influxdb3 create token –permission
The influxdb3 create token command with the --permission option creates a new authentication token
with fine-grained access permissions for specific resources in InfluxDB 3 Enterprise.
Fine-grained access permissions allow you to specify the exact actions, such as
read and write that a token can perform on a specific resource, such as
a database or a system information endpoint.
Usage
influxdb3 create token --permission <PERMISSION> --name <NAME> [OPTIONS]
Options
| Option | Description | |
|---|---|---|
--permission <PERMISSION> | Permissions in RESOURCE_TYPE:RESOURCE_NAMES:ACTIONS format–for example, db:*:read,write, system:*:read. --permission may be specified multiple times | |
--name <NAME> | Name of the token | |
-H | --host <HOST_URL> | The host URL of the running InfluxDB 3 Enterprise server [env: INFLUXDB3_HOST_URL=] [default: http://127.0.0.1:8181] |
--token <AUTH_TOKEN> | The enterprise token [env: INFLUXDB3_AUTH_TOKEN=] | |
--expiry <DURATION> | The token expiration time as a duration (for example, 1h, 7d, 1y). If not set, the token does not expire until revoked | |
--tls-ca <CA_CERT> | An optional arg to use a custom CA for testing with self-signed certs [env: INFLUXDB3_TLS_CA=] | |
--format <FORMAT> | Output format (json or text (default)) | |
-h | --help | Print help information |
--help-all | Print detailed help information |
Permission Format
The --permission option takes a value in the format RESOURCE_TYPE:RESOURCE_NAMES:ACTIONS.
RESOURCE_TYPE: Available resource types include:dbfor databasessystemfor system information endpoints.
RESOURCE_NAMES: Can be a specific resource name, such as a database name, a comma-separated list of names, or*to grant access to all resources of the type.ACTIONS: A list of actions. Available actions depend on the resource type.
Examples
Create a token with read and write access to a database
influxdb3 create token \
--permission "db:my_database:read,write" \
--name "Read/write token for my_database"
Create a token with read-only access to a database
influxdb3 create token \
--permission "db:my_database:read" \
--name "Read-only token for my_database"
Create a token with access to multiple databases
influxdb3 create token \
--permission "db:database1,database2:read,write" \
--name "Multi-database token"
Create a token with access to all databases
influxdb3 create token \
--permission "db:*:read,write" \
--name "All databases token"
Create a token that expires in seven days
influxdb3 create token \
--permission "db:my_database:read,write" \
--name "Expiring token" \
--expiry 7d
Create a system token for health information
influxdb3 create token \
--permission "system:health:read" \
--name "System health token"
Create a token with access to all system information
influxdb3 create token \
--permission "system:*:read" \
--name "All system information"
Create a token with multiple permissions
influxdb3 create token \
--permission "db:database1:read,write" \
--permission "system:health:read" \
--name "Multi-permission token"
Was this page helpful?
Thank you for your feedback!
Support and feedback
Thank you for being part of our community! We welcome and encourage your feedback and bug reports for InfluxDB 3 Enterprise and this documentation. To find support, use the following resources:
Customers with an annual or support contract can contact InfluxData Support. Customers using a trial license can email trial@influxdata.com for assistance.