Documentation

Create a management token

Use the Admin UI or the influxctl management create command to manually create a management token.

By default, management tokens are short-lived tokens issued by an OAuth2 identity provider that grant a specific user administrative access to your InfluxDB Cloud Dedicated cluster. However, for automation purposes, you can manually create management tokens that authenticate directly with your InfluxDB cluster and do not require human interaction with your identity provider.

For automation use cases only

The tools outlined below are meant for automation use cases and should not be used to circumvent your identity provider. Take great care when manually creating and using management tokens.

InfluxDB Cloud Dedicated requires that at least one user associated with your cluster and authorized through your OAuth2 identity provider to manually create a management token.

The InfluxDB Cloud Dedicated administrative UI includes a portal for creating and managing management tokens.

  1. To access the InfluxDB Cloud Dedicated Admin UI, visit the following URL in your browser:

  2. Use the credentials provided by InfluxData to log into the Admin UI. If you don’t have login credentials, contact InfluxData support.

  3. Click the Management Tokens button in the upper right corner of the Account Management portal.

  4. In the Management Tokens portal, click the New Management Token button. The Create Management Token dialog displays.

    Create management token dialog
  5. You can optionally set the following fields:

    • Expiration date: Set an expiration date for the token
    • Expiration time: Set an expiration time for the token
    • Description: Enter a description for the token
    • If an expiration isn’t set, the token does not expire until revoked.
  6. Click the Create Token button. The dialog displays the Token secret string and the description you provided.

  1. If you haven’t already, download and install the influxctl CLI.

  2. Use the influxctl management create command to manually create a management token. Provide the following:

    • Optional: the --expires-at flag with an RFC3339 date string that defines the token expiration date and time–for example, <span class="current-date nowrap" offset="1" trim-time="false">2025-07-24T00:00:00Z</span>. If an expiration isn’t set, the token does not expire until revoked.
    • Optional: the --description flag with a description for the management token in double quotes "".
influxctl management create \
  --expires-at 
RFC3339_EXPIRATION
\
--description "
TOKEN_DESCRIPTION
"
  • Copy
  • Fill window

Replace the following:

  • RFC3339_EXPIRATION: An RFC3339 date string to expire the token at–for example, <span class="current-date nowrap" offset="1" trim-time="false">2025-07-24T00:00:00Z</span>.
  • TOKEN_DESCRIPTION: Management token description.

Once created, the command returns the management token string.

Store secure tokens in a secret store

Management token strings are returned only on token creation. We recommend storing database tokens in a secure secret store. For example, see how to [authenticate Telegraf using tokens in your OS secret store](https://github.com/influxdata/> telegraf/tree/master/plugins/secretstores/os).


Was this page helpful?

Thank you for your feedback!


The future of Flux

Flux is going into maintenance mode. You can continue using it as you currently are without any changes to your code.

Read more

New in InfluxDB 3.2

Key enhancements in InfluxDB 3.2 and the InfluxDB 3 Explorer UI is now generally available.

See the Blog Post

InfluxDB 3.2 is now available for both Core and Enterprise, bringing the general availability of InfluxDB 3 Explorer, a new UI that simplifies how you query, explore, and visualize data. On top of that, InfluxDB 3.2 includes a wide range of performance improvements, feature updates, and bug fixes including automated data retention and more.

For more information, check out: