Authenticate User Access

This topic describes how to manage user authentication in Milvus.

Milvus supports authenticated access by username and password.

Enable user authentication

Set common.security.authorizationEnabled in milvus.yaml as true when configuring Milvus to enable authentication.

Enable authentication as shown in the example below.

  
authorization:
   enabled: true

Create an authenticated user

A root user (password: Milvus) is created along with each Milvus instance by default. It is recommended to change the password of the root user when you start Milvus for the first time. The root user can be used to create new users for authenticated access.

Create a user with username and password with the following command.

from pymilvus import utility
utility.create_credential('user', 'password', using='default')

Parameter	Description
`user`	Username to create.
`password`	Password for the user to create.
`using`	Alias of the Milvus server to create the user.

Connect Milvus with an authenticated user

Connect Milvus with an existing user.

from pymilvus import connections
connections.connect(
    alias='default',
    host='localhost',
    port='19530',
    user='user',
    password='password',
)

Parameter	Description
`alias`	Alias of the Milvus server to connect.
`host`	IP address of the Milvus server to connect.
`port`	Port of the Milvus server to connect.
`user`	Username used to connect.
`password`	Password used to connect.

To stop using the authenticated access, or to log in to another authenticated user, you need to disconnect from the Milvus instance and re-connect to it.

Reset password

Change the password for an existing user and reset the Milvus connection.

from pymilvus import utility
utility.reset_password('user', 'old_password', 'new_password', using='default')

Parameter	Description
`user`	Username to reset password.
`password`	New password for the user.
`using`	Alias of the Milvus server.

Delete a user

Delete an authenticated user.

Delete a user
Delete an authenticated user.

Parameter	Description
`user`	Username to delete.
`using`	Alias of the Milvus server.

List all users

List all the credential users.

from pymilvus import utility
users = utility.list_cred_users(using='default')

Limitations

Username must not be empty, and must not exceed 32 characters in length. It must start with a letter, and only contains underscores, letters, or numbers.
Password must have at least 6 characters and must not exceed 256 characters in length.

What's next

You might also want to learn how to:
- Scale a Milvus cluster
If you are ready to deploy your cluster on clouds:
- Learn how to Deploy Milvus on AWS with Terraform and Ansible
- Learn how to Deploy Milvus on Amazon EKS with Terraform
- Learn how to Deploy Milvus Cluster on GCP with Kubernetes
- Learn how to Deploy Milvus on Microsoft Azure With Kubernetes