Skip to main content

GRANT and REVOKE

In SQL, GRANT and REVOKE are Data Control Language (DCL) commands used for providing and removing user privileges respectively.

GRANT

The GRANT statement allows database administrators to grant permissions or privileges on a database object to users. There are various types of privileges like SELECT, INSERT, UPDATE, DELETE, REFERENCES, ALL.

You can use the GRANT statement as follows:

GRANT privilege_name
ON object_name
TO {user_name |PUBLIC |role_name}
[WITH GRANT OPTION];

Example:

GRANT SELECT ON employees TO user1;

In this example, user1 is granted permission to read/perform SELECT operations on the employees table.

REVOKE

The REVOKE statement can be used when we want to revoke some or all of the privileges that were assigned earlier to a user or a group of users. The syntax for using the REVOKE command is similar to the GRANT command.

Here's the syntax:

REVOKE privilege_name
ON object_name
FROM {user_name |PUBLIC |role_name}

Example:

REVOKE SELECT ON employees FROM user1;

In this example, user1 is revoked from the permission to read/perform SELECT operations on the employees table.

Permission management is an important aspect of database management, understanding, and using GRANT and REVOKE operations help in maintaining the integrity and security of your data in SQL.