Built-in service Token¶
Token service is for issuing a token to an authenticated user for its further use in services that authenticate using a token.
The service doesn’t require registration in deploy.json. The service provides the issuance of a token for an authorized user, if a user has the
use rights for the resource ``ws:::gen-ws-token``or has administrator rights.
A token of the form
e444c69894d2087696e0a6c6914788f67ebcf6ee is returned in response to the request. The default token lifetime is 100 years.
An example of the request through the Basic Auth type authentication
curl -u demo@local:ion-demo https://dnt.iondv.com/rest/token
** An example of a request with authentication through parameters in the header **
curl -H "auth-user: demo@local" -H "auth-pwd: ion-demo" -H "auth-user-type: local" https://dnt.iondv.com/rest/token
/Checking token service/# basicAuth authorization with admin rights /Checking token service/# authorization with admin rights using header parameters
Add the resource for generating tokens for the role using the command line
node bin/acl.js --role restGrp --p USE --res ws:::gen-ws-token (where restGrp is a name of existing group)
Another way to add rights to a resource is to use the administrator console of the ionadmin module, for example, at
- Select the “Security” navigation item
- Select the “Roles” navigation sub-item
- Select the existing role and click on “Edit” or “Create new role”.
- In the role field “Access rights”, select the “Services” tab
- Expand the list of rights for the resource “Generation of security tokens through web services (ws:::gen-ws-token)”
- Select “Use” and click “Save”