influxctl token create
The influxctl token create command creates a database token with specified
permissions to resources in an InfluxDB Cloud Dedicated cluster and
outputs the token string.
The --read-database and --write-database flags support the * wildcard
which grants read or write permissions to all databases. Enclose wildcards in
single or double quotes–for example: '*' or "*".
The --expires-at flag specifies the date and time a token should expire.
Provide an RFC3339 timestamp.
If you don’t specify a token expiration, the token never expires.
The --format flag lets you print the output in other formats.
The json format is available for programmatic parsing by other tooling.
Default: table.
Notable behaviors
- InfluxDB might take some time–from a few seconds to a few minutes–to
activate and synchronize new tokens. If a new database token doesn’t
immediately work (you receive a
401 Unauthorizederror) for querying or writing, wait and then try again. - Token strings are viewable only on token creation.
Store secure tokens in a secret store
Token strings are viewable only on token creation and aren’t stored by InfluxDB. We recommend storing database tokens in a secure secret store.
Usage
influxctl token create \
[--read-database=<DATABASE_NAME>] \
[--write-database=<DATABASE_NAME>] \
[--expires-at=<RFC3339_DATE>] \
<TOKEN_DESCRIPTION>Arguments
| Argument | Description |
|---|---|
| TOKEN_DESCRIPTION | Database token description |
Flags
| Flag | Description | |
|---|---|---|
--expires-at | Token expiration date and time in RFC3339 format | |
--format | Output format (table (default) or json) | |
--read-database | Grant read permissions to a database (Repeatable) | |
--write-database | Grant write permissions to a database (Repeatable) | |
-h | --help | Output command help |
Also see influxctl global flags.
Examples
- Create a token with read and write access to a database
- Create a token with read and write access to all databases
- Create a token with read-only access to a database
- Create a token with read-only access to multiple databases
- Create a token with mixed permissions to multiple databases
- Create a token that expires in seven days
In the examples below, replace the following:
DATABASE_NAME: your InfluxDB Cloud Dedicated database nameDATABASE2_NAME: your second InfluxDB Cloud Dedicated database nameTOKEN_ID: token ID to update
Create a token with read and write access to a database
influxctl token create \
--read-database DATABASE_NAME \
--write-database DATABASE_NAME \
"Read/write token for DATABASE_NAME"Create a token with read and write access to all databases
influxctl token create \
--read-database "*" \
--write-database "*" \
"Read/write token for all databases"Create a token with read-only access to a database
influxctl token create \
--read-database DATABASE_NAME \
"Read-only token for DATABASE_NAME"Create a token with read-only access to multiple databases
influxctl token create \
--read-database DATABASE_NAME \
--read-database DATABASE2_NAME \
"Read-only token for DATABASE_NAME and DATABASE2_NAME"Create a token with mixed permissions to multiple databases
influxctl token create \
--read-database DATABASE_NAME \
--read-database DATABASE2_NAME \
--write-database DATABASE2_NAME \
"Read-only on DATABASE_NAME, read/write on DATABASE2_NAME"Create a token that expires in seven days
influxctl token create \
--read-database DATABASE_NAME \
--write-database DATABASE_NAME \
--expires-at $(date -d "+7 days" +"%Y-%m-%dT%H:%M:%S%z") \
"Read/write token for DATABASE_NAME with 7d expiration"influxctl token create \
--read-database DATABASE_NAME \
--write-database DATABASE_NAME \
--expires-at $(gdate -d "+7 days" +"%Y-%m-%dT%H:%M:%S%z") \
"Read/write token for DATABASE_NAME with 7d expiration"Was this page helpful?
Thank you for your feedback!
Support and feedback
Thank you for being part of our community! We welcome and encourage your feedback and bug reports for InfluxDB Cloud Dedicated and this documentation. To find support, use the following resources:
Customers with an annual or support contract can contact InfluxData Support.