Update v3 token management docs and add management tokens (influxdata…

…#5373) * new token management structure, updated links * task-based management token docs * added related links to influxctl management docs * remove draft status from management token admin docs * standardize references to identity provider * Apply suggestions from code review Co-authored-by: Jason Stirnaman <[email protected]> --------- Co-authored-by: Jason Stirnaman <[email protected]>
DG12 · Mar 21, 2024 · da1b110 · da1b110
1 parent 944c628
commit da1b110
Show file tree

Hide file tree

Showing 96 changed files with 1,090 additions and 333 deletions.
diff --git a/api-docs/clustered/ref.yml b/api-docs/clustered/ref.yml
@@ -1203,7 +1203,7 @@ components:
         ### Basic authentication scheme
 
         Use the `Authorization` header with the `Basic` scheme to authenticate v1 API `/write` and `/query` requests.
-        When authenticating requests, InfluxDB Clustered checks that the `password` part of the decoded credential is an authorized [database token](/influxdb/clustered/admin/tokens/).
+        When authenticating requests, InfluxDB Clustered checks that the `password` part of the decoded credential is an authorized [database token](/influxdb/clustered/admin/tokens/#database-tokens).
         InfluxDB Clustered ignores the `username` part of the decoded credential.
 
         ### Syntax
@@ -1215,12 +1215,12 @@ components:
         Replace the following:
 
         - **`[USERNAME]`**: an optional string value (ignored by InfluxDB Clustered).
-        - **`DATABASE_TOKEN`**: a [database token](/influxdb/clustered/admin/tokens/).
+        - **`DATABASE_TOKEN`**: a [database token](/influxdb/clustered/admin/tokens/#database-tokens).
         - Encode the `[USERNAME]:DATABASE_TOKEN` credential using base64 encoding, and then append the encoded string to the `Authorization: Basic` header.
 
         ### Example
 
-        The following example shows how to use cURL with the `Basic` authentication scheme and a [database token](/influxdb/clustered/admin/tokens/):
+        The following example shows how to use cURL with the `Basic` authentication scheme and a [database token](/influxdb/clustered/admin/tokens/#database-tokens):
 
         ```sh
         #######################################
@@ -1239,7 +1239,7 @@ components:
         Replace the following:
 
         - **`DATABASE_NAME`**: your InfluxDB Clustered database
-        - **`DATABASE_TOKEN`**: a [database token](/influxdb/clustered/admin/tokens/) with sufficient permissions to the database
+        - **`DATABASE_TOKEN`**: a [database token](/influxdb/clustered/admin/tokens/#database-tokens) with sufficient permissions to the database
       scheme: basic
       type: http
     QuerystringAuthentication:
@@ -1264,7 +1264,7 @@ components:
 
         ### Example
 
-        The following example shows how to use cURL with query string authentication and a [database token](/influxdb/clustered/admin/tokens/).
+        The following example shows how to use cURL with query string authentication and a [database token](/influxdb/clustered/admin/tokens/#database-tokens).
 
         ```sh
         #######################################
@@ -1284,7 +1284,7 @@ components:
         Replace the following:
 
         - **`DATABASE_NAME`**: your InfluxDB Clustered database
-        - **`DATABASE_TOKEN`**: a [database token](/influxdb/clustered/admin/tokens/) with sufficient permissions to the database
+        - **`DATABASE_TOKEN`**: a [database token](/influxdb/clustered/admin/tokens/#database-tokens) with sufficient permissions to the database
     BearerAuthentication:
       type: http
       scheme: bearer

diff --git a/assets/js/cookies.js b/assets/js/cookies.js
@@ -224,110 +224,3 @@ setNotificationAsRead = (notificationID, notificationType) => {
 
