Clarification on Entra Authentication for PostgresSQL on Azure

In KNIME, when connecting to an Azure PostgreSQL DB via the PostgreSQL Connector node, the options seem to be Credentials, UN/PW, or Kerberos (?). UN/PW works fine.

On Azure, the options are:

  • PostgreSQL authentication only (which works for KNIME’s UN/PW)
  • Microsoft Entra authentication only
  • PostgreSQL and Microsoft Entra authentication

image

How can we leverage the 2nd or even 3rd option with KNIME? The process for creating Entra app registrations and obtaining secrets is clear - but I don’t see how a Microsoft Connector node can output into one of the 3 options needed by the PostgreSQL node.

Thanks

Friendly nudge up :slight_smile:. Guessing a custom driver might be required to load up into the node?

Hi @qdmt -

Let me ask internally and see what I can find out.

Sorry - last but friendly nudge on this. Thanks!

Hello @qdmt ,

sorry for the long silence. I’m afraid it is not supported to use the Microsoft Authenticator node to authenticate a connection to Postgres.
This requires an additional Azure specific identity extension.

I haven’t tested this but only extracted this information from the Microsoft documentation:
You could try to create a Jar file that contains all the required libraries e.g. via Online Maven download tool and the provided XML file. Once you have the jar file you register it as a custom Postgres driver in KNIME. You can then select the driver in DB Connector node and use the following URL
jdbc:postgresql://${AZ_DATABASE_SERVER_NAME}.postgres.database.azure.com:5432/${AZ_DATABASE_NAME}?sslmode=require&authenticationPluginClassName=com.azure.identity.extensions.jdbc.postgresql.AzurePostgresqlAuthenticationPlugin
For authentication select Username and enter ${YOUR_POSTGRESQL_USERNAME}@${AZ_DATABASE_NAME}. For more details on the different configurations see this documentation.

Bye
Tobias

1 Like