Documentation

Telegraf Controller

Use API tokens

Telegraf Controller is in Public Beta

Telegraf Controller is in public beta and will be part of the future Telegraf Enterprise offering. While in beta, Telegraf Controller is not meant for production use. The Telegraf Controller documentation is a work in progress, and we are actively working to improve it. If you have any questions or suggestions, please submit an issue. We welcome any and all contributions.

Beta expectations

Provide beta feedback

API tokens authenticate requests to Telegraf Controller. Use tokens to connect Telegraf agents, authorize heartbeat reporting, and integrate external API clients.

With Telegraf agents

Configure your Telegraf agent to include an API token when retrieving configurations and reporting heartbeats to Telegraf Controller.

Telegraf agents require API tokens with the following permissions:

  • Configs: Read
  • Heartbeat: Write

Use the INFLUX_TOKEN environment variable

When retrieving a configuration from a URL, Telegraf only sends an Authorization when it detects the INFLUX_TOKEN environment variable. To authorize Telegraf to retrieve a configuration from Telegraf Controller, define the INFLUX_TOKEN environment variable:

export INFLUX_TOKEN=
YOUR_TC_API_TOKEN


telegraf \
  --config "http://telegraf_controller.example.com/api/configs/xxxxxx/toml

Replace YOUR_TC_API_TOKEN with your Telegraf Controller API token.

For heartbeat requests

Telegraf uses the Heartbeat output plugin to send heartbeats to Telegraf Controller. Use the INFLUX_TOKEN environment variable to define the token option in your heartbeat plugin configuration. Telegraf uses the environment variable value defined when starting Telegraf.

[[outputs.heartbeat]]
  url = "http://telegraf_controller.example.com/agents/heartbeat"
  instance_id = "&{agent_id}"
  interval = "1m"
  include = ["hostname", "statistics", "configs"]
  token = "${INFLUX_TOKEN}"

When authentication is required for the heartbeat endpoint, agents must include a valid token with each heartbeat request. If a heartbeat request is missing a token or includes an invalid token, Telegraf Controller rejects the request and the agent’s status is not updated.

With external API clients

Include the token in the Authorization header when making API requests to Telegraf Controller:

Authorization: Bearer tc-apiv1_<token>

The token’s permissions determine which API endpoints and operations are accessible. Requests made with a token that lacks the required permissions are rejected with an authorization error.

If authentication is disabled for an endpoint group in Settings, requests to those endpoints do not require a token. See Settings for details on configuring authentication requirements per endpoint.

Was this page helpful?

Thank you for your feedback!

© 2026 InfluxData, Inc.

Where are you running InfluxDB?

Select your InfluxDB Cloud region and cluster or your InfluxDB OSS URL and we’ll customize code examples for you. Identify your InfluxDB Cloud cluster.

  • InfluxDB Cloud
  • InfluxDB OSS or Enterprise
AWS

  • US West (Oregon)

GCP
Azure
Default
Custom

For more information, see InfluxDB Cloud regions or InfluxDB OSS URLs.

Thank you for your feedback!

Let us know what we can do better:

Thank you!

No thanks

Telegraf Enterprise now in public beta

Get early access to the Telegraf Controller and provide feedback to help shape the future of Telegraf Enterprise.

See the Blog Post

The upcoming Telegraf Enterprise offering is for organizations running Telegraf at scale and is comprised of two key components:

  • Telegraf Controller: A control plane (UI + API) that centralizes Telegraf configuration management and agent health visibility.
  • Telegraf Enterprise Support: Official support for Telegraf Controller and Telegraf plugins.

Join the Telegraf Enterprise beta to get early access to the Telegraf Controller and provide feedback to help shape the future of Telegraf Enterprise.

For more information:

New in InfluxDB 3.8

Key enhancements in InfluxDB 3.8 and the InfluxDB 3 Explorer 1.6.

See the Blog Post

InfluxDB 3.8 is now available for both Core and Enterprise, alongside the 1.6 release of the InfluxDB 3 Explorer UI. This release is focused on operational maturity and making InfluxDB easier to deploy, manage, and run reliably in production.

For more information, check out:

InfluxDB Docker latest tag changing to InfluxDB 3 Core

On May 27, 2026, the latest tag for InfluxDB Docker images will point to InfluxDB 3 Core. To avoid unexpected upgrades, use specific version tags in your Docker deployments.

If using Docker to install and run InfluxDB, the latest tag will point to InfluxDB 3 Core. To avoid unexpected upgrades, use specific version tags in your Docker deployments. For example, if using Docker to run InfluxDB v2, replace the latest version tag with a specific version tag in your Docker pull command–for example:

docker pull influxdb:2