vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/iam/api-ref/en-us_topic_0064274720.html
Wei, Hongmin c7cf8ac24f IAM API 0711 Version 
Reviewed-by: Belejkanic, Lukas <lukas.belejkanic@t-systems.com>
Co-authored-by: Wei, Hongmin <weihongmin1@huawei.com>
Co-committed-by: Wei, Hongmin <weihongmin1@huawei.com>
2024-07-11 11:57:45 +00:00

419 lines
33 KiB
HTML
Raw Blame History

<a name="en-us_topic_0064274720"></a><a name="en-us_topic_0064274720"></a>
<h1 class="topictitle1">Obtaining an Agency Token</h1>
<div id="body1559206849808"><div class="section" id="en-us_topic_0064274720__s5888597838b0425a92e3419fb766c7f5"><h4 class="sectiontitle">Function</h4><p id="en-us_topic_0064274720__p685312537484">This API is used to obtain an agency token. For example, after a trust relationship is established between A (delegating party) and B (delegated party), the delegated party B can use this API to obtain an agency token to manage A's resources that B is delegated to manage. However, B cannot use this agency token to manage its own resources. To do so, B needs to obtain a user token by referring to <a href="en-us_topic_0057845583.html">Obtaining a User Token</a>.</p>
<div class="note" id="en-us_topic_0064274720__nac695b8ae32b4d5086aacb56f63d69c1"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="en-us_topic_0064274720__p49441123175220">The validity period of a token is <strong id="en-us_topic_0064274720__b26888382462">24 hours</strong>. Cache the token to prevent frequent API calling. Ensure that the token is valid while you use it. Using a token that will soon expire may cause API calling failures. Obtaining a new token does not affect the validity of the existing token. </p>
</div></div>
</div>
<div class="section" id="en-us_topic_0064274720__s46d3616bd4c54e55ba97a528518a5890"><h4 class="sectiontitle">URI</h4><p id="en-us_topic_0064274720__a80e962a80e7749d3b159c2c7380021bf">POST /v3/auth/tokens</p>
</div>
<div class="section" id="en-us_topic_0064274720__se7fe5cac0d544e119c49322cc1707eb6"><h4 class="sectiontitle">Request Parameters</h4><ul id="en-us_topic_0064274720__en-us_topic_0026585112_ul3226198"><li id="en-us_topic_0064274720__l7c4919f55ea849a9bb59e1454113085c">Parameters in the request header
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="en-us_topic_0064274720__t68c7bd10e66a4380a1e6cdc78ca95669" frame="border" border="1" rules="all"><thead align="left"><tr id="en-us_topic_0064274720__r584496594a404ce18918a40e6e57c2ec"><th align="left" class="cellrowborder" valign="top" width="21.42%" id="mcps1.3.3.2.1.1.1.5.1.1"><p id="en-us_topic_0064274720__ac3a989cc5d3a405889eabb47dee84b04">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="16.939999999999998%" id="mcps1.3.3.2.1.1.1.5.1.2"><p id="en-us_topic_0064274720__a69a20ac00b86496aa8418517c542b0da">Mandatory</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="17.22%" id="mcps1.3.3.2.1.1.1.5.1.3"><p id="en-us_topic_0064274720__a92c23d4441054df0972e025aeb3a8d7f">Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="44.42%" id="mcps1.3.3.2.1.1.1.5.1.4"><p id="en-us_topic_0064274720__abe6882c44cf4402d8ed7706b9278f33b">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="en-us_topic_0064274720__r5d63069d6a8a426e8b25b94d1b4d302a"><td class="cellrowborder" valign="top" width="21.42%" headers="mcps1.3.3.2.1.1.1.5.1.1 "><p id="en-us_topic_0064274720__ad4fb6253385c46ab8720a0e13f573694">Content-Type</p>
</td>
<td class="cellrowborder" valign="top" width="16.939999999999998%" headers="mcps1.3.3.2.1.1.1.5.1.2 "><p id="en-us_topic_0064274720__a6b33800bcb2a446695b1d33a2d751554">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="17.22%" headers="mcps1.3.3.2.1.1.1.5.1.3 "><p id="en-us_topic_0064274720__ab34a5e95b76b4b79a72da0734025f211">String</p>
</td>
<td class="cellrowborder" valign="top" width="44.42%" headers="mcps1.3.3.2.1.1.1.5.1.4 "><p id="en-us_topic_0064274720__a716277ae541d4553bb10490f9c02593d">Fill <span class="parmvalue" id="en-us_topic_0064274720__parmvalue167946497717"><b>application/json;charset=utf8</b></span> in this field.</p>
