The Management API for InfluxDB 3 Clustered provides a programmatic interface for managing an InfluxDB 3 cluster. The Management API lets you integrate functions such as creating and managing databases, permissions, and tokens into your workflow or application.
This documentation is generated from the InfluxDB 3 Management API OpenAPI specification.
With InfluxDB 3 Clustered, InfluxDB Management API endpoints require the following credential:
Authorization MANAGEMENT_TOKEN: the Authorization HTTP header with a management token.
See how to create a management token.
By default, management tokens in InfluxDB 3 are short-lived tokens issued by an OAuth2 identity provider that grant a specific user administrative access to your InfluxDB cluster. However, for automation purposes, you can manually create management tokens that authenticate directly with your InfluxDB cluster and do not require human interaction with your identity provider.
The following example script shows how to use curl to make database and token management requests:
#!/bin/bash
# Usage:
# Note the leading space in the command below to keep secrets out of the shell history
#
# ```
# MANAGEMENT_TOKEN=<MANAGEMENT_TOKEN> ./scripts/test_http_api_v0_endpoints.sh
# ```
# Env var validation
if [ -z "${MANAGEMENT_TOKEN}" ]; then
echo "
[Error]: ❌
\$MANAGEMENT_TOKEN env var is required.
"
exit 1
fi
HOST="https://cluster-host.com"
# Database request functions
list_databases () {
local response=$( \
curl \
--location "$HOST/api/v0/databases" \
--header "Accept: application/json" \
--header "Authorization: Bearer $MANAGEMENT_TOKEN" \
)
echo "$response"
}
create_database () {
local databaseName=$1
local response=$( \
curl \
--location "$HOST/api/v0/databases" \
--header "Accept: application/json" \
--header 'Content-Type: application/json' \
--header "Authorization: Bearer $MANAGEMENT_TOKEN" \
--data '{
"name": "'$databaseName'",
"maxTables": 75,
"maxColumnsPerTable": 90,
"retentionPeriod": 600000000000,
"partitionTemplate": [
{
"type": "tag",
"value": "abc"
},
{
"type": "bucket",
"value": {
"tagName": "def",
"numberOfBuckets": 5
}
}
]
}' \
)
echo "$response"
}
update_database () {
local databaseName=$1
local response=$( \
curl \
--location "$HOST/api/v0/databases/$databaseName" \
--request PATCH \
--header "Accept: application/json" \
--header 'Content-Type: application/json' \
--header "Authorization: Bearer $MANAGEMENT_TOKEN" \
--data '{
"maxTables": 150,
"maxColumnsPerTable": 180,
"retentionPeriod": 1200000000000
}' \
)
echo "$response"
}
delete_database () {
local databaseName=$1
local response=$( \
curl \
--location "$HOST/api/v0/databases/$databaseName" \
--request DELETE \
--header "Accept: application/json" \
--header "Authorization: Bearer $MANAGEMENT_TOKEN" \
)
echo "$response"
}
# Token request functions
list_tokens () {
local response=$( \
curl \
--location "$HOST/api/v0/tokens" \
--header "Accept: application/json" \
--header "Authorization: Bearer $MANAGEMENT_TOKEN" \
)
echo "$response"
}
create_token () {
local response=$( \
curl \
--location "$HOST/api/v0/tokens" \
--header "Accept: application/json" \
--header 'Content-Type: application/json' \
--header "Authorization: Bearer $MANAGEMENT_TOKEN" \
--data '{
"description": "my test token",
"permissions": [
{
"action": "write",
"resource": "database_one"
},
{
"action": "read",
"resource": "database_two"
}
]
}' \
)
echo "$response"
}
get_token () {
local token_id=$1
local response=$( \
curl \
--location "$HOST/api/v0/tokens/$tokenId" \
--header "Accept: application/json" \
--header "Authorization: Bearer $MANAGEMENT_TOKEN" \
)
echo "$response"
}
update_token () {
local token_id=$1
local response=$( \
curl \
--location "$HOST/api/v0/tokens/$tokenId" \
--request PATCH \
--header "Accept: application/json" \
--header 'Content-Type: application/json' \
--header "Authorization: Bearer $MANAGEMENT_TOKEN" \
--data '{
"description": "my updated test token",
"permissions": [
{
"action": "database_one",
"resource": "read"
}
]
}' \
)
echo "$response"
}
delete_token () {
local token_id=$1
local response=$( \
curl \
--location "$HOST/api/v0/tokens/$tokenId" \
--request DELETE \
--header "Accept: application/json" \
--header "Authorization: Bearer $MANAGEMENT_TOKEN" \
)
echo "$response"
}
# Test database endpoints
databaseName="test_database_$RANDOM"
printf "\n🏗️ Creating database... 🏗️\n\n"
response="$(create_database $databaseName)"
echo $response | jq
printf "\n🏗️ Creating database successful 🏗️\n\n"
printf "\n⬆️ Updating database... ⬆️\n\n"
response="$(update_database $databaseName)"
echo $response | jq
printf "\n⬆️ Updating database successful ⬆️\n\n"
printf "\n⬇️ Listing databases... ⬇️\n\n"
response="$(list_databases)"
echo $response | jq
