DataSHIELD authorization between Project and Database

Hello Everyone,

we have a DataSHIELD instance where we need to habe multiple separated projects with their databases for data import. For example, Project A (with database A) and Project B (with database B). It means that the users with role administrate inside Project A should only be able to import tables from database A (via an access token), not database B. But it seems to be impossible to manage this. When the admin of Project A creates a token for its project, he can import data from all connected databases to DataSHIELD instance. Isn’t it a kind of security issue?

Thank you in advance for any help :slight_smile:

P.S: I know that the admin of Project A should know the name of database B and its tables to load the data, but nevertheless, I guess it should be managed by datashield.


This use case is not supported. Make on Opal server per database instead (it is easy with docker and a reverse proxy).