</td>
</tr>
<tr id="en-us_topic_0064274720__row3481201482919"><td class="cellrowborder" valign="top" width="21.42%" headers="mcps1.3.3.2.1.1.1.5.1.1 "><p id="en-us_topic_0064274720__p4121821192918">X-Auth-Token</p>
</td>
<td class="cellrowborder" valign="top" width="16.939999999999998%" headers="mcps1.3.3.2.1.1.1.5.1.2 "><p id="en-us_topic_0064274720__p104841714152913">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="17.22%" headers="mcps1.3.3.2.1.1.1.5.1.3 "><p id="en-us_topic_0064274720__p1484171415293">String</p>
</td>
<td class="cellrowborder" valign="top" width="44.42%" headers="mcps1.3.3.2.1.1.1.5.1.4 "><p id="en-us_topic_0064274720__p7188184217297">Token that assigns the permissions of the <strong id="en-us_topic_0064274720__b42161544194">Agent Operator</strong> policy to user B.</p>
</td>
</tr>
</tbody>
</table>
</div>
</li><li id="en-us_topic_0064274720__li15803123214351">Parameters in the request body
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="en-us_topic_0064274720__table178290313599" frame="border" border="1" rules="all"><thead align="left"><tr id="en-us_topic_0064274720__row178294318597"><th align="left" class="cellrowborder" valign="top" width="21.272127212721273%" id="mcps1.3.3.2.2.1.1.5.1.1"><p id="en-us_topic_0064274720__p682963165915">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="16.92169216921692%" id="mcps1.3.3.2.2.1.1.5.1.2"><p id="en-us_topic_0064274720__p1482903105920">Mandatory</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="17.261726172617262%" id="mcps1.3.3.2.2.1.1.5.1.3"><p id="en-us_topic_0064274720__p18829183145920">Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="44.54445444544455%" id="mcps1.3.3.2.2.1.1.5.1.4"><p id="en-us_topic_0064274720__p982911375918">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="en-us_topic_0064274720__row820912912437"><td class="cellrowborder" valign="top" width="21.272127212721273%" headers="mcps1.3.3.2.2.1.1.5.1.1 "><p id="en-us_topic_0064274720__p117271323403">identity</p>
</td>
<td class="cellrowborder" valign="top" width="16.92169216921692%" headers="mcps1.3.3.2.2.1.1.5.1.2 "><p id="en-us_topic_0064274720__p07279236010">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="17.261726172617262%" headers="mcps1.3.3.2.2.1.1.5.1.3 "><p id="en-us_topic_0064274720__p1072715231201">JSON object</p>
</td>
<td class="cellrowborder" valign="top" width="44.54445444544455%" headers="mcps1.3.3.2.2.1.1.5.1.4 "><p id="en-us_topic_0064274720__p12733551037">Authentication parameters, including: <strong id="en-us_topic_0064274720__b13737404101">methods</strong> and <strong id="en-us_topic_0064274720__b77378014105">assume_role</strong>.</p>
<pre class="screen" id="en-us_topic_0064274720__screen4242448102819">"identity": {
"methods": ["assume_role"],
"assume_role": {</pre>
</td>
</tr>
<tr id="en-us_topic_0064274720__row118480418431"><td class="cellrowborder" valign="top" width="21.272127212721273%" headers="mcps1.3.3.2.2.1.1.5.1.1 "><p id="en-us_topic_0064274720__p81848145559">methods</p>
</td>
<td class="cellrowborder" valign="top" width="16.92169216921692%" headers="mcps1.3.3.2.2.1.1.5.1.2 "><p id="en-us_topic_0064274720__p19184101415559">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="17.261726172617262%" headers="mcps1.3.3.2.2.1.1.5.1.3 "><p id="en-us_topic_0064274720__p8184131410553">String Array</p>
</td>
<td class="cellrowborder" valign="top" width="44.54445444544455%" headers="mcps1.3.3.2.2.1.1.5.1.4 "><p id="en-us_topic_0064274720__p101851414175513">Method for obtaining the token. Set this field to <strong id="en-us_topic_0064274720__b97361113191114">assume_role</strong>.</p>
</td>
</tr>
<tr id="en-us_topic_0064274720__row2315147387"><td class="cellrowborder" valign="top" width="21.272127212721273%" headers="mcps1.3.3.2.2.1.1.5.1.1 "><p id="en-us_topic_0064274720__en-us_topic_0056596910_p4770553481">domain_name or domain_id</p>
</td>
