Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All
Expand Minimize


Applies To: SQL Server 2014, SQL Server 2016 Preview

Topic Status: Some information in this topic is preview and subject to change in future releases. Preview information describes new features or changes to existing features in Microsoft SQL Server 2016 Community Technology Preview 2 (CTP2).

Changes the name, password, or default schema of an application role.

Applies to: SQL Server (SQL Server 2008 through current version), SQL Database V12 (Preview in some regions).

Topic link icon Transact-SQL Syntax Conventions

ALTER APPLICATION ROLE application_role_name 
    WITH <set_item> [ ,...n ]

<set_item> ::= 
    NAME = new_application_role_name 
    | PASSWORD = 'password'
    | DEFAULT_SCHEMA = schema_name


Is the name of the application role to be modified.

NAME =new_application_role_name

Specifies the new name of the application role. This name must not already be used to refer to any principal in the database.

PASSWORD ='password'

Specifies the password for the application role. password must meet the Windows password policy requirements of the computer that is running the instance of SQL Server. You should always use strong passwords.

DEFAULT_SCHEMA =schema_name

Specifies the first schema that will be searched by the server when it resolves the names of objects. schema_name can be a schema that does not exist in the database.

If the new application role name already exists in the database, the statement will fail. When the name, password, or default schema of an application role is changed the ID associated with the role is not changed.

Important note Important

 Password expiration policy is not applied to application role passwords. For this reason, take extra care in selecting strong passwords. Applications that invoke application roles must store their passwords.

Application roles are visible in the sys.database_principals catalog view.

Caution note Caution

In SQL Server 2005 the behavior of schemas changed from the behavior in earlier versions of SQL Server. Code that assumes that schemas are equivalent to database users may not return correct results. Old catalog views, including sysobjects, should not be used in a database in which any of the following DDL statements has ever been used: CREATE SCHEMA, ALTER SCHEMA, DROP SCHEMA, CREATE USER, ALTER USER, DROP USER, CREATE ROLE, ALTER ROLE, DROP ROLE, CREATE APPROLE, ALTER APPROLE, DROP APPROLE, ALTER AUTHORIZATION. In a database in which any of these statements has ever been used, you must use the new catalog views. The new catalog views take into account the separation of principals and schemas that is introduced in SQL Server 2005. For more information about catalog views, see Catalog Views (Transact-SQL).

Requires ALTER ANY APPLICATION ROLE permission on the database. To change the default schema, the user also needs ALTER permission on the application role. An application role can alter its own default schema, but not its name or password.

A. Changing the name of application role

The following example changes the name of the application role weekly_receipts to receipts_ledger.

USE AdventureWorks2012;
    WITH PASSWORD = '987Gbv8$76sPYY5m23' , 
    WITH NAME = receipts_ledger;

B. Changing the password of application role

The following example changes the password of the application role receipts_ledger.

    WITH PASSWORD = '897yUUbv867y$200nk2i';

C. Changing the name, password, and default schema

The following example changes the name, password, and default schema of the application role receipts_ledger all at the same time.

    WITH NAME = weekly_ledger, 
    PASSWORD = '897yUUbv77bsrEE00nk2i', 
    DEFAULT_SCHEMA = Production;

Community Additions

© 2015 Microsoft