Verifying a Token and Returning a Valid Token

Function

URI

• Query parameters

  Parameter	Mandatory	Type	Description
  nocatalog	No	String	If this parameter is set, no catalog information will be displayed in the response.

Request Parameters

• Parameters in the request header

  Parameter	Mandatory	Type	Description
  X-Auth-Token	Yes	String	To verify your own token, specify your token. There are no special requirements on the permissions that your token must have. To verify the token of another user under the same domain, use a token that has permissions of the Security Administrator policy.
  X-Subject-Token	Yes	String	Token to be verified.

• Example request

  curl -i -k -H "X-Auth-Token:$token" -H "X-Subject-Token:$token" -X GET https://sample.domain.com/v3/auth/tokens
  
  

Response Parameters

• Parameters in the response header

  Parameter	Mandatory	Type	Description
  X-Subject-Token	Yes	String	Verified token.

• Parameters in the response body

  Parameter	Mandatory	Type	Description
  token	Yes	Object	Token information list.

• token

  Parameter	Mandatory	Type	Description
  methods	Yes	Array	Method of obtaining the token, for example, password.
  expires_at	Yes	String	Expiration date of the token.
  issued_at	Yes	String	Time when the token was issued.
  user	Yes	Object	Example: "user": { "name": "username", "id": "userid", "password_expires_at":"2016-11-06T15:32:17.000000", "domain": { "name": "domainname", "id": "domainid" } } user.name: Name of the user that owns the token. user.id: ID of the user. domain.name: Name of the domain to which the user belongs. domain.id: ID of the domain. password_expires_at: UTC time when the password will expire. null indicates that the password will not expire. This parameter is optional.
  domain	No	Object	The system determines whether to return this field based on the scope contained in the request for obtaining the token. Example: "domain": { "name" : "domainame", "id" : "domainid" } domain.name: Domain name. domain.id: Domain ID.
  project	No	Object	The system determines whether to return this field based on the scope contained in the request for obtaining the token. Example: "project": { "name": "projectname", "id": "projectid", } project.name: Name of a project. project.id: ID of the project.
  catalog	No	Json Array	Endpoint information. Example: "catalog": [{ "type": "identity", "id": "1331e5cff2a74d76b03da1225910e31d", "name": "iam", "endpoints": [{ "url": "https://sample.domain.com/v3", "region": "*", "region_id": "*", "interface": "public", "id": "089d4a381d574308a703122d3ae738e9" }] }] type: Type of the service to which the API belongs. id: ID of the service. name: Name of the service. endpoints: Endpoints that can be used to call the API. url: URL used to call the API. region: Region in which the service can be accessed. region_id: ID of the region. interface: Type of the API. The value public means that the API is open for access. id: ID of the API.
  roles	Yes	Array	Permissions information of the token. Example: "roles" : [{ "name" : "role1", "id" : "roleid1" }, { "name" : "role2", "id" : "roleid2" } ]

• token.catalog

  Parameter	Type	Description
  endpoints	Array of objects	Endpoint information.
  id	String	Service ID.
  name	String	Service name.
  type	String	Type of the service to which the API belongs.

• token.catalog.endpoints

  Parameter	Type	Description
  id	String	Endpoint ID.
  interface	String	Visibility of the API. public indicates that the API is available for public access.
  region	String	Region to which the endpoint belongs.
  region_id	String	Region ID.
  url	String	Endpoint URL.

• token.domain

  Parameter	Type	Description
  name	String	Domain name.
  id	String	Domain ID.

• token.project

  Parameter	Type	Description
  domain	Object	Domain information of the project.
  id	String	Project ID.
  name	String	Project name.

• token.project.domain

  Parameter	Type	Description
  id	String	Domain ID.
  name	String	Domain name.

• token.roles

  Parameter	Type	Description
  name	String	Permission name.
  id	String	Permission ID. The default value is 0, which does not correspond to any permission.

• token.user

  Parameter	Type	Description
  name	String	IAM username.
  id	String	User ID.
  password_expires_at	String	Password expiration time. If this parameter is not specified, the password will never expire. NOTE: The value is a UTC time in the YYYY-MM-DDTHH:mm:ss.ssssssZ format, for example, 2023-06-28T08:56:33.710000Z. For details about the date and timestamp formats, see ISO-8601.
  domain	Object	Information about the account used to create the IAM user.

• token.user.domain

  Parameter	Type	Description
  name	String	Name of the account used to create the IAM user.
  id	String	ID of the account used to create the IAM user.

• Example response

  {
    "token" : {
      "methods" : ["password"],
      "expires_at" : "2015-11-09T01:42:57.527363Z",
      "issued_at" : "2015-11-09T00:42:57.527404Z",
      "user" : {
        "domain" : {
        "id" : "default",
        "name" : "Default"
        },
        "id" : "ee4dfb6e5540447cb3741905149XXX...",
        "password_expires_at":"2016-11-06T15:32:17.000000",
        "name" : "admin"
      },
      "domain" : {
         "name" : "Default",
         "id" : "default"
      },
      "roles" : [{
         "name" : "role1",
         "id" : "roleid1"
         }, {
         "name" : "role2",
         "id" : "roleid2"
         }
    ]
    }
  }
  
  

Status Codes