<td class="cellrowborder" valign="top" width="16.92169216921692%" headers="mcps1.3.3.2.2.1.1.5.1.2 "><p id="en-us_topic_0064274720__en-us_topic_0056596910_p97709531782">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="17.261726172617262%" headers="mcps1.3.3.2.2.1.1.5.1.3 "><p id="en-us_topic_0064274720__en-us_topic_0056596910_p07709531487">String</p>
</td>
<td class="cellrowborder" valign="top" width="44.54445444544455%" headers="mcps1.3.3.2.2.1.1.5.1.4 "><p id="en-us_topic_0064274720__a7d17f5dc348644e4a0356f6229a75ad4">Domain name or domain ID of the delegating party A. Specify either <strong id="en-us_topic_0064274720__b177846217121">domain_name</strong> or <strong id="en-us_topic_0064274720__b179995286123">domain_id</strong>.</p>
</td>
</tr>
<tr id="en-us_topic_0064274720__row983018318592"><td class="cellrowborder" valign="top" width="21.272127212721273%" headers="mcps1.3.3.2.2.1.1.5.1.1 "><p id="en-us_topic_0064274720__p883010311590">xrole_name</p>
</td>
<td class="cellrowborder" valign="top" width="16.92169216921692%" headers="mcps1.3.3.2.2.1.1.5.1.2 "><p id="en-us_topic_0064274720__p1783014355918">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="17.261726172617262%" headers="mcps1.3.3.2.2.1.1.5.1.3 "><p id="en-us_topic_0064274720__p583020375917">String</p>
</td>
<td class="cellrowborder" valign="top" width="44.54445444544455%" headers="mcps1.3.3.2.2.1.1.5.1.4 "><p id="en-us_topic_0064274720__p19830834595">Name of the agency created by A.</p>
</td>
</tr>
<tr id="en-us_topic_0064274720__row1283411395912"><td class="cellrowborder" valign="top" width="21.272127212721273%" headers="mcps1.3.3.2.2.1.1.5.1.1 "><p id="en-us_topic_0064274720__p5835133175915">scope</p>
</td>
<td class="cellrowborder" valign="top" width="16.92169216921692%" headers="mcps1.3.3.2.2.1.1.5.1.2 "><p id="en-us_topic_0064274720__p14835338590">No</p>
</td>
<td class="cellrowborder" valign="top" width="17.261726172617262%" headers="mcps1.3.3.2.2.1.1.5.1.3 "><p id="en-us_topic_0064274720__p5835113195919">JSON object</p>
</td>
<td class="cellrowborder" valign="top" width="44.54445444544455%" headers="mcps1.3.3.2.2.1.1.5.1.4 "><p id="en-us_topic_0064274720__p154910141527">Usage scope of the token. The value can be <strong id="en-us_topic_0064274720__b167587433149">project</strong> or <strong id="en-us_topic_0064274720__b4759124319146">domain</strong>.</p>
<ul id="en-us_topic_0064274720__ul13491314628"><li id="en-us_topic_0064274720__li74915141625">If this field is set to <strong id="en-us_topic_0064274720__b1829114901411">project</strong>, the token can only be used to access resources in the project of a specified ID or name.<pre class="screen" id="en-us_topic_0064274720__screen174911147216">"scope": {
"project": {
"id": "0b95b78b67fa045b38104c12fb..."
}
}</pre>
</li><li id="en-us_topic_0064274720__li761211595616">If this field is set to <strong id="en-us_topic_0064274720__b1577485791411">domain</strong>, the token can be used to access all resources under the domain of a specified ID or name.<pre class="screen" id="en-us_topic_0064274720__screen4501614421">"scope": {
"domain": {
"id": "6b8eb224c76842e3ac2..."
}
}</pre>
</li></ul>
</td>
</tr>
</tbody>
</table>
</div>
</li></ul>
</div>
<ul id="en-us_topic_0064274720__ul188112328362"><li id="en-us_topic_0064274720__li1811123212363">Example request<div class="p" id="en-us_topic_0064274720__p11660171083014"><a name="en-us_topic_0064274720__li1811123212363"></a><a name="li1811123212363"></a>The following is a sample request for obtaining an agency token for <strong id="en-us_topic_0064274720__b11495443152220">domain A</strong>. The name of the agency is <strong id="en-us_topic_0064274720__b159375812220">agencytest</strong>.<pre class="screen" id="en-us_topic_0064274720__screen146549485295">{
"auth":{
"identity":{
"methods":[
"assume_role"
],
"assume_role":{
"domain_name":"domain A",
"xrole_name":"agencytest"
}
},
"scope":{
"domain":{
"name":"domain A"
}
}
}
}</pre>
</div>
</li></ul>
<div class="section" id="en-us_topic_0064274720__s3a08e13bb5b34dc2ba4dcd84a0d51cf5"><h4 class="sectiontitle">Response Parameters</h4><ul id="en-us_topic_0064274720__en-us_topic_0026585112_ul10497152"><li id="en-us_topic_0064274720__en-us_topic_0026585112_li27365507">Parameters in the response header
