Documentation

Update users

Owners and administrators can reset passwords and change roles for other users in Telegraf Controller. These actions help maintain account security and ensure users have the appropriate level of access.

Reset a user’s password

When a user forgets their password or needs a credential refresh, you can generate a time-limited reset link for them.

You must have the Owner or Administrator role to reset passwords. Only the Owner can reset Administrator passwords.

  1. Navigate to the user’s detail page.
  2. Click Reset Password.
  3. Set the link expiration. The default is 24 hours, but you can configure it from 1 to 720 hours.
  4. Click Generate Link to create the reset link.
  5. Copy the generated reset link and share it with the user through a secure channel.

Complete a password reset

After receiving a reset link, the user completes the following steps:

  1. Open the reset link in a browser.
  2. Enter a new password that meets the complexity requirements.
  3. Click Submit to save the new password.

The user is not automatically logged in after resetting their password. They must log in with their new credentials.

Emergency owner password reset

If the owner account is locked out or the owner has forgotten their password, you can reset it using environment variables.

  1. Set the following environment variables:
  2. Restart the Telegraf Controller application.
  3. Log in with the new password.
  4. Remove the RESET_OWNER_PASSWORD and OWNER_PASSWORD environment variables.

Remove RESET_OWNER_PASSWORD and OWNER_PASSWORD environment variables after successfully logging in. Leaving them set causes the password to reset on every application restart.

Change a user’s role

You can promote or demote users by changing their assigned role.

You must have the Owner or Administrator role to change a user’s role. Only the Owner can change a user’s role to Administrator.

  1. Navigate to the user’s detail page.
  2. Select the user’s new role.
  3. Confirm the change when prompted.

The following restrictions apply to role changes:

  • You cannot assign the Owner role directly. To make a user the owner, the current owner must transfer ownership.

Side effects of changing a user’s role

  • The user’s API tokens are reclamped to match the new role’s permissions. If the new role cannot manage tokens (such as Viewer), all active tokens are revoked.
  • The user’s active sessions are destroyed. They must log in again to continue using Telegraf Controller.

Was this page helpful?

Thank you for your feedback!


InfluxDB OSS 2.9.0: API tokens are hashed by default

Stronger token security in InfluxDB OSS 2.9.0 — tokens are hashed on disk by default. Existing tokens are hashed on first startup and can’t be recovered afterward. Capture any plaintext tokens you still need before you upgrade.

View InfluxDB OSS 2.9.0 release notes

Hashed tokens authenticate exactly like unhashed tokens — clients and integrations keep working.

Also new in 2.9.0:

  • Configurable backup compression
  • Restore support for backups containing hashed tokens
  • Tighter Edge Data Replication queue validation
  • Flux upgrade
  • Compaction reliability improvements

Key enhancements in Explorer 1.9

Explorer 1.9 is now available with InfluxQL support, an AI-assisted Flux to SQL converter (beta), and new live sample data simulators.

View Explorer 1.9 release notes

Explorer 1.9 includes new features and improvements that make it easier to query, visualize, and manage data.

Highlights:

  • Flux to SQL converter (beta): Convert Flux queries to SQL with an AI-assisted converter.
  • InfluxQL support: Query data with InfluxQL in the Data Explorer and dashboards, and save and load InfluxQL queries.
  • InfluxQL visualizations: Render line and bar charts from InfluxQL results with per-tag series grouping.
  • Query error history: Review a history of query errors in the query tool.
  • Live sample data simulators: Generate continuous live sample data with new bird data and signal generator simulators.

For more details, see Explorer 1.9 release notes

InfluxDB 3.10 is now available

InfluxDB 3 Core 3.10 adds an automatic catalog format upgrade, a configurable query-concurrency limit, and processing engine improvements.

Key updates in InfluxDB 3 Core 3.10:

  • Catalog format upgrade: the on-disk catalog automatically upgrades from format v2 to v3 on first 3.10 startup. Migration is one-way—back up your catalog before upgrading.
  • --max-concurrent-queries: limit concurrent queries (adjustable at runtime).
  • GET /ready endpoint for readiness probes.
  • Processing engine: cross-database queries and trigger lockdown flags.

For more information, see the InfluxDB 3 Core release notes.

InfluxDB 3.10 is now available

InfluxDB 3 Enterprise 3.10 adds automated backup and restore, row-level deletions, and user management, with an automatic catalog format upgrade and performance preview improvements.

Key updates in InfluxDB 3 Enterprise 3.10:

  • Catalog format upgrade: the on-disk catalog automatically upgrades from format v2 to v3 on first 3.10 startup. Migration is one-way—back up your catalog before upgrading.
  • Automated backup and restore (beta)
  • Row-level deletions
  • User management (authentication and RBAC) — preview
  • Performance preview improvements

Backup and restore, row-level deletions, and the performance preview require the Enterprise storage engine upgrade (opt-in beta). Beta and preview features are subject to breaking changes and aren’t recommended for production use.

For more information, see the InfluxDB 3 Enterprise release notes

Telegraf Enterprise is now generally available

Telegraf Enterprise is now generally available, along with Telegraf Controller v1.0.

Telegraf Enterprise combines Telegraf Controller, a centralized management console for Telegraf, with official support from InfluxData. Manage configurations, monitor fleet health, and operate tens of thousands of Telegraf agents from a single system.

InfluxDB Docker latest tag changing to InfluxDB 3 Core

On September 15, 2026, the latest tag for InfluxDB Docker images will point to InfluxDB 3 Core. To avoid unexpected upgrades, use specific version tags in your Docker deployments.

If using Docker to install and run InfluxDB, the latest tag will point to InfluxDB 3 Core. To avoid unexpected upgrades, use specific version tags in your Docker deployments. For example, if using Docker to run InfluxDB v2, replace the latest version tag with a specific version tag in your Docker pull command–for example:

docker pull influxdb:2