Make sure if you have whitelisted ingestion container IP on Azure SQL firewall rules. Checkout [this](https://learn.microsoft.com/en-us/azure/azure-sql/database/firewall-configure?view=azuresql#use-the-azure-portal-to-manage-server-level-ip-firewall-rules) document on how to whitelist your IP using azure portal.
Synapse database user must grant `SELECT` privilege to fetch the metadata of tables and views.
```sql
-- Create a new user
-- More details https://learn.microsoft.com/en-us/sql/t-sql/statements/create-user-transact-sql?view=sql-server-ver16
**username**: Specify the User to connect to Synapse. It should have enough privileges to read all the metadata.
{% /codeInfo %}
{% codeInfo srNumber=2 %}
**password**: Password to connect to Synapse.
{% /codeInfo %}
{% codeInfo srNumber=3 %}
**hostPort**: Enter the fully qualified hostname and port number for your Synapse deployment in the Host and Port field.
{% /codeInfo %}
{% codeInfo srNumber=4 %}
**database**: The database of the data source is an optional parameter, if you would like to restrict the metadata reading to a single database. If left blank, OpenMetadata ingestion attempts to scan all the databases.
{% /codeInfo %}
{% codeInfo srNumber=5 %}
**driver**: Connecting to Synapse requires ODBC driver to be installed. Specify ODBC driver name in the field.
You can download the ODBC driver from [here](https://learn.microsoft.com/en-us/sql/connect/odbc/download-odbc-driver-for-sql-server?view=sql-server-ver16).In case of docker or kubernetes deployment this driver comes out of the box with version `ODBC Driver 18 for SQL Server`.
{% /codeInfo %}
{% codeInfo srNumber=8 %}
**Authentication Mode**:
1.**Authentication**:
- The `authentication` parameter determines the method of authentication when connecting to Synapse using ODBC (Open Database Connectivity).
- If you select **"Active Directory Password"**, you'll need to provide the password associated with your Azure Active Directory account.
- Alternatively, if you choose **"Active Directory Integrated"**, the connection will use the credentials of the currently logged-in user. This mode ensures secure and seamless connections with Synapse.
2.**Encrypt**:
- The `encrypt` setting in the connection string pertains to data encryption during communication with Synapse.
- When enabled, it ensures that data exchanged between your application and the database is encrypted, enhancing security.
3.**Trust Server Certificate**:
- The `trustServerCertificate` option also relates to security.
- When set to true, your application will trust the server's SSL certificate without validation. Use this cautiously, as it bypasses certificate validation checks.
4.**Connection Timeout**:
- The `connectionTimeout` parameter specifies the maximum time (in seconds) that your application will wait while attempting to establish a connection to Synapse.
- If the connection cannot be established within this timeframe, an error will be raised.
**Connection Options (Optional)**: Enter the details for any additional connection options that can be sent to database during the connection. These details must be added as Key-Value pairs.
{% /codeInfo %}
{% codeInfo srNumber=7 %}
**Connection Arguments (Optional)**: Enter the details for any additional connection arguments such as security or protocol configs that can be sent to database during the connection. These details must be added as Key-Value pairs.
- In case you are using Single-Sign-On (SSO) for authentication, add the `authenticator` details in the Connection Arguments as a Key-Value pair as follows: `"authenticator" : "sso_login_url"`