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="en-us_topic_0064274720__en-us_topic_0026585112_table44962972" frame="border" border="1" rules="all"><thead align="left"><tr id="en-us_topic_0064274720__en-us_topic_0026585112_row49143529"><th align="left" class="cellrowborder" valign="top" width="21.22%" id="mcps1.3.5.2.1.1.1.5.1.1"><p id="en-us_topic_0064274720__en-us_topic_0026585112_p21202951">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="16.78%" id="mcps1.3.5.2.1.1.1.5.1.2"><p id="en-us_topic_0064274720__p862619429218">Mandatory</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="17.119999999999997%" id="mcps1.3.5.2.1.1.1.5.1.3"><p id="en-us_topic_0064274720__en-us_topic_0026585112_p39717481">Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="44.879999999999995%" id="mcps1.3.5.2.1.1.1.5.1.4"><p id="en-us_topic_0064274720__en-us_topic_0026585112_p62999416">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="en-us_topic_0064274720__en-us_topic_0026585112_row2679067"><td class="cellrowborder" valign="top" width="21.22%" headers="mcps1.3.5.2.1.1.1.5.1.1 "><p id="en-us_topic_0064274720__en-us_topic_0026585112_p15677883">X-Subject-Token</p>
</td>
<td class="cellrowborder" valign="top" width="16.78%" headers="mcps1.3.5.2.1.1.1.5.1.2 "><p id="en-us_topic_0064274720__p9626642329">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="17.119999999999997%" headers="mcps1.3.5.2.1.1.1.5.1.3 "><p id="en-us_topic_0064274720__en-us_topic_0026585112_p61948991">String</p>
</td>
<td class="cellrowborder" valign="top" width="44.879999999999995%" headers="mcps1.3.5.2.1.1.1.5.1.4 "><p id="en-us_topic_0064274720__en-us_topic_0026585112_p51812368">Agency token that is obtained.</p>
</td>
</tr>
</tbody>
</table>
</div>
</li><li id="en-us_topic_0064274720__le6d8886820e2488abb03d3baa7fb5ee4">Token format description
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="en-us_topic_0064274720__t9aa18688b0f44302a45f87a865a4f9d7" frame="border" border="1" rules="all"><thead align="left"><tr id="en-us_topic_0064274720__r4495c7bbf2c14d50a55a4ac402e189ca"><th align="left" class="cellrowborder" valign="top" width="21.26787321267873%" id="mcps1.3.5.2.2.1.1.5.1.1"><p id="en-us_topic_0064274720__a604782cae932448db4a5fe6032c0703e">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="16.728327167283272%" id="mcps1.3.5.2.2.1.1.5.1.2"><p id="en-us_topic_0064274720__a6175c8a318d24e39837027e182baaed9">Mandatory</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="17.24827517248275%" id="mcps1.3.5.2.2.1.1.5.1.3"><p id="en-us_topic_0064274720__a8ed9dc140ab940ae83066efac4a62450">Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="44.755524447555246%" id="mcps1.3.5.2.2.1.1.5.1.4"><p id="en-us_topic_0064274720__a7926893fadf64b0cba9adac5489deefd">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="en-us_topic_0064274720__rcc2f2253b42941d3976e9118b7899178"><td class="cellrowborder" valign="top" width="21.26787321267873%" headers="mcps1.3.5.2.2.1.1.5.1.1 "><p id="en-us_topic_0064274720__a07a6ef85698e438b842d000b6bcbb235">methods</p>
</td>
<td class="cellrowborder" valign="top" width="16.728327167283272%" headers="mcps1.3.5.2.2.1.1.5.1.2 "><p id="en-us_topic_0064274720__ab83556a39c894a0983c94c05bbe8a92d">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="17.24827517248275%" headers="mcps1.3.5.2.2.1.1.5.1.3 "><p id="en-us_topic_0064274720__a558b3430e0444f97a88d96cdc036401e">Json Array</p>
</td>
<td class="cellrowborder" valign="top" width="44.755524447555246%" headers="mcps1.3.5.2.2.1.1.5.1.4 "><p id="en-us_topic_0064274720__a7b9d6f974d1e4d44890be49309a0382f">Method for obtaining the token.</p>
</td>
</tr>
<tr id="en-us_topic_0064274720__r952955421b3345d29a03350797976bef"><td class="cellrowborder" valign="top" width="21.26787321267873%" headers="mcps1.3.5.2.2.1.1.5.1.1 "><p id="en-us_topic_0064274720__aec3770aaf9384235aed7d5a3e9b61d34">expires_at</p>
</td>
