Important

You are viewing the documentation of an older version of the TiDB database (TiDB v5.4).

It is recommended that you use the latest LTS version of the TiDB database.

CREATE USER

This statement creates a new user, specified with a password. In the MySQL privilege system, a user is the combination of a username and the host from which they are connecting from. Thus, it is possible to create a user 'newuser2'@'192.168.1.1' who is only able to connect from the IP address 192.168.1.1. It is also possible to have two users have the same user-portion, and different permissions as they login from different hosts.

Synopsis

CreateUserStmt
CREATEUSERIfNotExistsUserSpecListRequireClauseOptConnectionOptionsPasswordOrLockOptions
IfNotExists
IFNOTEXISTS
UserSpecList
UserSpec,
UserSpec
UsernameAuthOption
AuthOption
IDENTIFIEDBYAuthStringPASSWORDHashStringWITHStringNameBYAuthStringASHashString
StringName
stringLitIdentifier

Examples

Create a user with the newuserpassword password.

mysql> CREATE USER 'newuser' IDENTIFIED BY 'newuserpassword';
Query OK, 1 row affected (0.04 sec)

Create a user who can only log in to 192.168.1.1.

mysql> CREATE USER 'newuser2'@'192.168.1.1' IDENTIFIED BY 'newuserpassword';
Query OK, 1 row affected (0.02 sec)

Create a user who is enforced to log in using TLS connection.

CREATE USER 'newuser3'@'%' REQUIRE SSL IDENTIFIED BY 'newuserpassword';
Query OK, 1 row affected (0.02 sec)

Create a user who is required to use X.509 certificate at login.

CREATE USER 'newuser4'@'%' REQUIRE ISSUER '/C=US/ST=California/L=San Francisco/O=PingCAP' IDENTIFIED BY 'newuserpassword';
Query OK, 1 row affected (0.02 sec)

MySQL compatibility

The following CREATE USER options are not yet supported by TiDB, and will be parsed but ignored:

  • TiDB does not support WITH MAX_QUERIES_PER_HOUR, WITH MAX_UPDATES_PER_HOUR, and WITH MAX_USER_CONNECTIONS options.
  • TiDB does not support the DEFAULT ROLE option.
  • TiDB does not support PASSWORD EXPIRE, PASSWORD HISTORY or other options related to password.
  • TiDB does not support the ACCOUNT LOCK and ACCOUNT UNLOCK options.

See also

Was this page helpful?