDM is not permitted to use a username and password to connect to the Repository DB but it would need to use an Azure AD token to connect as an Azure AD Application Principal

I don't see this documented anywhere and so it is likely a new feature request for Semarchy xDM. Is there somewhere we can make a new feature request?

For this to work according to the documentation I have included in the link above, xDM would have to use clientID and clientSecret to obtain JWT token which it then uses in the SQL DB connection.

This link would also be useful Create Azure AD users using service principals - Azure SQL Database

Many Thanks, Rohan.

Login to post a comment