<td class="cellrowborder" valign="top" width="16.728327167283272%" headers="mcps1.3.5.2.2.1.1.5.1.2 "><p id="en-us_topic_0064274720__a2d5989348dcc4c34ab87e762205e3e25">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="17.24827517248275%" headers="mcps1.3.5.2.2.1.1.5.1.3 "><p id="en-us_topic_0064274720__a06df05908d2046d6b318f3dbadcad5fa">String</p>
</td>
<td class="cellrowborder" valign="top" width="44.755524447555246%" headers="mcps1.3.5.2.2.1.1.5.1.4 "><p id="en-us_topic_0064274720__af0c635100ad74b489f89c886e157e49b">Expiration date of the token.</p>
</td>
</tr>
<tr id="en-us_topic_0064274720__r566af79660784b49a20126aeb8226599"><td class="cellrowborder" valign="top" width="21.26787321267873%" headers="mcps1.3.5.2.2.1.1.5.1.1 "><p id="en-us_topic_0064274720__a99ee5815381b446bab5b3b871f0cd77f">issued_at</p>
</td>
<td class="cellrowborder" valign="top" width="16.728327167283272%" headers="mcps1.3.5.2.2.1.1.5.1.2 "><p id="en-us_topic_0064274720__aa7051ea6df594043a3d18cfbdfb49dc8">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="17.24827517248275%" headers="mcps1.3.5.2.2.1.1.5.1.3 "><p id="en-us_topic_0064274720__af1aa454ebf634d428c9498bb88dd9d45">String</p>
</td>
<td class="cellrowborder" valign="top" width="44.755524447555246%" headers="mcps1.3.5.2.2.1.1.5.1.4 "><p id="en-us_topic_0064274720__en-us_topic_0026585112_p532161155713">Time when the token was issued.</p>
</td>
</tr>
<tr id="en-us_topic_0064274720__r2bdea9cf4b4a40ea89733ee4ff3af64a"><td class="cellrowborder" valign="top" width="21.26787321267873%" headers="mcps1.3.5.2.2.1.1.5.1.1 "><p id="en-us_topic_0064274720__a313ab3f0623c4e57a9160a072e6a22c9">user</p>
</td>
<td class="cellrowborder" valign="top" width="16.728327167283272%" headers="mcps1.3.5.2.2.1.1.5.1.2 "><p id="en-us_topic_0064274720__a87695b24819042c8afa89bf8867ebdf5">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="17.24827517248275%" headers="mcps1.3.5.2.2.1.1.5.1.3 "><p id="en-us_topic_0064274720__a27424032f78a40379dddacb5ab25166d">JSON object</p>
</td>
<td class="cellrowborder" valign="top" width="44.755524447555246%" headers="mcps1.3.5.2.2.1.1.5.1.4 "><p id="en-us_topic_0064274720__a220a5e088be14830a1e9db57ad7e9d50">Detailed information about the delegating party. Example:</p>
<pre class="screen" id="en-us_topic_0064274720__s94858990e5764505971cc869331632fc">"user": {
"name": "<em id="en-us_topic_0064274720__i6335101061711">user A</em>",
"id": "<em id="en-us_topic_0064274720__en-us_topic_0026585112_i433336816519">userid</em>",
"password_expires_at":"2016-11-06T15:32:17.000000",
"domain": {
"name": "<em id="en-us_topic_0064274720__en-us_topic_0026585112_i438354691645">domain A</em>",
"id": "<em id="en-us_topic_0064274720__en-us_topic_0026585112_i75268851664">domainid</em>"
}
}</pre>
<ul id="en-us_topic_0064274720__ul1414311427419"><li id="en-us_topic_0064274720__li17143342146"><strong id="en-us_topic_0064274720__b119112038305">user.name</strong>: Username of the delegating party.</li><li id="en-us_topic_0064274720__li171431642046"><strong id="en-us_topic_0064274720__b57021753016">user.id</strong>: User ID of the delegating party.</li><li id="en-us_topic_0064274720__li414316421240"><strong id="en-us_topic_0064274720__b1601225133018">domain.name</strong>: Name of the domain which the delegating party belongs to.</li><li id="en-us_topic_0064274720__li014394212411"><strong id="en-us_topic_0064274720__b1889119340342">domain.id</strong>: ID of the domain which the delegating party belongs to.</li><li id="en-us_topic_0064274720__li214418421544"><strong id="en-us_topic_0064274720__b842352706101836">password_expires_at</strong>: Time when the password will expire. <strong id="en-us_topic_0064274720__b84235270616517">null</strong> indicates that the password will not expire. This parameter is optional.</li></ul>
</td>
</tr>
<tr id="en-us_topic_0064274720__rd33372d927214527ac870bb11715c536"><td class="cellrowborder" valign="top" width="21.26787321267873%" headers="mcps1.3.5.2.2.1.1.5.1.1 "><p id="en-us_topic_0064274720__a66272c967cb547c09f7a7316b4ae754c">domain</p>
</td>
