Credentials store the authorizations for the user or service accounts you will use to connect Validio with integrations such as data sources and notification channels. In general, we recommend creating a new service account with the required permissions for the data you want to monitor with Validio.

Most credential configurations require a set of parameters, such as a username, password, and host name of the service account. For credentials that will connect to a warehouse, you might also need to specify the default database where the data is stored or the role used to access the data source.

After you create a credential, Validio will connect to the service account and automatically start to collect information, such as metadata and lineage. If the credential is used for catalog and schema checks, this information populates the catalog and lineage pages with assets, which you can then convert to sources for Validio to monitor and validate.

For more information, see Managing Credentials.

Best Practices

When setting up credentials for your organization, you can use Namespaces to control access (view and edit privileges) to the credentials. The following are general guidelines and recommendations.

• Visibility into global Catalog and Lineage views: Configure a single credential with “Use for catalog and schema checks” enabled to populate your global catalog and lineage views so that it is visible for all of your organization’s users in Validio. This credential should be assigned to a namespace that only the admin has access to and it should not be used for creating new sources.
• Dedicated Namespaces with limited visibility and permissions: For individual teams and business units, create dedicated namespaces to ensure that the users and teams with editor access to the namespace can only create sources and run debug queries off of the credentials in the namespace. You do not need to enable cataloging or schema checks on these credentials if you have enabled a global credential.
• Distinguish between editor and viewer access: Ensure that teams and users have access to what they need to see. Different teams can configure and manage their own resources separate from other teams.