printf "\n⬇️ Listing databases successful ⬇️\n\n"
printf "\n🗑️ Deleting database... 🗑️\n\n"
response="$(delete_database $databaseName)"
echo $response | jq
printf "\n🗑️ Deleting database successful 🗑️\n\n"
# Test token endpoints
printf "\n🏗️ Creating token... 🏗️\n\n"
response="$(create_token)"
echo $response | jq
tokenId=$(echo $response | jq '.id')
printf "\n🏗️ Creating token successful 🏗️\n\n"
printf "\n⬇️ Getting token... ⬇️\n\n"
response="$(get_token $tokenId)"
echo $response | jq
printf "\n⬇️ Getting token successful ⬇️\n\n"
printf "\n⬆️ Updating token... ⬆️\n\n"
response="$(update_token $tokenId)"
echo $response | jq
printf "\n⬆️ Updating token successful ⬆️\n\n"
printf "\n📋 Listing tokens... 📋\n\n"
response="$(list_tokens)"
echo $response | jq
printf "\n📋 Listing tokens successful 📋\n\n"
printf "\n🗑️ Deleting token... 🗑️\n\n"
response="$(delete_token $tokenId)"
echo $response | jq
printf "\n🗑️ Deleting token successful 🗑️\n\n"
```HOST="https://cluster-host.com" list_tokens () { local response=$( \ curl \ --location "$HOST/api/v0/tokens" \ --header "Accept: application/json" \ --header "Authorization: Bearer $MANAGEMENT_TOKEN" \ ) echo "$response" }
[- {
- "id": "55555555-5555-4555-8555-555555555555",
- "description": "Limited Access Token",
- "permissions": [
- {
- "action": "read",
- "resource": "DatabaseOne"
}, - {
- "action": "write",
- "resource": "DatabaseTwo"
}
], - "createdAt": "2023-12-21T17:32:28.000Z"
}, - {
- "id": "66666666-6666-4666-8666-666666666666",
- "description": "Full Access Token",
- "permissions": [
- {
- "action": "write",
- "resource": "*"
}
], - "createdAt": "2024-03-02T04:20:19.000Z"
}, - {
- "id": "77777777-7777-4777-8777-777777777777",
- "description": "No Access Token",
- "permissions": [ ],
- "createdAt": "2024-03-02T04:20:19.000Z"
}
]Create a database token for a cluster.
The token returned on the accessToken property in the response can be used to authenticate query and write requests to the cluster.
InfluxDB might take some time--from a few seconds to a few minutes--to activate and synchronize new tokens. If a new database token doesn't immediately work (you receive a 401 Unauthorized error) for querying or writing, wait and then try your request again.
Token strings are viewable only on token creation and aren't stored by InfluxDB; you can't recover a lost token.
We recommend storing database tokens in a secure secret store. For example, see how to authenticate Telegraf using tokens in your OS secret store.
If you lose a token, delete the token from InfluxDB and create a new one.
| description required | string (schemas) The description of the database token |
| expiresAt | string <date-time> (schemas) The date and time that the database token expires, if applicable Uses RFC3339 format |
Array of objects (schemas) The list of permissions the database token allows |
{- "description": "Limited Access Token",
- "permissions": [
- {
- "action": "read",
- "resource": "DatabaseOne"
}, - {
- "action": "write",
- "resource": "DatabaseTwo"
}
]
}{- "id": "55555555-5555-4555-8555-555555555555",
- "description": "Limited Access Token",
- "permissions": [
- {
- "action": "read",
- "resource": "DatabaseOne"
}, - {
- "action": "write",
- "resource": "DatabaseTwo"
}
], - "createdAt": "2023-12-21T17:32:28.000Z",
- "accessToken": "apiv1_5555555555555555555555555555555555555555555555555555555555555555"
}| tokenId required | string <uuid> (UuidV4) The ID of the database token to get |
HOST="https://cluster-host.com" get_token () { local tokenId=$1 local response=$( \ curl \ --location "$HOST/api/v0/tokens/$tokenId" \ --header "Accept: application/json" \ --header "Authorization: Bearer $MANAGEMENT_TOKEN" \ ) echo "$response" }
{- "id": "55555555-5555-4555-8555-555555555555",
- "description": "Limited Access Token",
- "permissions": [
- {
- "action": "read",
- "resource": "DatabaseOne"
}, - {
- "action": "write",
- "resource": "DatabaseTwo"
}
], - "createdAt": "2023-12-21T17:32:28.000Z"
}| tokenId required | string <uuid> (UuidV4) The ID of the database token to update |
| description | string (schemas) The description of the database token |
Array of objects (schemas) The list of permissions the database token allows |
{- "description": "Updated Limited Access Token",
- "permissions": [
- {
- "action": "write",
- "resource": "DatabaseOne"
}, - {
- "action": "read",
- "resource": "DatabaseTwo"
}, - {
- "action": "write",
- "resource": "DatabaseThree"
}
]
}{- "id": "55555555-5555-4555-8555-555555555555",
- "description": "Updated Limited Access Token",
- "permissions": [
- {
- "action": "write",
- "resource": "DatabaseOne"
}, - {
- "action": "read",
- "resource": "DatabaseTwo"
}, - {
- "action": "write",
- "resource": "DatabaseThree"
