Customer-managed direct SQL access (CMDSA)

Note: Direct SQL access is not included automatically with your RelativityOne subscription, and must be requested by contacting your customer success manager or implementation specialist.

In addition to querying and manipulating data through Relativity's suite of API's, administrators and developers can extend the power of the Platform even further by directly querying the SQL database. This is an important aspect of the Platform that you may be accustomed to using in your Relativity Server deployment, and something you can also take advantage of in RelativityOne. You can run Relativity Scripts in your RelativityOne instance, and you can also run SQL scripts in SQL Server Management Studio (SSMS) directly against your Relativity databases. Direct SQL can be used for situations that require running custom reports, Relativity scripts, or running commands directly in SQL Server Management Studio against your RelativityOne database.

You will be provided with one TenantAdmin account that you can use to create additional accounts with the limited permissions that you specify.

Note: You do not receive access to the physical server, you are only able to access SQL via the SQL Management Studio. No additional infrastructure components (certificates, etc.) are required for the access - only the VPN connection and SQL Server Management Stuio.

The TenantAdmin account will allow you to:

  • Write SQL data
  • Update and delete SQL data in workspace tables and invariant stores
  • Create new users with limited permissions
  • Query the EDDS and the Invariant databases

A full description of the permissions available in these two accounts is detailed in Database / server access by account.

See SQL tenant admin operational overview for more information on the operations that an CMDSA TenantAdmin can perform.

Note: Please reach out to your customer success manager or implementation specialist if you have any questions or require permissions that are not granted by default.

This page contains the following information:

Accessing direct SQL

To request direct SQL access, you can contact your Implementation Specialist, Customer Success Manager, or RelativityOne Support.

To connect to Direct SQL using SQL Server Management Studio:

  1. Download SQL Server Management Studio to the local machine or server that has the VPN connection.
  2. Connect to the GlobalProtect VPN.
  3. Use the server name and credentials received from Support or Customer Experience to connect to the primary SQL server using SQL Server Management Studio from your local machine. To access RelativityOne databases, refer to the SQL server coding considerations section in the RelativityOne developer considerations page on the Platform site. This page contains information on the following:
    • Access to SQL servers and databases
    • SQL Server query resiliency
    • Direct SQL access and location considerations including how to return a list of SQL instances and instance values

Note: You are required to change the password on the first connection and must manage these passwords internally. See SQL tenant admin operations overview on the Platform site.

Note: Direct SQL Access is not supported on your Utility Server.

Database / server access by account

Existing TenantReporting accounts will be phased out as of March 01, 2020 and replaced by your TenantAdmin account which can assign various account roles out and create new users. See SQL tenant admin operational overview for more information on the operations that an CMDSA TenantAdmin can perform.

The following table describes the access level granted to the TenantAdmin account. The TenantAdmin may create additional users that all have permissions that fall within this domain of privileges. The TenantAdmin may not create additional users that have the rights to create users.

Table / Action

Tenant Admin

EDDSArchiving Read-only

EDDS Database



No access


No access

Invariant Database


Invariant Stores

DML access (insert / read / update / delete)

Collections Database

No access

Client use databases
(_DB1, _DB2, _DB3) on EDDS and all distributed instances. See Client use databases.

Full DDL / DML access, SQL DB user permission (insert / read / update / delete / execute) on tenant schema

Stored Procedure Access (_DB1, _DB2, _DB3 ONLY)

Tenant Schema only

Stored Procedure Creation (_DB1, _DB2, _DB3 ONLY)

Tenant Schema only

Schema modifications (_DB1, _DB2, _DB3 ONLY)

Tenant Schema only

Workspace Database Tables

DML access (insert / read / update / delete), DDL on EDDSDBO Schema only

Create Logins TenantAdmin only

* In Sandbox, read-only access is granted to Tenant Admin for troubleshooting purposes. For RelativityOne production, access is not available and you should contact Support if troubleshooting assistance is needed.

Client use databases

Client use databases are supplied in RelativityOne for the storage of data unrelated to Relativity or Relativity custom applications, as an intermediary data staging location, or a housing location for SQL Stored Procedures. These databases do not contain data by default and aren't used by the Relativity platform. Data storage capacity of these databases is capped at 5GB, and these databases have broader permissions than workspace databases.

Common use cases include:

  • You need to host a number of SQL Stored Procedures or functions for use across your RelativityOne instance.
  • You need to migrate staged data in a workspace to another workspace without the data overhead of a full ARM workflow.
  • You need to create a central queue or data repository for an outside application that does not interact with any custom agents or objects.

Cases where a client use database is NOT commonly used or recommended:

  • You store data for a custom application, such as configuration or queue records.
  • You have data that depends upon multiple tables in a workspace or in EDDS and are able to store the data in a Relativity object.

SQL tenant admin operational overview

The following operations are available only to TenantAdmin accounts:

  • Calling stored procedures as a tenant admin
  • Creating a new user login
  • Adding or changing user roles
  • Changing a user password
  • Enabling or disabling a user login

Refer to the Tenant admin operational overview on the Platform site for more information on how to perform administration duties.