This section lists the relevant terminology related to authentication and authorization in Neo4j.
The following terms are relevant to role-based access control within Neo4j:
- active user
- A user who is active within the system and can perform actions prescribed by any assigned roles on the data.
This is in contrast to a suspended user.
- This is a user who has been assigned the
- current user
- This is the currently logged-in user invoking the commands described in this chapter.
- password policy
The password policy is a set of rules of what makes up a valid password.
For Neo4j, the following rules apply:
- The password cannot be the empty string.
- When changing passwords, the new password cannot be the same as the previous password.
This is a collection of actions — such as read and write — permitted on the data.
There are two types of roles in Neo4j:
- suspended user
- A user who has been suspended is not able to access the database in any capacity, regardless of any assigned roles.
- A user is composed of a username and credentials, where the latter is a unit of information, such as a password, verifying
the identity of a user.
- A user may represent a human, an application etc.