Access rights and security

Controlling access to a GraphDB repository and assigning user accounts to roles with specified access permissions can be done using the GraphDB Workbench.

This allows you to:

  • Create security constraints on operations (reading statements, writing statements, modifying named graphs, changing namespace definitions, etc.);
  • Group security constraints in security roles;
  • Manage user accounts and assign these to specific security roles.

Using the GraphDB Workbench

To manage your users’ access, from the dropdown list Admin choose Users and Access. The page displays a list of users and the number of repositories they have access to.


Here you can create new users, delete existing ones or edit their profiles’ data, including their password, user roles, and read/write permissions for each repository. Repository permissions can be bound to a specific location or to all locations (“*” in the location list).

User roles:

  • User - a user who can read and write according to his permissions for each repository;
  • Admin - a user with full access, including creating, editing, deleting users.

Login and default credentials:

By default, the security for the entire Workbench instance is disabled. It means that everyone has full access to repositories and admin functionality. To enable them, move the Security is off slider to on. If security is enabled, the first page you will see is the login page. The default administrator account information is:


username: admin
password: root

It is highly recommended that you change the root password as soon as you log in for the first time. Click your username (admin) in the top right corner to change it.