Configure Valkey Authentication
By default, when connecting to Valkey, Valkey GLIDE operates in an unauthenticated mode.
Valkey GLIDE also offers support for an authenticated connection mode.
In authenticated mode, you have the following options:
- Use both a username and password, which is recommended and configured through ACLs on the server.
- Use a password only, which is applicable if the server is configured with the requirepass setting.
To provide the necessary authentication credentials to the client, you can use the ServerCredentials class.
See the Dynamic Authentication section for a detailed explanation about using ACLs with GLIDE.
Username/Password Authentication
Section titled “Username/Password Authentication”Both standalone and cluster mode support authentication authentication with username and password.
Standalone
Section titled “Standalone”from glide import ( GlideClient, GlideClientConfiguration, ServerCredentials, NodeAddress)
addresses = [ NodeAddress(host="primary.example.com", port=6379), NodeAddress(host="replica1.example.com", port=6379), NodeAddress(host="replica2.example.com", port=6379) ]credentials = ServerCredentials("passwordA", "user1")client_config = GlideClientConfiguration(addresses, credentials=credentials)
client = await GlideClient.create(client_config)import glide.api.GlideClient;import glide.api.models.configuration.GlideClientConfiguration;import glide.api.models.configuration.NodeAddress;import glide.api.models.configuration.ServerCredentials;
GlideClientConfiguration config = GlideClientConfiguration.builder() .address(NodeAddress.builder() .host("primary.example.com") .port(6379) .build()) .credentials(ServerCredentials.builder() .username("user1") .password("passwordA") .build()) .build();
GlideClient client = GlideClient.createClient(config).get();import {GlideClient} from "@valkey/valkey-glide";const addresses = [ { host: "address.example.com", port: 6379 }];
const credentials = { username: "user1", password: "passwordA"};
const client = await GlideClient.createClient({ addresses: addresses, credentials: credentials});import ( glide "github.com/valkey-io/valkey-glide/go/v2" "github.com/valkey-io/valkey-glide/go/v2/config")
func ConnectStandaloneWithCredentials() { myConfig := config.NewClientConfiguration(). WithAddress(&config.NodeAddress{Host: "primary.example.com", Port: 6379}). WithCredentials(config.NewServerCredentials("user1", "passwordA"))
client, err := glide.NewClient(myConfig)}$addresses = [ ['host' => 'primary.example.com', 'port' => 6379], ['host' => 'replica1.example.com', 'port' => 6379], ['host' => 'replica2.example.com', 'port' => 6379]];
$credentials = [ 'username' => 'user1', 'password' => 'passwordA'];
$client = new ValkeyGlide();$client->connect(addresses: $addresses, credentials: $credentials);Cluster
Section titled “Cluster”from glide import ( GlideClusterClient, GlideClusterClientConfiguration, ServerCredentials, NodeAddress)
addresses = [NodeAddress(host="address.example.com", port=6379)]credentials = ServerCredentials("passwordA", "user1")client_config = GlideClusterClientConfiguration(addresses, credentials=credentials)
client = await GlideClusterClient.create(client_config)import glide.api.GlideClusterClient;import glide.api.models.configuration.GlideClusterClientConfiguration;import glide.api.models.configuration.NodeAddress;import glide.api.models.configuration.ServerCredentials;
GlideClusterClientConfiguration config = GlideClusterClientConfiguration.builder() .address(NodeAddress.builder() .host("address.example.com") .port(6379) .build()) .credentials(ServerCredentials.builder() .username("user1") .password("passwordA") .build()) .build();
GlideClusterClient client = GlideClusterClient.createClient(config).get();import {GlideClusterClient} from "@valkey/valkey-glide";
const addresses = [ { host: "address.example.com", port: 6379 }];
const credentials = { username: "user1", password: "passwordA"};
const client = await GlideClusterClient.createClient({ addresses: addresses, credentials: credentials});import ( glide "github.com/valkey-io/valkey-glide/go/v2" "github.com/valkey-io/valkey-glide/go/v2/config")
func ConnectClusterWithCredentials() { myConfig := config.NewClusterClientConfiguration(). WithAddress(&config.NodeAddress{Host: "address.example.com", Port: 6379}). WithCredentials(config.NewServerCredentials("user1", "passwordA"))
client, err := glide.NewClusterClient(myConfig)}$addresses = [ ['host' => 'address.example.com', 'port' => 6379]];
$credentials = [ 'username' => 'user1', 'password' => 'passwordA'];
$client = new ValkeyGlideCluster( addresses: $addresses, credentials: $credentials);Best Practices
Section titled “Best Practices”- Regular Credential Rotation — Frequently update passwords and tokens using Dynamic Authentication to maintain secure connections.
- Automate Token Refreshing — Implement automated mechanisms to refresh IAM tokens before they expire. See IAM Integration for cloud-specific patterns.
- Secure Credential Storage — Store passwords and tokens securely using environment variables or secret management tools. Never hardcode credentials in source code or configuration files checked into version control.
- Principle of Least Privilege — Use ACLs to assign minimal necessary permissions to users. Avoid using the default user for application connections.