   Cookies.set(notificationCookieName, notificationsObj);
 };
-
-/*
-////////////////////////////////////////////////////////////////////////////////
-//////////////// Port all old docs cookies to the new structure ////////////////
-///////////////// Remove everything below after March 15, 2024 /////////////////
-////////////////////////////////////////////////////////////////////////////////
-*/
-
-portOldCookies = () => {
-  preferenceCookies = [
-    'influx-docs-api-lib',
-    'influx-docs-sidebar-state',
-    'influx-docs-theme',
-    'influxdb_get_started_date',
-    'influxdb_pref',
-    'influx-iox-show-wayfinding',
-  ];
-  notificationCookies = [
-    'influx-future-of-flux-notification-seen',
-    'influx-influxdb-clustered-announcement-notification-seen',
-    'influx-serverless-wip-notification-seen',
-    'influx-influxdb-3-announcement-notification-seen',
-    'influx-signing-key-rotation-notification-seen',
-    'influx-iox-doc-fork-notification-seen',
-    'influx-tsm-doc-fork-notification-seen',
-    'influx-iox-wip-notification-seen',
-    'influx-search-disabled-notification-seen',
-    'influx-v2-cloud-upgrade-notification-seen',
-    'influx-v2-ga-notification-seen',
-    'influx-rc1-upgrade-notification-seen',
-  ];
-  calloutCookies = ['influxdb_url_selector_seen'];
-  urlCookies = [
-    'influxdb_oss_url',
-    'influxdb_cloud_url',
-    'influxdb_dedicated_url',
-    'influxdb_clustered_url',
-    'influxdb_prev_oss_url',
-    'influxdb_prev_cloud_url',
-    'influxdb_prev_dedicated_url',
-    'influxdb_prev_clustered_url',
-    'influxdb_custom_url',
-  ];
-
-  preferenceCookies.forEach(cookie => {
-    if (cookie.includes('influx-docs-')) {
-      newCookieName = cookie.replace(/influx-docs-/, '').replace(/-/, '_');
-      try {
-        setPreference(
-          newCookieName,
-          Cookies.get(cookie).replace(/-theme|sidebar-/, '')
-        );
-        Cookies.remove(cookie);
-      } catch {}
-    } else if (cookie === 'influxdb_get_started_date') {
-      newCookieName = 'sample_get_started_date';
-      try {
-        setPreference(newCookieName, Cookies.get(cookie));
-        Cookies.remove(cookie);
-      } catch {}
-    } else if (cookie === 'influx-iox-show-wayfinding') {
-      newCookieName = 'v3_wayfinding_show';
-      try {
-        setPreference(newCookieName, Cookies.get(cookie));
-        Cookies.remove(cookie);
-      } catch {}
-    } else if (cookie === 'influxdb_pref') {
-      newCookieName = 'influxdb_url';
-      try {
-        setPreference(newCookieName, Cookies.get(cookie));
-        Cookies.remove(cookie);
-      } catch {}
-    }
-  });
-
-  notificationCookies.forEach(cookie => {
-    notificationName = cookie.replace(
-      /(^influx-)(.*)(-notification-seen$)/,
-      '$2'
-    );
-
-    if (Cookies.get(cookie) !== undefined) {
-      setNotificationAsRead(notificationName, 'message');
-      Cookies.remove(cookie);
-    }
-  });
-
-  calloutCookies.forEach(cookie => Cookies.remove(cookie));
-
-  urlCookies.forEach(cookie => {
-    newUrlKey = cookie.replace(/(^influxdb_)(.*)(_url)/, '$2');
-
-    try {
-      urlObj = {};
-      urlObj[newUrlKey] = Cookies.get(cookie);
-      setInfluxDBUrls(urlObj);
-      Cookies.remove(cookie);
-    } catch {}
-  });
-};
-
-if (Cookies.get('influxdata_docs_ported') === undefined) {
-  portOldCookies();
-  Cookies.set('influxdata_docs_ported', true, {
-    expires: new Date('2024-03-15T00:00:00Z'),
-  });
-}
diff --git a/assets/styles/layouts/article/_children.scss b/assets/styles/layouts/article/_children.scss
@@ -18,3 +18,7 @@
   }
   & > hr:last-child {display: none}
 }
+
+ul.children-list + ul {
+  margin-top: -1.25rem;
+}
diff --git a/content/influxdb/cloud-dedicated/admin/tables/list.md b/content/influxdb/cloud-dedicated/admin/tables/list.md
@@ -56,7 +56,7 @@ The `influxctl query` command only supports SQL queries; not InfluxQL.
 
 Provide the following with your command:
 
-- **Database token**: [Database token](/influxdb/cloud-dedicated/admin/tokens/)
+- **Database token**: [Database token](/influxdb/cloud-dedicated/admin/tokens/#database-tokens)
   with read permissions on the queried database. Uses the `token` setting from
   the [`influxctl` connection profile](/influxdb/cloud-dedicated/reference/cli/influxctl/#configure-connection-profiles)
   or the `--token` command flag.

diff --git a/content/influxdb/cloud-dedicated/admin/tokens/_index.md b/content/influxdb/cloud-dedicated/admin/tokens/_index.md
@@ -14,14 +14,27 @@ aliases:
   - /influxdb/cloud-dedicated/security/tokens/
 ---
 
-InfluxDB uses token authentication to authorize access to data in your InfluxDB
-Cloud Dedicated cluster. Each token grants read and write permissions to one or
-more databases and allows for actions like writing and querying data.
-
-All read and write actions performed against time series data in your InfluxDB
-Cloud Dedicated cluster must be authorized using a token. Administrative actions
-such as managing tokens and databases are authorized using **management tokens**
-issued by **Auth0**. Management tokens allow clients, such as the `influxctl` CLI,
+InfluxDB uses token authentication to authorize access to data in your
+{{< product-name omit=" Clustered" >}} cluster.
+There are two types of tokens:
+
+- [Database tokens](#database-tokens)
+- [Management tokens](#management-tokens)
+
+#### Database tokens
+
+Database tokens grant read and write permissions to one or more databases
+and allows for actions like writing and querying data.
+
+All read and write actions performed against time series data in your
+{{< product-name omit=" Clustered" >}} cluster must be authorized using a database token. 
+
+#### Management tokens
+
+Management tokens grant permission to perform administrative actions such as
+managing users, databases, and database tokens.
+Management tokens allow clients, such as the
+[`influxctl` CLI](/influxdb/cloud-dedicated/reference/cli/influxctl/),
 to perform administrative actions.
 
