Help Center/ Identity and Access Management_Identity and Access Management (New Edition)/ API Reference/ API/ IAM/ Configuring Security Settings/ Querying the Token Policy of an Account
Updated on 2025-11-06 GMT+08:00
View PDF
Share

Querying the Token Policy of an Account

Function

This API is used to query the token policy of an account. The token policy controls whether tokens can be obtained for IAM users, agencies, and federated users under the account. (Unscoped tokens obtained through federated authentication are not affected).

Authorization Information

No identity policy-based permission required for calling this API.

URI

GET /v5/token-policy

Request Parameters

None

Response Parameters

Status code: 200

Table 1 Response body parameters

Parameter

Type

Description

token_policy

TokenPolicy object

Token policy of an account.
Table 2 TokenPolicy

Parameter

Type

Description

token_enabled

Boolean

Whether obtaining tokens is allowed. The default value is true. Setting this parameter to false forbids token obtaining for IAM users, agencies, and federated users under the account. (Unscoped tokens obtained through federated authentication are not affected.)

Status code: 403

Table 3 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

request_id

String

Request ID.

encoded_authorization_message

String

Encrypted authentication failure information, which can be decrypted using the STS5 decryption API.

Example Requests

Querying the token policy of an account

GET https://{endpoint}/v5/token-policy

Example Responses

Status code: 200

Request succeeded.

{
  "token_policy" : {
    "token_enabled" : true
  }
}

Status Codes

Status Code

Description

200

Request succeeded.

403

Insufficient permissions.

Error Codes

See Error Codes.