I have a database and depending on the user I want them to see different things using stored procedures. I don't want them to be able to do direct SQL commands like select. Is this possible?
In the past I have had to give access to a handful of procedures and I would give the login public rights and no database mapping. This will let them log in but not do anything. Then I gave select rights to each stored procedure. I am pretty sure I didnt have to do anything else.
If you have a lot of stored procedures then this article will help you to create a specific role / schema for this.