Red Hat Summit Red Hat SummitSupportoConsoleSviluppatoriInizia una provaContatti

Questo contenuto non è disponibile nella lingua selezionata.

Chapter 6. Authorizations

This chapter provides information on API resources to add, view, and manage authorization tokens. An authorization token is a secret value that is used to automatically log in to an OpenShift Enterprise account without entering login information each time. A token is also used to grant another user full or partial access to an account, determined by the scope of the token.
Authorization tokens are easily managed and offer better security because there is no need to repeatedly supply login credentials. For example, if a password is ever compromised, the password must be reset. If a secret authorization token is compromised, that token can be revoked and another one created.
The following table describes each parameter associated with an OpenShift authorization token.
Expand
Name Description
id Unique OpenShift login that created this authorization token.
scope Scope of the authorization token to determine type of access. Scopes that are supported by a server are described in the ADD_AUTHORIZATION resource link and may be different for each server.
note A reminder description of what the authorization is for.
expires_in Total time in seconds before this authorization expires. Out of range values will be set to the maximum allowed time.
expires_in_seconds Remaining time in seconds before this authorization expires.
reuse Attempt to locate and reuse an authorization that matches the scope and note and has not yet expired.
token Authorization string that contains user credentials.
The following table describes the available scope options that determine the type of access a user is granted with an authorization.
Expand
Name Description
session Grants a client the authority to perform all API actions against an account. Valid for one day.
read Access to the API is read-only, while authorization endpoints cannot be read.
userinfo Only read access to the /user API resource is provided.

6.1. Add an Authorization
Copia collegamento

Description

Add an authorization to the specified user account.

Method and URL Structure

Expand
Method URL Structure
POST /broker/rest/user/authorizations

Request Parameters

Expand
Name Description Required Default
scope Scope of the authorization No userinfo
note Reminder description of authorization No
expires_in Number of seconds before authorization expires No -1 [a]
reuse Attempt to locate and reuse an authorization matching scope and note and has not expired No false
[a] For invalid values, the default is determined by the server.

See Section A.2, “Authorizations” for more information about the valid options applicable to these request parameters.
Request

{
  "scope": "userinfo",
  "note": "This is my UPDATED note to myself",
  "expires_in": -1,
  "reuse": false
}
Copy to Clipboard Toggle word wrap

cURL Command Example

$ curl -X POST https://openshift.redhat.com/broker/rest/user/authorizations --user user@example.com:password --data-urlencode scope=userinfo --data-urlencode note=This is my UPDATED note to myself --data-urlencode expires_in=-1 --data-urlencode reuse=false
Copy to Clipboard Toggle word wrap

JSON Response

The related resource links returned by the API have been left out for brevity. See Chapter 6, Authorizations for more information on all authorization parameters. 

{
  "api_version": 1.6,
  "data": {
    "created_at": "2013-08-21T02:02:10Z",
    "expires_in": 2592000,
    "expires_in_seconds": 2592000,
    "id": "52141fa2e499b2229e00009b",
    "identity": "user@example.com",
    "note": "This is my UPDATED note to myself",
    "scopes": "userinfo",
    "token": "6c85ff7f619a964e260ee6def3fc5829128dbba3f8bc11a5d89178e0d6e7a163"
  },
  "messages": [
    {
      "exit_code": 0,
      "field": null,
      "severity": "info",
      "text": "Create authorization"
    }
  ],
  "status": "created",
  "supported_api_versions": [
    1.0,
    1.1,
    1.2,
    1.3,  
    1.4,
    1.5,
    1.6
  ],
  "type": "authorization",
  "version": "1.6"
}
Copy to Clipboard Toggle word wrap

Torna in cima
Red Hat logoGithubredditYoutubeTwitter

Formazione

Prova, acquista e vendi

Community

Informazioni sulla documentazione di Red Hat

Aiutiamo gli utenti Red Hat a innovarsi e raggiungere i propri obiettivi con i nostri prodotti e servizi grazie a contenuti di cui possono fidarsi. Esplora i nostri ultimi aggiornamenti.

Rendiamo l’open source più inclusivo

Red Hat si impegna a sostituire il linguaggio problematico nel codice, nella documentazione e nelle proprietà web. Per maggiori dettagli, visita il Blog di Red Hat.

Informazioni su Red Hat

Forniamo soluzioni consolidate che rendono più semplice per le aziende lavorare su piattaforme e ambienti diversi, dal datacenter centrale all'edge della rete.

Theme

© 2025 Red Hat