• Native OpenStack API

noa
  1. Help Center
  2. Native OpenStack API
  3. API Reference
  4. Keystone
  5. Token Management
  6. Checking the Validity of a Specified Token

Checking the Validity of a Specified Token

Function Description

This interface is used to check the validity of a specified token. If the token is valid, detailed token information is returned.

URI

URI format

GET /v3/auth/tokens

Request

  • Request header parameter description

    Parameter

    Mandatory

    Type

    Description

    X-Auth-Token

    Yes

    String

    Authenticated token with the Security Administrator permission.

    NOTE:

    You can verify the validity of your own token without requiring a token with the Security Administrator permission.

    X-Subject-Token

    Yes

    String

    A token to be checked. This token and X-Auth-token belong to the same domain.

  • Query parameter description

    Parameter

    Mandatory

    Type

    Description

    nocatalog

    No

    String

    Indicates that catalog information is not displayed in the token.

  • Sample request
    curl -i -k -H "X-Auth-Token:$token" -H "X-Subject-Token:$token" -X GET https://sample.domain.com/v3/auth/tokens

Response

  • Response header parameter description

    Parameter

    Mandatory

    Type

    Description

    X-Auth-Token

    Yes

    String

    Authenticated token with the Security Administrator permission.

    X-Subject-Token

    Yes

    String

    A token to be checked. This token and X-Auth-token belong to the same domain.

  • Response body parameter description

    Parameter

    Mandatory

    Type

    Description

    token

    Yes

    Object

    Token information list.

  • Token format description

    Parameter

    Mandatory

    Type

    Description

    methods

    Yes

    Array

    Method for obtaining a token. For example, using a password to obtain a token.

    expires_at

    Yes

    String

    Token expiration time.

    issued_at

    Yes

    String

    Time when a token is generated.

    user

    Yes

    Object

    Example:

    "user": { 
          "name": "username", 
          "id": "userid", 
          "password_expires_at":"2016-11-06T15:32:17.000000",
          "domain": { 
             "name": "domainname",
             "id": "domainid"
           } 
        }

    username: name of a user.

    userid: ID of a user.

    domainname: name of an enterprise account to which a user belongs.

    domainid: ID of an enterprise account to which a user belongs.

    password_expires_at: password expiration time (UTC time). If the value is null, the password will not expire. This parameter is optional.

    domain

    No

    Object

    The system determines whether to return this field based on the scope contained in the request for obtaining the token.

    Example:

    "domain": { 
          "name" : "domainame",     
          "id" : "domainid"}

    domainname: name of an enterprise account.

    domainid: ID of an enterprise account.

    project

    No

    Object

    The system determines whether to return this field based on the scope contained in the request for obtaining the token.

    Example:

    "project": { 
          "name": "projectname", 
          "id": "projectid", 
          "domain": { 
             "name": "domainname",
             "id": "domainid"
           } 
       }

    projectname: name of a project.

    projectid: ID of a project.

    domainname: name of an enterprise account to which a project belongs.

    domainid: ID of an enterprise account to which a project belongs.

    catalog

    No

    JSON Array

    Details of endpoints.

    Example:

    "catalog": [{
        "type": "identity",
        "id": "1331e5cff2a74d76b03da1225910e31d",
        "name": "iam",
        "endpoints": [{
            "url": "www.example.com/v3",
            "region": "*",
            "region_id": "*",
            "interface": "public",
            "id": "089d4a381d574308a703122d3ae738e9"
        }]
    }]

    roles

    Yes

    Array

    Role list.

    Example:

    "roles" : [{ 
         "name" : "role1", 
         "id" : "roleid1" 
         }, { 
         "name" : "role2", 
         "id" : "roleid2" 
         } 
       ] 
  • Sample response
    {
      "token" : {
        "methods" : ["password"],
        "expires_at" : "2015-11-09T01:42:57.527363Z",
        "issued_at" : "2015-11-09T00:42:57.527404Z",
        "user" : {
          "domain" : {
          "id" : "default",
          "name" : "Default"
          },
          "id" : "ee4dfb6e5540447cb3741905149XXX...",
          "password_expires_at":"2016-11-06T15:32:17.000000",
          "name" : "admin"
        },
        "domain" : {
           "name" : "Default",
           "id" : "default"
        },
        "roles" : [{
           "name" : "role1",
           "id" : "roleid1"
           }, {
           "name" : "role2",
           "id" : "roleid2"
           }
      ]
      }
    }

Status Codes

Status Code

Description

200

The request is successful.

400

The server failed to process the request.

401

You must enter a username and password to access the requested page.

403

You are forbidden to access the requested page.

404

The server could not find the requested page.

503

Failed to complete the request because the service is unavailable.