6.10 Privileges to Query a SQL Property Graph

You must have the READ or SELECT object privilege to query a SQL property graph.

If you are the graph creator, then you can allow other graph users to query your graph by granting any one of the following privileges:

GRANT READ ON PROPERTY GRAPH <graph_name> TO <schema_user>;
GRANT SELECT ON PROPERTY GRAPH <graph_name> TO <schema_user>;

It is important to note that granting the preceding privileges allows access only to the property graph object and not to its underlying database tables or views. It allows the graph user to successfully run SQL graph queries on your graph using graph definer's rights. For example:

GRANT READ ON PROPERTY GRAPH students_graph TO hr;

SQL> conn hr/<password_for_hr>;
Connected.
SQL> SELECT * FROM GRAPH_TABLE (graphuser.students_graph MATCH (a IS person) COLUMNS (a.name AS person_a));

PERSON_A
----------
John
Mary
Bob
Alice

To perform SQL graph queries using the VERTEX_ID and EDGE_ID functions, the graph user must have READ or SELECT privilege on the underlying database tables or views. However, if the key columns are exposed as properties, then a READ or SELECT privilege on the graph itself is sufficient to run SQL graph queries using the VERTEX_ID and EDGE_ID functions. Additional privileges on the underlying tables or views are not required.