Onedata API Reference

REST API references for Onezone, Oneprovider, and Onepanel.

Version:

Onezone REST API Oneprovider REST API Onepanel REST API

Version:

Verify an identity token

POST /tokens/verify_identity_token

Verifies an identity token provided in serialized form. Identity token is a token that carries proof of identity, but does not carry authorization to perform any operations in the system. Upon success, returns the token's subject.

Optionally, contextual information that may be required to verify token caveats can be provided in the request body: IP address of the token bearer, consumer's identity token and the interface to which the token bearer has connected.

If the token cannot be positively verified, HTTP code 4xx is returned with an error describing the reason of failure.

This operation has public access.

Example cURL requests

Verify an identity token

curl -d '{"token": "MDAxNmxvY2F00aW9uIHZ2...", "peerIp": "38.190.241.12"}' \
-H 'Content-type: application/json' \
https://$HOST/api/v3/onezone/tokens/verify_identity_token

Request body

application/json

The token to be verified and optionally peer's IP address.

Property	Type & Description
token string (SerializedToken) The token in serialized form.
peerIp string The IP address of the token bearer.
consumerToken string (SerializedToken) Identity token of the consumer that wishes to use the token being verified.
interface string The interface to which the token bearer has connected as seen by the verifying party. Enum: restoneclientgraphsync

Request Examples

application/json

{
  "token": "MDAxNmxvY2F00aW9uIHJlZ2lzdHJ5CjAwM2JpZGVudGlmaW",
  "peerIp": "38.190.241.12",
  "consumerToken": "MDAzYmlkZW50aWZpZXIgOEhmSEFSSGdrbHFCa1pWSTRsNk5",
  "interface": "rest"
}

Responses

application/json

200

Successful token verification result.

Property

Type & Description

subject

object (TokenPropertySubject)

The subject of the token - the user or Oneprovider in whose name the token was issued. The bearer (consumer) of the token adopts the subject's identity when accessing services with that token.

type string Type of the subject Enum: useroneprovider
id string Id of the subject

ttl

integer

Token's TTL in seconds (or null if infinite)

Example

application/json

{
  "subject": {
    "type": "user",
    "id": "1b510f18b3b05611871c0acdffa9aed4"
  },
  "ttl": 3600
}

400

Invalid request.

Property

Type & Description

error

object

Object describing an error.

id required string String identifying the error type. Does not change between error instances.
description required string Human readable error description. May contain information specific to given error instance.
details object Details about the error instance. The object schema is specific to each error type.

Example

application/json

{
  "error": {
    "id": "badValueString",
    "details": {
      "key": "name"
    },
    "description": "Bad value: provided \"name\" must be a string."
  }
}

401

Authentication error.

Property

Type & Description

error

object

Object describing an error.

id required string String identifying the error type. Does not change between error instances.
description required string Human readable error description. May contain information specific to given error instance.
details object Details about the error instance. The object schema is specific to each error type.

Example

application/json

{
  "error": {
    "id": "badValueString",
    "details": {
      "key": "name"
    },
    "description": "Bad value: provided \"name\" must be a string."
  }
}

403

Authorization error.

Property

Type & Description

error

object

Object describing an error.

id required string String identifying the error type. Does not change between error instances.
description required string Human readable error description. May contain information specific to given error instance.
details object Details about the error instance. The object schema is specific to each error type.

Example

application/json

{
  "error": {
    "id": "badValueString",
    "details": {
      "key": "name"
    },
    "description": "Bad value: provided \"name\" must be a string."
  }
}

404

Resource not found.

Property

Type & Description

error

object

Object describing an error.

id required string String identifying the error type. Does not change between error instances.
description required string Human readable error description. May contain information specific to given error instance.
details object Details about the error instance. The object schema is specific to each error type.

Example

application/json

{
  "error": {
    "id": "badValueString",
    "details": {
      "key": "name"
    },
    "description": "Bad value: provided \"name\" must be a string."
  }
}

500

Internal server Error.

Property

Type & Description

error

object

Object describing an error.

id required string String identifying the error type. Does not change between error instances.
description required string Human readable error description. May contain information specific to given error instance.
details object Details about the error instance. The object schema is specific to each error type.

Example

application/json

{
  "error": {
    "id": "badValueString",
    "details": {
      "key": "name"
    },
    "description": "Bad value: provided \"name\" must be a string."
  }
}