How to Manage MySQL Users and Databases in a Database Cluster

Validated on 1 Mar 2021 • Posted on 20 Aug 2019

MySQL is an open source, object-relational database built with speed and reliability in mind. Its large and active developer community has created many third-party applications, tools, and libraries that expand MySQL’s functionality.

MySQL database clusters come configured with a default database (defaultdb) and a default administrative user (doadmin). These defaults are necessary for cluster replication and administration, so you can’t delete them, but you can add additional users and databases.

Tip
If you connect to the database cluster with preconfigured connection details from the cluster’s Overview page, you can edit them to use a different user and password or a different database.

Add or Delete a Database User Using the CLI

How to create a database user using the DigitalOcean CLI

To create a database user via the command-line, follow these steps:

  1. Install doctl, the DigitalOcean command-line tool.

  2. Create a personal access token, and save it for use with doctl.

  3. Use the token to grant doctl access to your DigitalOcean account.

                  doctl auth init

  4. Finally, create a database user with doctl databases user create. The basic usage looks like this, but you'll want to read the usage docs for more details:

                  doctl databases user create <database-id> <user-name> [flags]
How to delete a database user using the DigitalOcean CLI

To delete a database user via the command-line, follow these steps:

  1. Install doctl, the DigitalOcean command-line tool.

  2. Create a personal access token, and save it for use with doctl.

  3. Use the token to grant doctl access to your DigitalOcean account.

                  doctl auth init

  4. Finally, delete a database user with doctl databases user delete. The basic usage looks like this, but you'll want to read the usage docs for more details:

                  doctl databases user delete <database-id> <user-id> [flags]

Add or Delete a Database User Using the API

How to create a database user using the DigitalOcean API

To create a database user using the DigitalOcean API, follow these steps:

  1. Create a personal access token, and save it for use with the API.

  2. Send a POST request to https://api.digitalocean.com/v2/databases/{database_cluster_uuid}/users

    cURL

    To create a database user with cURL, call:

    
                curl -X POST \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  -d '{"name": "app-01"}' \
  "https://api.digitalocean.com/v2/databases/9cc10173-e9ea-4176-9dbc-a4cee4c4ff30/users"

    Go

    Go developers can use Godo, the official DigitalOcean V2 API client for Go. To create a database user with Godo, use the following code:

    
                import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    addUserRequest := &godo.DatabaseCreateUserRequest{
        Name: "app-01",
    }

    user, _, err := client.Databases.CreateUser(ctx, "88055188-9e54-4f21-ab11-8a918ed79ee2", addUserRequest)

}
How to delete a database user using the DigitalOcean API

To delete a database user using the DigitalOcean API, follow these steps:

  1. Create a personal access token, and save it for use with the API.

  2. Send a DELETE request to https://api.digitalocean.com/v2/databases/{database_cluster_uuid}/users/{username}

    cURL

    To delete a database user with cURL, call:

    
                curl -X DELETE \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  "https://api.digitalocean.com/v2/databases/9cc10173-e9ea-4176-9dbc-a4cee4c4ff30/users/app-01"

    Go

    Go developers can use Godo, the official DigitalOcean V2 API client for Go. To delete a database user with Godo, use the following code:

    
                import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    _, err := client.Databases.DeleteUser(ctx, "9cc10173-e9ea-4176-9dbc-a4cee4c4ff30", "app-01")
}

Add or Delete a Database User Using the Control Panel

To add or delete users or databases to a database cluster, click the name of the database to go to its Overview page, then select the Users & Databases tab.

Screenshot of Users and Databases screen

Create a new database in the Databases section by entering a name in the Add new database field and clicking Save. You can also delete a database here by opening its More menu, clicking Delete, and then confirming the deletion.

Create new users in the Users section by entering a name in the Add new user field, selecting a Password encryption option, and clicking Save. New users will receive the permissions of the doadmin user by default; these can be changed by following the instructions at How to Modify User Privileges in MySQL Databases.

You can also delete a user here by opening the user’s More menu, clicking Delete, and then confirming the deletion. Similarly, to reset a user’s password, open the user’s More menu and select Reset password.

Password Encryption

DigitalOcean Managed Databases using MySQL 8+ are automatically configured to use caching_sha2_password authentication by default. caching_sha2_password uses a stronger password encryption than prior versions of MySQL and some applications (such as PHP based applications using PHP 7.1 or older) have trouble connecting to MySQL 8+ databases. You can use the Password Encryption option to set a user’s password encryption to the legacy version (mysql_native_password) if your applications are experiencing authentication issues.

Select password encryption

To change a user’s password encryption on a database using the control panel, click the name of the database to go to its Overview page, then select the Users & Databases tab. Beside the user you want to change, click the More menu and select Edit Password Encryption.

In the Password encryption menu, select the desired encryption type, then click Save. The database automatically updates with the new encryption preference. Edit password encryption

Control Panel Blog Pricing Careers Terms Privacy Status API Docs Tutorials Support