<td class="cellrowborder" valign="top" width="16.728327167283272%" headers="mcps1.3.5.2.2.1.1.5.1.2 "><p id="en-us_topic_0064274720__a9183943cbe59479691b60e9c95a74a0d">No</p>
</td>
<td class="cellrowborder" valign="top" width="17.24827517248275%" headers="mcps1.3.5.2.2.1.1.5.1.3 "><p id="en-us_topic_0064274720__a06d0695f36184007ab70f95018c90a92">JSON object</p>
</td>
<td class="cellrowborder" valign="top" width="44.755524447555246%" headers="mcps1.3.5.2.2.1.1.5.1.4 "><p id="en-us_topic_0064274720__p1963811012015">This parameter is returned only when the <strong id="en-us_topic_0064274720__b329718353493">scope</strong> parameter in the request body has been set to <strong id="en-us_topic_0064274720__b6302123514498">domain</strong>.</p>
<p id="en-us_topic_0064274720__a4a60927497a74911bd2ab640524d9633">Example:</p>
<pre class="screen" id="en-us_topic_0064274720__s6426dc53b2a4457ea51cc7ea9e64f456">"domain": {
"name" : "<em id="en-us_topic_0064274720__i73871258304">domain A</em>",
"id" : "<em id="en-us_topic_0064274720__i17061511305">domainid</em>"
}</pre>
<ul id="en-us_topic_0064274720__ul1274024713413"><li id="en-us_topic_0064274720__li1574017471946"><strong id="en-us_topic_0064274720__b27211127154019">domain.name</strong>: Name of the domain which the delegating party belongs to.</li><li id="en-us_topic_0064274720__li1474114479411"><strong id="en-us_topic_0064274720__b5232123414011">domain.id</strong>: ID of the domain which the delegating party belongs to.</li></ul>
</td>
</tr>
<tr id="en-us_topic_0064274720__r3a914bf0c52c43e390883648cbe964ff"><td class="cellrowborder" valign="top" width="21.26787321267873%" headers="mcps1.3.5.2.2.1.1.5.1.1 "><p id="en-us_topic_0064274720__a0e6de929a1ea4db0b88e97acb4287d5e">project</p>
</td>
<td class="cellrowborder" valign="top" width="16.728327167283272%" headers="mcps1.3.5.2.2.1.1.5.1.2 "><p id="en-us_topic_0064274720__a346f8467c2e24793ab55c120fc37852f">No</p>
</td>
<td class="cellrowborder" valign="top" width="17.24827517248275%" headers="mcps1.3.5.2.2.1.1.5.1.3 "><p id="en-us_topic_0064274720__af6953054960f4c59903b92961b10b426">JSON object</p>
</td>
<td class="cellrowborder" valign="top" width="44.755524447555246%" headers="mcps1.3.5.2.2.1.1.5.1.4 "><p id="en-us_topic_0064274720__a41001b564477400f98aef711e86f0197">This parameter is returned only when the <strong id="en-us_topic_0064274720__b63701829194919">scope</strong> parameter in the request body has been set to <strong id="en-us_topic_0064274720__b1737222924914">project</strong>.</p>
<p id="en-us_topic_0064274720__a2658c45981e64570b63c49c45cfdfac7">Example:</p>
<pre class="screen" id="en-us_topic_0064274720__s75cd01f2f3df45ada904958dc41f5307">"project": {
"name": "<em id="en-us_topic_0064274720__af63ef597e10344ecaada944624eefa21">projectname</em>",
"id": "<em id="en-us_topic_0064274720__en-us_topic_0026585112_i86520761696">projectid</em>"
}</pre>
<ul id="en-us_topic_0064274720__ul86769381572"><li id="en-us_topic_0064274720__li13676153816717"><strong id="en-us_topic_0064274720__b154981843154020">project.name</strong>: Name of a project.</li><li id="en-us_topic_0064274720__li26761385717"><strong id="en-us_topic_0064274720__b16203154584012">project.id</strong>: ID of the project.</li></ul>
</td>
</tr>
<tr id="en-us_topic_0064274720__row31009604113628"><td class="cellrowborder" valign="top" width="21.26787321267873%" headers="mcps1.3.5.2.2.1.1.5.1.1 "><p id="en-us_topic_0064274720__p22717013113628">catalog</p>
</td>
<td class="cellrowborder" valign="top" width="16.728327167283272%" headers="mcps1.3.5.2.2.1.1.5.1.2 "><p id="en-us_topic_0064274720__p54936595113628">No</p>
</td>
<td class="cellrowborder" valign="top" width="17.24827517248275%" headers="mcps1.3.5.2.2.1.1.5.1.3 "><p id="en-us_topic_0064274720__p46529556113628">Json Array</p>
</td>
<td class="cellrowborder" valign="top" width="44.755524447555246%" headers="mcps1.3.5.2.2.1.1.5.1.4 "><p id="en-us_topic_0064274720__p45368001113628">Endpoint information.</p>
<p id="en-us_topic_0064274720__p50787600113939">Example:</p>