 {{% note %}}

diff --git a/content/influxdb/cloud-dedicated/admin/tokens/database/_index.md b/content/influxdb/cloud-dedicated/admin/tokens/database/_index.md
@@ -0,0 +1,19 @@
+---
+title: Manage database tokens
+seotitle: Manage database tokens in InfluxDB Cloud Dedicated
+description: >
+  Manage database tokens in your InfluxDB Cloud Dedicated cluster.
+  Database tokens grant read and write permissions to one or more databases and
+  allow for actions like writing and querying data.
+menu:
+  influxdb_cloud_dedicated:
+    parent: Manage tokens
+    name: Database tokens
+weight: 101
+influxdb/cloud-dedicated/tags: [tokens]
+---
+
+{{< product-name >}} database tokens grant read and write permissions to one or
+more databases and allow for actions like writing and querying data.
+
+{{< children >}}
diff --git a/...db/cloud-dedicated/admin/tokens/create.md → ...dedicated/admin/tokens/database/create.md b/...db/cloud-dedicated/admin/tokens/create.md → ...dedicated/admin/tokens/database/create.md
@@ -1,12 +1,12 @@
 ---
-title: Create a token
+title: Create a database token
 description: >
   Use the [`influxctl token create` command](/influxdb/cloud-dedicated/reference/cli/influxctl/token/create/)
   to create a database token for reading and writing data in your InfluxDB Cloud Dedicated cluster.
   Provide a token description and permissions for databases.
 menu:
   influxdb_cloud_dedicated:
-    parent: Manage tokens
+    parent: Database tokens
 weight: 201
 list_code_example: |
   ```sh
@@ -16,6 +16,8 @@ list_code_example: |
     --write-database DATABASE2_NAME \
     "Read-only on DATABASE1_NAME, Read/write on DATABASE2_NAME"
   ```
+aliases:
+  - /influxdb/cloud-dedicated/admin/tokens/create/
 alt_links:
   cloud-serverless: /influxdb/cloud-serverless/admin/tokens/create-token/
 ---

diff --git a/...db/cloud-dedicated/admin/tokens/delete.md → ...dedicated/admin/tokens/database/delete.md b/...db/cloud-dedicated/admin/tokens/delete.md → ...dedicated/admin/tokens/database/delete.md
@@ -1,18 +1,20 @@
 ---
-title: Delete a token
+title: Delete a database token
 description: >
   Use the [`influxctl token delete` command](/influxdb/cloud-dedicated/reference/cli/influxctl/token/delete/)
   to delete a token from your InfluxDB Cloud Dedicated cluster and revoke all
   permissions associated with the token.
   Provide the ID of the token you want to delete.
 menu:
   influxdb_cloud_dedicated:
-    parent: Manage tokens
+    parent: Database tokens
 weight: 203
 list_code_example: |
   ```sh
   influxctl token delete <TOKEN_ID>
   ```
+aliases:
+  - /influxdb/cloud-dedicated/admin/tokens/delete/
 ---
 
 Use the [`influxctl token delete` command](/influxdb/cloud-dedicated/reference/cli/influxctl/token/delete/)

diff --git a/...uxdb/cloud-dedicated/admin/tokens/list.md → ...d-dedicated/admin/tokens/database/list.md b/...uxdb/cloud-dedicated/admin/tokens/list.md → ...d-dedicated/admin/tokens/database/list.md
@@ -1,16 +1,18 @@
 ---
-title: List tokens
+title: List database tokens
 description: >
   Use the [`influxctl token list` command](/influxdb/cloud-dedicated/reference/cli/influxctl/token/list/)
   to list tokens in your InfluxDB Cloud Dedicated cluster.
 menu:
   influxdb_cloud_dedicated:
-    parent: Manage tokens
+    parent: Database tokens
 weight: 202
 list_code_example: |
   ```sh
   influxctl token list
   ```
+aliases:
+  - /influxdb/cloud-dedicated/admin/tokens/list/
 ---
 
 Use the [`influxctl token list` command](/influxdb/cloud-dedicated/reference/cli/influxctl/token/list/)

diff --git a/...db/cloud-dedicated/admin/tokens/update.md → ...dedicated/admin/tokens/database/update.md b/...db/cloud-dedicated/admin/tokens/update.md → ...dedicated/admin/tokens/database/update.md
@@ -1,11 +1,11 @@
 ---
-title: Update a token
+title: Update a database token
 description: >
   Use the [`influxctl token update` command](/influxdb/cloud-dedicated/reference/cli/influxctl/token/update/)
   to update a database token's permissions in your InfluxDB Cloud Dedicated cluster.
 menu:
   influxdb_cloud_dedicated:
-    parent: Manage tokens
+    parent: Database tokens
 weight: 201
 list_code_example: |
   ```sh
@@ -15,6 +15,8 @@ list_code_example: |
     --write-database <DATABASE2_NAME> \
     <TOKEN_ID>
   ```
+aliases:
+  - /influxdb/cloud-dedicated/admin/tokens/update/
 alt_links:
   serverless: /influxdb/cloud-serverless/admin/tokens/update-tokens/
 ---