# Access permissions for Daton Daton will require access permissions both for extracting data from data sources and for loading data to cloud based data warehouses and data lakes. As a generic rule, Daton would need read access to data sources and write access to data destinations. The following write-up will talk in detail for each variety of integration. ### Data Warehouses #### Google BigQuery * Google BigQuery will require **BigQuery Data Owner** and **BigQuery Job User** permissions to service account * Read setup instructions in detail for [**BigQuery**](https://docs.sarasanalytics.com/integrations/destinations/bigquery/setup-google-bigquery) here #### Amazon RedShift * White list **35.238.200.205/32** Daton IP Address in security groups for the required RedShift cluster * Create a database user on RedShift and grant **CREATE** permissions on the database ``` CREATE USER daton WITH PASSWORD 'yourpassword'; CREATE SCHEMA daton AUTHORIZATION daton; GRANT CREATE ON DATABASE db-name TO daton; ``` * Read setup instructions in detail for [**RedShift**](https://docs.sarasanalytics.com/integrations/destinations/amazon-redshift) here ### Data Sources #### Databases * White list **35.238.200.205/32** Daton IP Address * Create a database user **READ** permissions on the database Each database will have different ways to configure the above steps and following links describe them in detail - 1. databases such as MySQL, PostgreSQL, Amazon Aurora, Amazon RedShift, GCP MySQL, GCP PostgreSQL, Amazon RDS MySQL, Amazon RDS PostgreSQL 2. Ecommerce platforms such as Magento, Capillary MartJack, WooCommerce, and BigCommerce #### **SaaS Applications with OAuth Authentication** * Scopes will be pre-defined as **Read-Only** for most of the OAuth sources such as Facebook Ads, Google Analytics, etc. Users can verify the scopes during authentication on Daton. For Example: ![Scopes for Google Analytics integration on Daton](/files/-LuI5ZplrNQ9OrSyr7Hw) * It is however recommended that a separate user with **Read-Only** access be created for Daton on the respective platform and those credentials be used to integrate the data source. Read detailed documentation of respective applications at [Data Sources](https://docs.sarasanalytics.com/integrations/data-sources/saas-integrations). #### SaaS Applications with Basic Authentication * Applications with basic authentication protocols use API Keys and Secrets. * It is however recommended that a separate user with **Read-Only** access be created for Daton on the respective platform and those credentials be used to integrate the data source. * Note that some of the applications might not allow data extraction or usage of APIs with read-only access. Read detailed documentation of respective applications at [Data Sources](https://docs.sarasanalytics.com/integrations/data-sources/saas-integrations). --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://daton-sarasanalytics.gitbook.io/daton/~/changes/1yNKwtXwaJMWImmUJtdv/platform/essentials/access-permissions-for-daton.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.