Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Tokens

Access token API

search

Access token API

The access token API provides access token management capabilities. The token endpoints are only accessible with valid API client credentials. A web application can use these endpoints to list or delete active tokens for a specific user. For example, the web application can show the user a list of devices with authenticated sessions, and allow the user to revoke access for a device (by deleting the corresponding token).

List access tokens

Endpoint: GET /oauth/api/v1/users/{userId}/tokens

Parameter Description
userId User identifier

This endpoint requires basic authentication, using the API client credentials. If the user does not exist, or if the user has no valid access tokens, a 404 Not Found message is returned. If the user has one or more valid tokens, an array is returned with the following attributes.

Attribute Description
id UUID identifying the token.
client_name Name specified for the client that has access to the user's resources via this token.
device_name Name of the device that this token is granted to. It might be not present, because this attribute only contains a value if there is a dynamically registered client.
created_at Timestamp of the moment the access token was created.
scopes String array with scopes that were granted for this access token.
type The authentication method to be used with this access token.
refresh_token_issued Indicates whether a refresh token has been issued alongside the access token.
expired Indicates whether the access token has expired. Tokens without an issued refresh token are omitted from the response after they expire.

Example response

HTTP/1.1 200 OK
Content-Type: application/json;charset=UTF-8
Cache-Control: no-store
Pragma: no-cache

{
  "tokens": [
    {
      "id": "7d507b7e-6221-4f06-a75e-ef6e6f06d32b",
      "client_name": "Client X",
      "device_name": "my iPad",
      "created_at": 1381322054000,
      "scopes": [
        "email",
        "profile"
      ],
      "type":"DEFAULT",
      "refresh_token_issued": true,
      "expired": false
    },
    {
      "id": "1c05119e-21b2-4905-bc93-8f67790a16d6",
      "client_name": "Client Y",
      "created_at": 1381321302000,
      "scopes": [
        "email"
      ],
      "type":"FINGER_PRINT",
      "refresh_token_issued": true,
      "expired": false
    }
  ]
 }

Example error response

{
  "error": "No tokens found"
}

Delete or revoke access token

Endpoint: DELETE /oauth/api/v1/users/{userId}/tokens/{tokenId}

Parameter Description
userId Identifier of the user
tokenId Identifier of the access token

This endpoint requires basic authentication, using the API client credentials. This endpoint returns a 204 No Content message regardless of whether the user or token existed before deletion.

On this page