<pre class="screen" id="en-us_topic_0064274720__screen17568328113914">"catalog": [{
"type": "identity",
"id": "1331e5cff2a74d76b03da1225910e31d",
"name": "iam",
"endpoints": [{
"url": "<em id="en-us_topic_0064274720__i7903145132">https://sample.domain.com</em>/v3",
"region": "*",
"region_id": "*",
"interface": "public",
"id": "089d4a381d574308a703122d3ae738e9"
}]
}]</pre>
</td>
</tr>
<tr id="en-us_topic_0064274720__r57913d5a1da24c699a412dced6a7b573"><td class="cellrowborder" valign="top" width="21.26787321267873%" headers="mcps1.3.5.2.2.1.1.5.1.1 "><p id="en-us_topic_0064274720__a45bd202186b249bfa8fc87bbcbf05bb9">roles</p>
</td>
<td class="cellrowborder" valign="top" width="16.728327167283272%" headers="mcps1.3.5.2.2.1.1.5.1.2 "><p id="en-us_topic_0064274720__ae5cf82a55c21452aa028ff59e6973404">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="17.24827517248275%" headers="mcps1.3.5.2.2.1.1.5.1.3 "><p id="en-us_topic_0064274720__aa1fb3d35fbda45208e6e58dbbbc00b01">JSON object</p>
</td>
<td class="cellrowborder" valign="top" width="44.755524447555246%" headers="mcps1.3.5.2.2.1.1.5.1.4 "><p id="en-us_topic_0064274720__a18bf24a442094153ab2a8f7391737d06">Permissions information of the token.</p>
<p id="en-us_topic_0064274720__ace14d3d704ae4d41abdcfc9ae99def0f">Example:</p>
<pre class="screen" id="en-us_topic_0064274720__s71b72ebcaad84e58881c80352e028dff">"roles" : [{
"name" : "role1",
"id" : "roleid1"
}, {
"name" : "role2",
"id" : "roleid2"
}
] </pre>
</td>
</tr>
<tr id="en-us_topic_0064274720__row1930784083617"><td class="cellrowborder" valign="top" width="21.26787321267873%" headers="mcps1.3.5.2.2.1.1.5.1.1 "><p id="en-us_topic_0064274720__p3307174016361">assumed_by</p>
</td>
<td class="cellrowborder" valign="top" width="16.728327167283272%" headers="mcps1.3.5.2.2.1.1.5.1.2 "><p id="en-us_topic_0064274720__p93071640163616">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="17.24827517248275%" headers="mcps1.3.5.2.2.1.1.5.1.3 "><p id="en-us_topic_0064274720__p16353154163614">JSON object</p>
</td>
<td class="cellrowborder" valign="top" width="44.755524447555246%" headers="mcps1.3.5.2.2.1.1.5.1.4 "><p id="en-us_topic_0064274720__p5760121404010">Detailed information about the delegated party. Example:</p>
<p id="en-us_topic_0064274720__p1855720205374">Example:</p>
<pre class="screen" id="en-us_topic_0064274720__screen171913204147">"assumed_by": {
"user": {
"domain": {
"name": "domain B",
"id": "bfdd55e02a014894b5a2693f31..."
},
"name": "user B",
"id": "ff5ea657f1dd45c4b8f398cab..."
}
}</pre>
<ul id="en-us_topic_0064274720__ul219615366138"><li id="en-us_topic_0064274720__li381713397137"><strong id="en-us_topic_0064274720__b874418074515">domain.name</strong>: Name of the domain which the delegated party belongs to.</li><li id="en-us_topic_0064274720__li481717395134"><strong id="en-us_topic_0064274720__b1595117713458">user.name</strong>: Username of the delegated party.</li></ul>
</td>
</tr>
</tbody>
</table>
</div>
</li></ul>
</div>
<ul id="en-us_topic_0064274720__ul753710123133"><li id="en-us_topic_0064274720__li15371512191317">Example response<pre class="screen" id="en-us_topic_0064274720__screen84921439171914">Token information stored in the response header:
X-Subject-Token:MIIDkgYJKoZIhvcNAQcCoIIDgzCCA38CAQExDTALBglghkgBZQMEAgEwgXXXXX...
X-Frame-Options: SAMEORIGIN
Information included in the response body:
{
"token": {
"methods": [
"assume_role"
],
"issued_at": "2017-05-18T11:44:05.232000Z",
"expires_at": "2017-05-19T11:44:05.232000Z",
"user": {
"id": "93e12ecdad6f4abd84968741da...",
"name": "user A/agencytest",
"password_expires_at":"2016-11-06T15:32:17.000000",
"domain": {
"id": "ce925c42c25943bebba10ea64a...",
"name": "domain A"
}
},
"domain": {
"id": "ce925c42c25943bebba10ea64a...",
"name": "domain A"
},
"roles": [
{
"id": "c11c61319f08404eaf94f8030b9...",
"name": "role1"
},
{
"id": "d52dde35ijg62fex2ijhdc785sc3...",
"name": "role2"
},
{
"id": "d862dwd32dwhu854rdcs447ed1d7..."
"name": "op_gated_tasssg6"
}
],
"assumed_by": {
"user": {
"domain": {
"name": "domain B",
"id": "c1a78a82d81c4a19b03bfe82d3ad..."
