- To create a password, head to your database overview page at
https://app.planetscale.com/<ORGANIZATION>/<DATABASE_NAME>and click on the "Connect" button.
On this dialog, click the
New passwordbutton. This will generate a unique username & password pair that can only be used to only access the
mainbranch of your database. Take note of this password, as you won't be able to see it again.
Once created, you can browse the connection string in different framework formats by selecting the framework in the "Connect with" dropdown. This will also show you all of the files you need to modify to get connected with PlanetScale in your framework or language of choice.
You can connect to PlanetScale from any platform that supports MySQL. These connection strings are in place to let you hit the ground running. Please let us know if we're missing your favorite framework in this list or if you have any suggestions. We support pre-generating connection strings for Go, Java, .Net, PHP, Laravel, Symfony, Prisma, Python, Rails, and Rust.
Make sure you copy the connection string for your application and the "General" format. We don't save the password in clear text, so there's no way to retrieve the password after you leave this page.
Once you've created the password, you can head over to the "Passwords" settings page available at
Organization > Database > Settings > Passwords to manage them.
You can also create passwords for branches other than
main on this page.
Clicking on the
... icon on the row for your password allows you to pull up the connection string (except the password), rename it, or delete it.
Since the username & password pair is unique, the only metadata you can edit is the
display name of the password.
Deleting a password will invalidate the username & password pair and disconnect any active clients using this password.
Any open database connections authenticated with a deleted password will be disconnected within five minutes.
Use the tools you're familiar with to connect to PlanetScale databases. PlanetScale supports both MySQL native authentication, which is widely used to provide a secure connection to MySQL servers, and MySQL Caching SHA-2 authentication, which is the most secure authentication mechanism to connect to MySQL. Based on your application needs and platform support, you can switch between the authentication modes, with the same password.
For a list of tested MySQL GUI clients, review our article on how to connect MySQL GUI applications.
PlanetScale Passwords are created for use with a single database branch. This strong security model allows you to generate passwords that are tied to a branch, and cannot access data/schema from another branch.
PlanetScale automatically disconnects clients that are using a deleted password. Head on over to the
Organization > Database > Settings > Passwords page on your database branch to delete passwords for that branch. It may take up to five minutes for all active clients to be disconnected.
PlanetScale only stores hashes and metadata about your database passwords. To add an extra layer of security to your database, we do not store any passwords in plain text.
In the event that you lose a password, we cannot recover it for you. We recommend creating a new password with the same access level.
All passwords and service tokens generated for use with PlanetScale databases are part of GitHub's Secret Scanning program. If any database passwords or service tokens are committed in plain text to any public GitHub repository, we will be notified and take corrective action to delete the access tokens and cut off their access.