4.3 KiB
| title | description | menu | weight | list_code_example | aliases | alt_links | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Create a database token | Use the [`influxctl token create` command](/influxdb/clustered/reference/cli/influxctl/token/create/) to create a database token for reading and writing data in your InfluxDB cluster. Provide a token description and permissions for databases. |
|
201 | ```sh influxctl token create \ --read-database DATABASE1_NAME \ --read-database DATABASE2_NAME \ --write-database DATABASE2_NAME \ "Read-only on DATABASE1_NAME, Read/write on DATABASE2_NAME" ``` |
|
|
Use the influxctl token create command
to create a token that grants access to databases in your InfluxDB cluster.
-
If you haven't already, download and install the
influxctlCLI. -
Run the
influxctl token createcommand and provide the following:- Token permissions (read and write)
--read-database: Grants read permissions to the specified database. Repeatable.--write-database: Grants write permissions to the specified database. Repeatable.
- Token description
- Token permissions (read and write)
{{% code-placeholders "DATABASE_NAME|TOKEN_DESCRIPTION" %}}
influxctl token create \
--read-database DATABASE_NAME \
--write-database DATABASE_NAME \
"Read/write token for DATABASE_NAME"
{{% /code-placeholders %}}
Replace the following:
- {{% code-placeholder-key %}}
DATABASE_NAME{{% /code-placeholder-key %}}: your {{% product-name %}} database
The command returns the token ID and the token string. This is the only time the token string is available in plain text.
InfluxDB might take some time to synchronize new tokens. If a new token doesn't immediately work for querying or writing, wait a few seconds and try again.
{{% note %}}
Store secure tokens in a secret store
Token strings are returned only on token creation. We recommend storing database tokens in a secure secret store. For example, see how to authenticate Telegraf using tokens in your OS secret store. {{% /note %}}
Examples
- Create a token with read and write access to a database
- Create a token with read-only access to a database
- Create a token with read-only access to multiple databases
- Create a token with mixed permissions to multiple databases
In the examples below, replace the following:
- {{% code-placeholder-key %}}
DATABASE_NAME{{% /code-placeholder-key %}}: your {{< product-name >}} database - {{% code-placeholder-key %}}
DATABASE2_NAME{{% /code-placeholder-key %}}: your {{< product-name >}} database
Create a token with read and write access to a database
{{% code-placeholders "DATABASE_NAME" %}}
influxctl token create \
--read-database DATABASE_NAME \
--write-database DATABASE_NAME \
"Read/write token for DATABASE_NAME"
{{% /code-placeholders %}}
Create a token with read-only access to a database
{{% code-placeholders "DATABASE_NAME" %}}
influxctl token create \
--read-database DATABASE_NAME \
"Read-only token for DATABASE_NAME"
{{% /code-placeholders %}}
Create a token with read-only access to multiple databases
{{% code-placeholders "DATABASE_NAME|DATABASE2_NAME" %}}
influxctl token create \
--read-database DATABASE_NAME \
--read-database DATABASE2_NAME \
"Read-only token for DATABASE_NAME and DATABASE2_NAME"
{{% /code-placeholders %}}
Create a token with mixed permissions to multiple databases
{{% code-placeholders "DATABASE_NAME|DATABASE2_NAME" %}}
influxctl token create \
--read-database DATABASE_NAME \
--read-database DATABASE2_NAME \
--write-database DATABASE2_NAME \
"Read-only on DATABASE_NAME, read/write on DATABASE2_NAME"
{{% /code-placeholders %}}