}
], - "createdAt": "2023-12-21T17:32:28.000Z"
}| tokenId required | string <uuid> (UuidV4) The ID of the database token to delete |
HOST="https://cluster-host.com" delete_token () { local tokenId=$1 local response=$( \ curl \ --location "$HOST/api/v0/tokens/$tokenId" \ --request DELETE \ --header "Accept: application/json" \ --header "Authorization: Bearer $MANAGEMENT_TOKEN" \ ) echo "$response" }
{- "code": 400,
- "message": "bad request"
}HOST="https://cluster-host.com" list_databases () { local response=$( \ curl \ --location "$HOST/api/v0/databases" \ --header "Accept: application/json" \ --header "Authorization: Bearer $MANAGEMENT_TOKEN" \ ) echo "$response" }
[- {
- "name": "DatabaseOne",
- "maxTables": 500,
- "maxColumnsPerTable": 200,
- "retentionPeriod": 0
}, - {
- "name": "DatabaseTwo",
- "maxTables": 100,
- "maxColumnsPerTable": 50,
- "retentionPeriod": 300000000000,
- "partitionTemplate": [
- {
- "type": "time",
- "value": "%Y"
}, - {
- "type": "tag",
- "value": "bananas"
}, - {
- "type": "tag",
- "value": "plátanos"
}, - {
- "type": "bucket",
- "value": {
- "tagName": "c",
- "numberOfBuckets": 10
}
}
]
}
]| maxColumnsPerTable | integer <int32> (schemas) >= 1 Default: 200 The maximum number of columns per table for the cluster database |
| maxTables | integer <int32> (schemas) >= 1 Default: 500 The maximum number of tables for the cluster database |
| name required | string (schemas) [ 1 .. 64 ] characters The name of the cluster database |
Array of ClusterDatabasePartitionTemplatePartTagValue (object) or ClusterDatabasePartitionTemplatePartTimeFormat (object) or ClusterDatabasePartitionTemplatePartBucket (object) (schemas) [ 1 .. 8 ] items unique A template for partitioning a cluster database. Each template part is evaluated in sequence, concatinating the final
partition key from the output of each part, delimited by the partition
key delimiter For example, using the partition template below: The following partition keys are derived:
When using the default partitioning template (YYYY-MM-DD) there is no
encoding necessary, as the derived partition key contains a single part, and
no reserved characters. [ | |
| retentionPeriod | integer <int64> (schemas) >= 0 Default: 0 The retention period of the cluster database in nanoseconds, if applicable If the retention period is not set or is set to 0, the database will have infinite retention |
{- "name": "DatabaseOne"
}{- "name": "DatabaseOne",
- "maxTables": 500,
- "maxColumnsPerTable": 200,
- "retentionPeriod": 0
}| databaseName required | string (ClusterDatabaseName) [ 1 .. 64 ] characters The name of the database to update |
| maxColumnsPerTable | integer <int32> (schemas) >= 1 Default: 200 The maximum number of columns per table for the cluster database |
| maxTables | integer <int32> (schemas) >= 1 Default: 500 The maximum number of tables for the cluster database |
| retentionPeriod | integer <int64> (schemas) >= 0 Default: 0 The retention period of the cluster database in nanoseconds, if applicable If the retention period is not set or is set to 0, the database will have infinite retention |
{- "maxTables": 300,
- "maxColumnsPerTable": 150,
- "retentionPeriod": 600000000000
}{- "name": "DatabaseOne",
- "maxTables": 300,
- "maxColumnsPerTable": 150,
- "retentionPeriod": 600000000000
}| databaseName required | string (ClusterDatabaseName) [ 1 .. 64 ] characters The name of the database to delete |
HOST="https://cluster-host.com" delete_database () { local databaseName=$1 local response=$( \ curl \ --location "$HOST/api/v0/databases/$databaseName" \ --request DELETE \ --header "Accept: application/json" \ --header "Authorization: Bearer $MANAGEMENT_TOKEN" \ ) echo "$response" }
{- "code": 400,
- "message": "bad request"
}| databaseName required | string (ClusterDatabaseName) [ 1 .. 64 ] characters The name of the database to create the database table for |
| name required | string (schemas) non-empty The name of the cluster database table |
Array of ClusterDatabasePartitionTemplatePartTagValue (object) or ClusterDatabasePartitionTemplatePartTimeFormat (object) or ClusterDatabasePartitionTemplatePartBucket (object) (schemas) [ 1 .. 8 ] items unique A template for partitioning a cluster database. Each template part is evaluated in sequence, concatinating the final
partition key from the output of each part, delimited by the partition
key delimiter For example, using the partition template below: The following partition keys are derived:
When using the default partitioning template (YYYY-MM-DD) there is no
encoding necessary, as the derived partition key contains a single part, and
no reserved characters. [ |
{- "name": "TableOne"
}{- "databaseName": "DatabaseOne",
- "name": "TableOne"
}