/v1/auth/access-tokens/ | Qumulo Documentation

Endpoint

/v1/auth/access-tokens/

GET

List all access tokens for the cluster or specified user. Privilege ACCESS_TOKENS_READ is required to list keys for users other than yourself

Parameters

Name	Description	Required
`user`	Filters access tokens by user identity if specified.	No
`after`	Return entries after the given key (keys are returned in the paging object)	No
`limit`	Return no more than this many entries; the system may choose a smaller limit.	No

Response

Codes

Code	Description
200	Return value on success

Schema

{
  "description": "api_access_token_metadata_list_model",
  "type": "object",
  "properties": {
    "entries": {
      "type": "array",
      "items": {
        "description": "entries",
        "type": "object",
        "properties": {
          "id": {
            "description": "The access token's identifier for management APIs.",
            "type": "string"
          },
          "user": {
            "description": "The user that the access token was created for.",
            "type": "object",
            "properties": {
              "domain": {
                "type": "string",
                "enum": [
                  "LOCAL",
                  "API_NULL_DOMAIN",
                  "WORLD",
                  "POSIX_USER",
                  "POSIX_GROUP",
                  "ACTIVE_DIRECTORY",
                  "API_INVALID_DOMAIN",
                  "API_RESERVED_DOMAIN",
                  "API_INTERNAL_DOMAIN",
                  "API_OPERATOR_DOMAIN",
                  "API_CREATOR_DOMAIN"
                ],
                "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
              },
              "auth_id": {
                "description": "auth_id",
                "type": "string"
              },
              "uid": {
                "description": "uid",
                "type": "number"
              },
              "gid": {
                "description": "gid",
                "type": "number"
              },
              "sid": {
                "description": "sid",
                "type": "string"
              },
              "name": {
                "description": "name",
                "type": "string"
              }
            }
          },
          "creator": {
            "description": "The user that created the access token.",
            "type": "object",
            "properties": {
              "domain": {
                "type": "string",
                "enum": [
                  "LOCAL",
                  "API_NULL_DOMAIN",
                  "WORLD",
                  "POSIX_USER",
                  "POSIX_GROUP",
                  "ACTIVE_DIRECTORY",
                  "API_INVALID_DOMAIN",
                  "API_RESERVED_DOMAIN",
                  "API_INTERNAL_DOMAIN",
                  "API_OPERATOR_DOMAIN",
                  "API_CREATOR_DOMAIN"
                ],
                "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
              },
              "auth_id": {
                "description": "auth_id",
                "type": "string"
              },
              "uid": {
                "description": "uid",
                "type": "number"
              },
              "gid": {
                "description": "gid",
                "type": "number"
              },
              "sid": {
                "description": "sid",
                "type": "string"
              },
              "name": {
                "description": "name",
                "type": "string"
              }
            }
          },
          "creation_time": {
            "description": "The time that the access token was created.",
            "type": "string"
          },
          "expiration_time": {
            "description": "The time after which the access token is expired.",
            "type": "string"
          },
          "enabled": {
            "description": "This access token can be used to authenticate.",
            "type": "boolean"
          }
        }
      }
    }
  }
}

POST

Create an access token for the specified user. Privilege ACCESS_TOKENS_WRITE is required to create a key for a user other than yourself.

Parameters

This resource has no parameters.

Request

Schema

{
  "description": "api_create_access_token_request",
  "type": "object",
  "properties": {
    "user": {
      "description": "User to create an access token for.",
      "type": "object",
      "properties": {
        "domain": {
          "type": "string",
          "enum": [
            "LOCAL",
            "API_NULL_DOMAIN",
            "WORLD",
            "POSIX_USER",
            "POSIX_GROUP",
            "ACTIVE_DIRECTORY",
            "API_INVALID_DOMAIN",
            "API_RESERVED_DOMAIN",
            "API_INTERNAL_DOMAIN",
            "API_OPERATOR_DOMAIN",
            "API_CREATOR_DOMAIN"
          ],
          "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
        },
        "auth_id": {
          "description": "auth_id",
          "type": "string"
        },
        "uid": {
          "description": "uid",
          "type": "number"
        },
        "gid": {
          "description": "gid",
          "type": "number"
        },
        "sid": {
          "description": "sid",
          "type": "string"
        },
        "name": {
          "description": "name",
          "type": "string"
        }
      }
    },
    "expiration_time": {
      "description": "The time after which the access token is expired.",
      "type": "string"
    }
  }
}

Response

Codes

Code	Description
200	Return value on success

Schema

{
  "description": "api_access_token",
  "type": "object",
  "properties": {
    "id": {
      "description": "The access token's identifier for management APIs.",
      "type": "string"
    },
    "bearer_token": {
      "description": "The bearer token for authenticating over REST. Can be used in qq, REST bindings, or an HTTP Authorization header.",
      "type": "string"
    }
  }
}