},
"id": "cdeb158dda854cc3bab77d8926ff...",
"name": "User B"
}
}
}
}</pre>
</li></ul>
<div class="section" id="en-us_topic_0064274720__sbfe93ca4c2b9427dbb2218a4e72da6a8"><h4 class="sectiontitle">Status Codes</h4>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="en-us_topic_0064274720__en-us_topic_0026585112_table34550710" frame="border" border="1" rules="all"><thead align="left"><tr id="en-us_topic_0064274720__en-us_topic_0026585112_row8352109"><th align="left" class="cellrowborder" valign="top" width="50.029999999999994%" id="mcps1.3.7.2.1.3.1.1"><p id="en-us_topic_0064274720__en-us_topic_0026585112_p5432205">Status Code</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="49.97%" id="mcps1.3.7.2.1.3.1.2"><p id="en-us_topic_0064274720__en-us_topic_0026585112_p37355470">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="en-us_topic_0064274720__en-us_topic_0026585112_row5894231"><td class="cellrowborder" valign="top" width="50.029999999999994%" headers="mcps1.3.7.2.1.3.1.1 "><p id="en-us_topic_0064274720__en-us_topic_0026585112_p7670737">201</p>
</td>
<td class="cellrowborder" valign="top" width="49.97%" headers="mcps1.3.7.2.1.3.1.2 "><p id="en-us_topic_0064274720__en-us_topic_0026585112_p17349988">The request is successful.</p>
</td>
</tr>
<tr id="en-us_topic_0064274720__en-us_topic_0026585112_row21932166"><td class="cellrowborder" valign="top" width="50.029999999999994%" headers="mcps1.3.7.2.1.3.1.1 "><p id="en-us_topic_0064274720__en-us_topic_0026585112_p31674992">400</p>
</td>
<td class="cellrowborder" valign="top" width="49.97%" headers="mcps1.3.7.2.1.3.1.2 "><p id="en-us_topic_0064274720__en-us_topic_0026585112_p15537542">The server failed to process the request.</p>
</td>
</tr>
<tr id="en-us_topic_0064274720__r22bf632ff3984ffbaa2734a029063cfb"><td class="cellrowborder" valign="top" width="50.029999999999994%" headers="mcps1.3.7.2.1.3.1.1 "><p id="en-us_topic_0064274720__en-us_topic_0026585112_p947606916650">401</p>
</td>
<td class="cellrowborder" valign="top" width="49.97%" headers="mcps1.3.7.2.1.3.1.2 "><p id="en-us_topic_0064274720__a3a62e2f9d6c84b4083dfb8b2ade8e14c">Authentication failed.</p>
</td>
</tr>
<tr id="en-us_topic_0064274720__r41d0d854619349f898c16f7c61792083"><td class="cellrowborder" valign="top" width="50.029999999999994%" headers="mcps1.3.7.2.1.3.1.1 "><p id="en-us_topic_0064274720__en-us_topic_0026585112_p762821816657">403</p>
</td>
<td class="cellrowborder" valign="top" width="49.97%" headers="mcps1.3.7.2.1.3.1.2 "><p id="en-us_topic_0064274720__a0261fc1955104ca3b1f0a46388724624">Access denied.</p>
</td>
</tr>
<tr id="en-us_topic_0064274720__rea66e1a745ee4e0882be6b9f5349ac4d"><td class="cellrowborder" valign="top" width="50.029999999999994%" headers="mcps1.3.7.2.1.3.1.1 "><p id="en-us_topic_0064274720__en-us_topic_0026585112_p486971841676">404</p>
</td>
<td class="cellrowborder" valign="top" width="49.97%" headers="mcps1.3.7.2.1.3.1.2 "><p id="en-us_topic_0064274720__en-us_topic_0026585112_p521578261676">The requested resource cannot be found.</p>
</td>
</tr>
<tr id="en-us_topic_0064274720__r230ba1b5ddec4cd0a41a5c37806e60f5"><td class="cellrowborder" valign="top" width="50.029999999999994%" headers="mcps1.3.7.2.1.3.1.1 "><p id="en-us_topic_0064274720__af8f4513c90d344e3b90952b53e3ee015">500</p>
</td>
<td class="cellrowborder" valign="top" width="49.97%" headers="mcps1.3.7.2.1.3.1.2 "><p id="en-us_topic_0064274720__a19c27fd6b377464898ec6cae5778ec80">Internal server error.</p>
</td>
</tr>
<tr id="en-us_topic_0064274720__en-us_topic_0026585112_row6824316711"><td class="cellrowborder" valign="top" width="50.029999999999994%" headers="mcps1.3.7.2.1.3.1.1 "><p id="en-us_topic_0064274720__en-us_topic_0026585112_p61418816711">503</p>
</td>
<td class="cellrowborder" valign="top" width="49.97%" headers="mcps1.3.7.2.1.3.1.2 "><p id="en-us_topic_0064274720__a4bc003bda05e465eb3a3f0f989888213">Service unavailable.</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="en-us_topic_0057845626.html">Token Management</a></div>
</div>
</div>
View Git Blame Copy Permalink