Influxdb Not Asking for Authentication

How set authenticate in InfluxDB?

Now that Authentication is enabled, you'll need to authenticate yourself before you can do anything in the database.

The error unable to parse Basic Auth credentials is suggesting that you did not pass in any credentials.

If you're trying use the influx binary to create an user then you'll have to set the -username and -password options.

For instance:

influx -username "my_username" -password "my_password" \
        -execute "CREATE USER parul WITH PASSWORD 'timeseries4days'

Why can any user login influxdb?

The "why"

Different databases have used reasonings with minor differences over the years, but basically, it goes like this:

In its most simple install, <insert DBMS here> should just run - for integration tests, simple evaluation purposes etc. We could generate a root/admin/superhoncho user password, but more often than not, this is not going to be changed, and that is a Bad Thing™.
And since nobody sane would run a database in production without authentication and authorisation enabled, providing easy access in the default installation is not a problem anyway, is it?

I tend to agree with this reasoning, though I am off the opinion that in the case the DBMS has authentication and authorisation disabled per default, it should bind to localhost by default, too. You make your DBMS accessible to the outside world, and be it only your company's network? You surely have thought about the implications!

The "how"

Authentication

I am going to use docker to illustrate it and it is quite obvious what you have to do in a non-docker environment.

First, we pull the influxdb docker image and create a default config file in one go:

$ docker run --rm influxdb influxd config > influxdb.conf
Unable to find image 'influxdb:latest' locally
latest: Pulling from library/influxdb
...
Digest: sha256:0aa7fea5336b5e5cc1c80e16062865821ec772e06519c138947ef5ebd9b34907
Status: Downloaded newer image for influxdb:latest
Merging with configuration at: /etc/influxdb/influxdb.conf

Now we change the authentication parameter in the [http] section of our influxdb.conf to true:

...
[http]
  auth-enabled = true
...

Next, we start our InfluxDB using this modified config file:

$ docker run -d --name influxdb -p 8086:8086 \
      -v $PWD/influxdb.conf:/etc/influxdb/influxdb.conf:ro \
      influxdb -config /etc/influxdb/influxdb.conf
1987f962c331d2404a2564bb752d971553b13181dbbbb1e38cf50d345b3191c4

(The hash sum you get will be different.)

Now, we connect to our influxdb and create the admin user

$ docker exec -it influxdb influx
Connected to http://localhost:8086 version 1.7.8
InfluxDB shell version: 1.7.8
> create user admin with password 'secret' with all privileges;

From this point on, credentials are needed for pretty much everything

> show users
ERR: unable to parse authentication credentials
Warning: It is possible this error is due to not setting a database.
Please set a database with the command "use <database>".
> auth
username: admin
password: 
> show users
user  admin
----  -----
admin true

Authorization

Simple mnemonic: "Users are granted permissions per database." So, in order to grant something to a user, that user must first exist:

> create user berkancetin with password 'supersecret';
> create database foobar
> grant read on foobar to berkancetin
> show users
user        admin
----        -----
admin       true
berkancetin false
> show grants for "berkancetin"
database privilege
-------- ---------
foobar   READ

InfluxDB can create the first user only when auth is turned off

Most DB images provide a way to configure an admin-user and admin-passwort via environment variables. InfluxDB does this too:
https://hub.docker.com/_/influxdb/

Set the environment variables INFLUXDB_ADMIN_USER and INFLUXDB_ADMIN_PASSWORD in your container to create the admin user with the given password. You can also enable auth by an environment variable INFLUXDB_HTTP_AUTH_ENABLED