Skip to main content
Edit this page on GitHub

Trino

Supported trino version 352 and higher

Connection String

The connection string format is as follows:

trino://{username}:{password}@{hostname}:{port}/{catalog}

If you are running Trino with docker on local machine, please use the following connection URL

trino://trino@host.docker.internal:8080

Authentications

1. Basic Authentication

You can provide username/password in the connection string or in the Secure Extra field at Advanced / Security

  • In Connection String

    trino://{username}:{password}@{hostname}:{port}/{catalog}
  • In Secure Extra field

    {
    "auth_method": "basic",
    "auth_params": {
    "username": "<username>",
    "password": "<password>"
    }
    }

NOTE: if both are provided, Secure Extra always takes higher priority.

2. Kerberos Authentication

In Secure Extra field, config as following example:

{
"auth_method": "kerberos",
"auth_params": {
"service_name": "superset",
"config": "/path/to/krb5.config",
...
}
}

All fields in auth_params are passed directly to the KerberosAuthentication class.

NOTE: Kerberos authentication requires installing the trino-python-client locally with either the all or kerberos optional features, i.e., installing trino[all] or trino[kerberos] respectively.

3. Certificate Authentication

In Secure Extra field, config as following example:

{
"auth_method": "certificate",
"auth_params": {
"cert": "/path/to/cert.pem",
"key": "/path/to/key.pem"
}
}

All fields in auth_params are passed directly to the CertificateAuthentication class.

4. JWT Authentication

Config auth_method and provide token in Secure Extra field

{
"auth_method": "jwt",
"auth_params": {
"token": "<your-jwt-token>"
}
}

5. Custom Authentication

To use custom authentication, first you need to add it into ALLOWED_EXTRA_AUTHENTICATIONS allow list in Superset config file:

from your.module import AuthClass
from another.extra import auth_method

ALLOWED_EXTRA_AUTHENTICATIONS: Dict[str, Dict[str, Callable[..., Any]]] = {
"trino": {
"custom_auth": AuthClass,
"another_auth_method": auth_method,
},
}

Then in Secure Extra field:

{
"auth_method": "custom_auth",
"auth_params": {
...
}
}

You can also use custom authentication by providing reference to your trino.auth.Authentication class or factory function (which returns an Authentication instance) to auth_method.

All fields in auth_params are passed directly to your class/function.

Reference: