• Administration Guide

Authenticate User Access

This topic describes how to manage user authentication in Milvus.

Milvus supports authenticated access by username and password.

Enable user authentication

Set in milvus.yaml as true when configuring Milvus to enable authentication.

As of Milvus Helm Chart 4.0.0, you can enable user authentication by modifying values.yaml as follows:

  user.yaml: |+
        authorizationEnabled: true

Create an authenticated user

A root user (password: Milvus) is created along with each Milvus instance by default. It is recommended to change the password of the root user when you start Milvus for the first time. The root user can be used to create new users for authenticated access.

Create a user with username and password with the following command.

from pymilvus import utility
utility.create_user('user', 'password', using='default') 
userUsername to create.
passwordPassword for the user to create.
usingAlias of the Milvus server to create the user.

Connect Milvus with an authenticated user

Connect Milvus with an existing user.

from pymilvus import connections
aliasAlias of the Milvus server to connect.
hostIP address of the Milvus server to connect.
portPort of the Milvus server to connect.
userUsername used to connect.
passwordPassword used to connect.
To stop using the authenticated access, or to log in to another authenticated user, you need to disconnect from the Milvus instance and re-connect to it.

Reset password

Change the password for an existing user and reset the Milvus connection.

from pymilvus import utility
utility.reset_password('user', 'old_password', 'new_password', using='default')

# Or you can use an alias function update_password
utility.update_password('user', 'old_password', 'new_password', using='default')
userUsername to reset password.
passwordNew password for the user.
usingAlias of the Milvus server.

If you forget your old password, Milvus provides a configuration item that allows you to designate certain users as super users. This eliminates the need for the old password when you reset the password.

By default, the field in the Milvus configuration file is empty, meaning that all users must provide the old password when resetting their password. However, you can designate specific users as super users who do not need to provide the old password. In the snippet below, root and foo are designated as super users.

You should add the below configuration item in the Milvus configuration file that governs the running of your Milvus instance.

        superUsers: root, foo

Delete a user

Delete an authenticated user.

from pymilvus import utility
utility.delete_user('user', using='default')
userUsername to delete.
usingAlias of the Milvus server.

List all users

List all the credential users.

from pymilvus import utility
users = utility.list_usernames(using='default')


  1. Username must not be empty, and must not exceed 32 characters in length. It must start with a letter, and only contains underscores, letters, or numbers.
  2. Password must have at least 6 characters and must not exceed 256 characters in length.

What's next