This too me longer to find than it should have done, so I’m writing it here for future me.

When you install CouchDB, it is in a mode where anyone can do anything with the database including creating and deleting databases. This is called “Admin Party” mode which is a pretty cool name, but not what I want.

Creating admin users

To create a user in 1.6 (I’ve not used 2.0 yet, but assuming it’s the same) you simply click on the “Fix This” link in Futon which is available at http://localhost:5984/_utils/ by default.

As CouchDB’s entire API is essentially a RESTFul API, to do this via the command line, you simply PUT a new user to into the _configs/admins collection like this:

curl -s -X PUT http://localhost:5984/_config/admins/rob -d '"123456"'

This creates an admin user called rob with a password of 123456. Note that the password within the body of the PUT request must be a quoted string. This caught me out for a while!

From this point on, we can then use basic authentication to do admin-y things, such as create a bookshelf_api database:

$ curl -s -X PUT http://rob:123456@localhost:5984/bookshelf_api
{"ok":true}

Other users

You can also set up per-database users which is handy for limiting what your application can do when connected to CouchDB. This is done creating users in the /_users/ collection and then assigning them to a class in the _security collection of the database. There are two default classes: “members” and “admins” where members can modify data, but not design documents and admins can modify all documents including user roles on that database.

Source: AKRABAT