Influxdata
/
docs-v2
mirror of https://github.com/influxdata/docs-v2.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
docs-v2/content/shared/influxdb3-admin/tokens/admin/create.md

3.9 KiB
Raw Blame History

Use the influxdb3 create token --admin subcommand with the --name option or the HTTP API /api/v3/configure/token/admin endpoint to create an admin token for your {{< product-name omit="Clustered" >}} instance. An admin token grants full access to all actions for your InfluxDB 3 instance and can be referenced by its name.

{{% product-name omit="Clustered" %}} supports two types of admin tokens:

  • Operator token: A system-generated administrative token with the name _admin.
    • Cannot be edited or deleted
    • Never expires
    • Cannot be recreated if lost (future functionality)
    • Can be regenerated using the CLI
  • Named admin token: User-defined administrative tokens with full admin permissions.
    • Can be created, edited, and deleted
    • Support expiration dates
    • Cannot modify or remove the operator token

An {{% product-name omit="Clustered" %}} instance can have one operator token and unlimited named admin tokens.

Create an operator token Create a named admin token

[!Note]

Store secure tokens in a secret store

Token strings are returned only on token creation. We recommend storing database tokens in a secure secret store. Anyone with access to the named admin token has full control over your {{< product-name >}} instance. If you lose the named admin token string, you must regenerate the token.

Create an operator token

The first admin token your create for your {{% product-name %}} instance is the operator token.

{{< tabs-wrapper >}} {{% tabs %}} CLI HTTP API {{% /tabs %}} {{% tab-content %}} Use the influxdb3 create token --admin command without a token name:

influxdb3 create token --admin

{{% /tab-content %}} {{% tab-content %}} Use the following endpoint to create an operator token:

{{% api-endpoint method="POST" endpoint="/api/v3/configure/token/admin" api-ref="/influxdb3/version/api/v3/#operation/PostCreateAdminToken" %}}

curl -X POST "http://{{< influxdb/host >}}/api/v3/configure/token/admin" \

{{% /tab-content %}} {{< /tabs-wrapper >}}

The output contains the token string in plain text.

Create a named admin token

{{< tabs-wrapper >}} {{% tabs %}} CLI HTTP API {{% /tabs %}} {{% tab-content %}} Use the influxdb3 create token --admin command with a token name:

{{% code-placeholders "TOKEN_NAME|ADMIN_TOKEN" %}}

influxdb3 create token --admin --token ADMIN_TOKEN --name "TOKEN_NAME"

{{% /code-placeholders %}}

Replace the following with your values:

  • {{% code-placeholder-key %}}ADMIN_TOKEN{{% /code-placeholder-key %}}: your existing operator or named admin token
  • {{% code-placeholder-key %}}TOKEN_NAME{{% /code-placeholder-key %}}: the name you want to assign to the new admin token

The output contains the token string in plain text.

{{% /tab-content %}} {{% tab-content %}} Use the following endpoint to create a named admin token:

{{% api-endpoint method="POST" endpoint="/api/v3/configure/token/admin" api-ref="/influxdb3/version/api/v3/#operation/PostCreateAdminToken" %}}

curl -X POST "http://{{< influxdb/host >}}/api/v3/configure/token/admin" \
  --header 'Authorization Bearer ADMIN_TOKEN' \
  --json '{
            "name": "TOKEN_NAME"
          }'

Replace the following with your values:

  • {{% code-placeholder-key %}}ADMIN_TOKEN{{% /code-placeholder-key %}}: your existing operator or named admin token
  • {{% code-placeholder-key %}}TOKEN_NAME{{% /code-placeholder-key %}}: the name you want to assign to the new admin token

The response body contains the token string in plain text. {{% /tab-content %}} {{< /tabs-wrapper >}}

To use the token as the default for later commands, and to persist the token across sessions, assign the token string to the INFLUXDB3_AUTH_TOKEN environment variable.