Providing Credentials on Command Line

DataStax Enterprise (DSE) tools interact directly with the database or use the Java Management Extension MBeans to get metrics and perform operations. Use the command line switch that is relative to the type of operation performed by the command.

Each of the tools listed support prompting for the password when none is provided. Using the option to enter the password on the command line prompt is a security risk because the password appears in plain text in the terminal history.

Credentials for database interactions

When you enable DSE database authentication, you must provide a username and password to run commands that interact with the DSE database.

DSE utilities

DataStax provided utilities typically have the following command line options for credentials:

dse -u <user_name> [ -p <password>] <command>

Where the command line options for each supported tool are:

  • dse advrep

    dse -u <username> [-p <password>] advrep <command> <subcommand>

  • dse fs

    dse -u <username> [-p <password>] fs

  • dse spark

    dse -u <username> [-p <password>] spark [<options>]

  • dse spark-class

    dse -u <username> [-p <password>] spark-class <options>

  • dse spark-submit

    dse -u <username> [-p <password>] spark-submit <options>

  • dse spark-jobserver

    dse -u <username> [-p <password>] spark-jobserver <options>

  • dse spark-history-server

    dse -u <username> [-p <password>] spark-history-server <options>

  • dse spark-sql

    dse -u <username> [-p <password>] spark-sql-thriftserver <options>

  • dse pyspark

    dse -u <username> [-p <password>] pyspark <options>

  • dse spark-sql

    dse -u <username> [-p <password>] spark-sql <options>

  • dse SparkR

    dse -u <username> [-p <password>] sparkR <options>

  • dse client-tool connection options

    dse -u <username> [-p <password>] client-tool <subcommand> <options>

  • dse gremlin-console

    dse -u <username> [-p <password>] gremlin-console

Native utilities

The native database utilities typically have the following command line options for credentials:

command -u <username> [-pw <password>] <subcommand>

Where the command line options for each supported tool are:

  • nodetool

    nodetool -u <username> [-pw <password>] <subcommand>

  • SSTable tools

    sstable_command -u <username> [-pw <password>] [<options>]

  • cassandra-stress tool

    cassandra-stress -mode user=<username> password=<password> authprovider=auth-provider=<com.datastax.driver.core.AuthProvider> <options>

Credentials for Java Management Extensions (JMX) interactions

When JMX authentication is also enabled, commands that use JMX MBeans to verify status or execute commands require additional credentials. Use the -a <username> and -b <password> before the command.

dsetool -a <jmx_username> [ -b <jmx_password>] <command>

When authentication is enabled, set up permission to access MBeans see Controlling access to JMX MBeans.

  • dse advrep

  • dsetool status

The JMX authentication switch for DSE Advanced Replication commands uses:

dse advrep --jmx-user <jmx_username> [ --jmx-pwd <jmx_password>] <command>

Entering the password in plain text from the command line is not secure; the password may be stored in the terminal history. DataStax recommends entering the password at the prompt instead of using the password option from the CLI.

Was this helpful?

Give Feedback

How can we improve the documentation?

© 2025 DataStax | Privacy policy | Terms of use | Manage Privacy Choices

Apache, Apache Cassandra, Cassandra, Apache Tomcat, Tomcat, Apache Lucene, Apache Solr, Apache Hadoop, Hadoop, Apache Pulsar, Pulsar, Apache Spark, Spark, Apache TinkerPop, TinkerPop, Apache Kafka and Kafka are either registered trademarks or trademarks of the Apache Software Foundation or its subsidiaries in Canada, the United States and/or other countries. Kubernetes is the registered trademark of the Linux Foundation.

General Inquiries: +1 (650) 389-6000, info@datastax.com