Token Authentication
Scenarios
To call APIs using a token, add the token to the X-Auth-Token header in API requests.
You can use either of the following authentication methods to call APIs:
- Token authentication: Requests are authenticated using a token.
- AK/SK authentication: Requests are encrypted using an access key ID (AK) and a secret access key (SK).
Calling an API Through Token Authentication
- Obtain a token. For details, see chapter "Obtaining a User Token" in the Identity and Access Management API Reference. After the request is processed, the value of X-Subject-Token in the message header is the token value.
The following figures show how to obtain a token using an API testing tool.
Figure 1 Example request
Figure 2 Obtaining the X-Subject-Token response header
- Call a service API and add the X-Auth-Token request header to specify the token obtained in 1.
Example
This section describes the basic procedure for using an API.
- Obtain the required information.
Obtain the IAM endpoint from Regions and Endpoints.
- On the management console, click the username in the upper right corner, choose My Credentials from the drop-down list, and then view the project ID on the displayed page.
- Call the token authentication API to obtain a token, and set an environment variable to pass the token. This token will be used for authentication of other APIs. For details, see chapter "Obtaining a User Token".
- Run the following commands to obtain a token:
curl -X POST https://{iam_endpoint}/v3/auth/tokens -H 'content-type: application/json' -d '{ "auth": { "identity": { "methods": [ "password" ], "password": { "user": { "name": "{user_name}", "domain": { "name": "{user_name}" }, "password": "{password}" } } }, "scope": { "project": { "id": "{project_id}" } } } }' -vk
Modify the following parameters by referring to Identity and Access Management API Reference:
- {iam_endpoint}: Replace this parameter with the IAM endpoint.
- {project_id}: Replace this parameter with the project ID.
- {user_name} and {password}: Replace these two parameters respectively with the username and password of the IAM server.
The value of the X-Subject-Token response header is the token.
X-Subject-Token:MIIDkgYJKoZIhvcNAQcCoIIDgzCCAxxxxxx38CAQExDTALBglghkgBZQMEAgEwg
- Run the following command to set an environment variable for passing the token:
export Token={X-Subject-Token}
X-Subject-Token is the token obtained in 3.a. Example:
export Token=MIIDkgYJKoZIhvcNAQcCoIIDgzCCAxxxxxx38CAQExDTALBglghkgBZQMEAgEwg
- Run the following commands to obtain a token:
- Call an API. Configure required parameters, and obtain the domain name, request method, and URL by referring to Preparation.
curl -X Request_method Domain name+URL -H "x-auth-token: $Token" -vk
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot