- Select `SSL Mode` and upload the client certificate, client key, and Root CA files by clicking on the file.
\
Note: The entire connection parameters can be viewed in json form by clicking on the "Edit connection JSON" and edited as required by database server type.\
Example: In PostgreSQL when SSL mode set to "Required-Identity," if the server certificate's common name (cname) differs from the actual DNS/IP used for connection, the connection will fail.\
To resolve, add "servername" property with same cname value under the SSL section. Additional details are available at [knex configuration options](https://knexjs.org/guide/#configuration-options).
When connecting NocoDB to external data sources such as PostgreSQL, it is crucial to configure the appropriate permissions to ensure data integrity and security. This section explains the options available for schema and data editing, allowing you to tailor the access levels according to your requirements.
NocoDB provides the following options for schema and data permissions:
### Schema Permissions
This option enables users to modify the structure of the database schema. When enabled, users can create, modify, and delete tables, fields and relationships (links) within the connected datasource from NocoDB UI. This provides flexibility to adjust the database design as needed from UI but should be used with caution.
Toggle `Allow Schema Edit` to enable or disable schema editing for the connected datasource. By default, schema editing is disabled.
Even when schema editing is disabled, users can still
- add (augment) virtual columns such as Lookup, Rollup and Formula. These virtual columns do not alter the underlying schema of the connected data source.
- create views to customize the data presentation without modifying the original tables.
- create webhooks to trigger external actions based on specific events within the connected datasource.
- collaborate with other users by explicitly inviting them to the base or by sharing views.
### Data Permissions
This option enables users to modify the data (records) within the connected datasource. When enabled, users can insert, update, and delete records from the tables. This provides the flexibility to manage the data directly from the NocoDB UI but should be used with caution to avoid unintentional changes to the records in the external data source.
Toggle `Allow Data Edit` to enable or disable data editing for the connected datasource. By default, data editing is enabled.
When data editing is disabled, users can still view the data and perform read-only operations such as filtering, sorting, and grouping. This ensures that users can access the data for analysis and reporting purposes without the risk of modifying the records.
:::note
Data editing can only be disabled when schema editing is also disabled