Access control

Neo4j has a complex security model stored in the system graph, which is maintained on a special database called the system database. All administrative commands need to be executed against the system database. When connected to the DBMS over Bolt, administrative commands are automatically routed to the system database. For more information on how to manage multiple databases, refer to the section on administering databases.

Role-based access control was introduced in Neo4j 3.1. Since then, it has been possible to create users and assign them to roles to control whether users can read, write and administer the database. In Neo4j 4.0 this model was enhanced significantly with the addition of privileges, which are the underlying access-control rules by which the users rights are defined.

The original built-in roles still exist with almost the exact same access rights, but they are no-longer statically defined (see Built-in roles). Instead, they are defined in terms of their underlying privileges, and they can be modified by adding or removing these access rights.

In addition, any newly created roles can be assigned to any combination of privileges, so that you may set specific access controls for them. Another new major capability is the sub-graph access control, through which read access to the graph can be limited to specific combinations of labels, relationship types, and properties.

More details about specific categories of access control can be found in the following sections: