5
13 Comments

Would you give your database credentials to a SaaS?

Hello Indie Hackers community,

For exemple, if I want to build a PhpMyAdmin like but as a SaaS. The user will have to give his DB credentials to allow my SaaS to manage his DB.

I'm really surprised that doesn't already exist, do you think there's too much security issues ?
Would you give your database credentials to a SaaS?

  1. 2

    Retool.com, internal.io and many more are doing millions in MRR and they basically take DB credential to help companies build internal tools

    1. 1

      Interesting, I want to build a concurrent to Retool and Internal (I didn't know them, maybe they already do a good job with their products)

  2. 2

    PhpMyAdmin requires read-write access, so from my perspective, I would not try such SaaS. Different story with local application like desktop app.

  3. 1

    Absolutely not, it's a horrible idea.

    Some people wouldn't mind, though. For the rest of us, you could make a self-hosted version, though.

  4. 1

    Every one will be hesitant to give database password. Hence your product may not get large adoption.

    Here is my suggestion

    1. Create a package for Ubuntu where the MySQL will be installed.

    2. This package will create a required user and make OAuth facilities for your SaaS to connect.

    Will this idea works for you ?

  5. 1

    No. Data is the most valuable asset of any software based company. I would never give up control of that.

    1. 2

      You may have a change of mind when you need tools like Retool.com, internal.io, PowerBI, etc.

      Those companies are doing millions in MRR

      1. 2

        Just because I wouldn't do it doesn't mean it's not viable. Technically, if you use a managed database, you're giving away control over your data already. I just value data ownership.

    2. 1

      I think you are right. However, it’s not asking the database owners to give up the “control” in this case. As other have suggested, setting up a “read-only” account and let the SaaS to access this account would be the proper approach.

      1. 1

        Depends on the use case. I could imaging giving read-only access directly to the database, but Paul mentioned PhpMyAdmin, which is used to manage everything.

        1. 2

          Yes, I didn't know these kind of tools already exists, but I want to build a Retool.com and internal.io concurrent

  6. 1

    This comment was deleted a year ago.

    1. 1

      Retool.com, internal.io, and many more are doing millions in MRR and they basically takes credential to help companies build internal tools

    2. 1

      I agree. Not sure why everyone is saying no. Microsoft Power BI is used by thousands of enterprise companies, and they connect directly to your DB.

    3. 1

      This comment was deleted a year ago.

Trending on Indie Hackers
How I grew a side project to 100k Unique Visitors in 7 days with 0 audience 48 comments Competing with Product Hunt: a month later 33 comments Why do you hate marketing? 28 comments $15k revenues in <4 months as a solopreneur 14 comments Use Your Product 13 comments How I Launched FrontendEase 13 comments