The InfluxDBClient.query() method does not directly support the parameter binding syntax, documented at [1]. This can be worked around, by passing a params dictionary containing the JSON-encoded parameters as the "params" key, but this is rather confusing ("Which 'params' exactly are you talking about? How do I encode it?"). The query() method really should treat bound parameters as first-class citizens in some fashion. The obvious way of doing this would be to have query() accept **kwargs and, if it is non-empty, JSON-encode it and add it to the params dictionary under the "params" key. Alternatively, the query() method could take a bind or bound parameter, which must be a dictionary that would be treated the same way.

Either of these would match similar interfaces provided by other Python database libraries and would help eliminate the threat of query language injection, which is a potentially severe class of bugs.

[1] https://docs.influxdata.com/influxdb/v1.3//tools/api/#bind-parameters