openstack.identity.v3.token

openstack.identity.v3.token¶

The Token Class¶

The Token class inherits from Resource.

class openstack.identity.v3.token.Token(_synchronized=False, connection=None, **attrs)¶

The base resource

Parameters:

_synchronized (bool) – This is not intended to be used directly. See new() and existing().
connection (openstack.connection.Connection) – Reference to the Connection being used. Defaults to None to allow Resource objects to be used without an active Connection, such as in unit tests. Use of self._connection in Resource code should protect itself with a check for None.

resource_key = 'token'¶: Singular form of key for resource.

base_path = '/auth/tokens'¶: The base part of the URI for this resource.

allow_fetch = False¶: Allow get operation for this resource.

allow_delete = False¶: Allow delete operation for this resource.

allow_list = False¶: Allow list operation for this resource.

allow_head = False¶: Allow head operation for this resource.

subject_token¶: An authentication token. This is used rather than X-Auth-Token to allow users check or revoke a token other than their own.

audit_ids¶: A list of one or two audit IDs. An audit ID is a unique, randomly generated, URL-safe string that you can use to track a token. The first audit ID is the current audit ID for the token. The second audit ID is present for only re-scoped tokens and is the audit ID from the token before it was re-scoped. A re- scoped token is one that was exchanged for another token of the same or different scope. You can use these audit IDs to track the use of a token or chain of tokens across multiple requests and endpoints without exposing the token ID to non-privileged users.

catalog¶: The service catalog.

expires_at¶: The date and time when the token expires.

issued_at¶: The date and time when the token was issued.

methods¶: The authentication method.

user¶: The user that owns the token.

project¶: The project that the token is scoped to, if any.

domain¶: The domain that the token is scoped to, if any.

is_domain¶: Whether the project, if set, is acting as a domain.

system¶: The parts of the system the token is scoped to, if system-scoped.

roles¶: The roles associated with the user.

this page last updated: 2025-09-05 12:15:59

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.