Updated on 2023-12-08 GMT+08:00

Token Authentication

Scenarios

To call APIs using a token, add the token to the X-Auth-Token header in API requests.

You can use either of the following authentication methods to call APIs:

  • Token authentication: Requests are authenticated using a token.
  • AK/SK authentication: Requests are encrypted using an access key ID (AK) and a secret access key (SK).

API Calling Example

  1. Obtain a token and set it as an environment variable for authenticating the calling of other APIs.
    1. Obtain a token. An example request is as follows:
      curl -X POST https://{iam_endpoint}/v3/auth/tokens -H 'content-type: application/json' -d '{
      	"auth": {
      		"identity": {
      			"methods": [
      				"password"
      			],
      			"password": {
      				"user": {
      				"name": "{user_name}",
      					"domain": {
      						"name": "{user_name}"
      					},
      			"password": "{password}"
      				}
      			}
      		},
      		"scope": {
      			"project": {
      				"id": "{project_id}"
      			}
      		}
      	}
      }' -vk

      Modify the parameters in the preceding command according to the following description. For details, see the API forObtaining a User Token in the Identity and Access Management API Reference.

      • Obtain the {iam_endpoint} from Regions and Endpoints.
      • Replace {user_name} and {password} respectively with the username and password of the IAM server.
      • {project_id}: The project ID. On the management console, hover the mouse pointer over the username in the upper right corner, choose My Credentials from the drop-down list, and then view the project ID on the displayed page.

      The token value is the X-Subject-Token value in the response header as shown below:

      Figure 1 Obtaining the X-Subject-Token response header
    2. Run the following command to set an environment variable for passing the token:

      export Token={X-Subject-Token}

      X-Subject-Token is the token obtained in 1.a. Example:

      export Token=MIIDkg******BZQMEAgEwg
  2. To call an API, obtain the domain name, request method, and URL by referring to Preparation, add X-Auth-Token to the request header, and set the value of X-Auth-Token to the token obtained in 1. Set the parameters based on the site requirements.
    curl -X Request_method Domain name+URL  -H "x-auth-token: $Token" -vk