Manage API tokens

InfluxDB API tokens ensure secure interaction between InfluxDB and external tools such as clients or applications. An API token belongs to a specific user and identifies InfluxDB permissions within the user’s organization.

Learn how to create, view, update, or delete an API token.

API token types

• Operator API token
• All Access API token
• Read/Write token

Operator token

Grants full read and write access to all organizations and all organization resources in InfluxDB OSS 2.x. Some operations, e.g. retrieving the server configuration, require operator permissions. Operator tokens are created in the InfluxDB setup process. To create an operator token manually with the InfluxDB UI, api/v2 API, or influx CLI after the setup process is completed, you must use an existing Operator token.

To create a new Operator token without using an existing one, see how to use the influxd recovery auth CLI.

Because Operator tokens have full read and write access to all organizations in the database, we recommend creating an All Access token for each organization and using those to manage InfluxDB. This helps to prevent accidental interactions across organizations.

All Access token

Grants full read and write access to all resources in an organization.

Read/Write token

Grants read access, write access, or both to specific buckets in an organization.

Create a token

Create an API token in InfluxDB using the InfluxDB UI, the influx CLI, or the InfluxDB API.

View tokens

View API tokens in InfluxDB using the InfluxDB UI, the influx CLI, or the InfluxDB API.

Update a token

Update API tokens’ descriptions in InfluxDB using the InfluxDB UI.

Delete a token

Delete an API token from InfluxDB using the InfluxDB UI or the influx CLI.

Use tokens

Use an API token in the InfluxDB UI, the influx CLI, or the InfluxDB API.

tokens authentication security