| Method | URI | Description |
|---|---|---|
| GET | /v2.0/tokens/{tokenId}{?belongsTo} | Validates a token and confirms that it belongs to a specified tenant. |
Returns the
permissions relevant to a particular client. Valid
tokens are in the /tokens/{tokenId} path.
A user should expect an itemNotFound
(404) fault for an token that is not
valid.
Normal response codes: 200, 203
Error response codes: identityFault (400, 500, …), badRequest (400), unauthorized (401), forbidden (403), badMethod (405), overLimit (413), serviceUnavailable (503), itemNotFound (404)
This table shows the URI parameters for the validate token request:
| Name | Type | Description |
|---|---|---|
| UUID | Required. The token ID. |
This operation does not require a request body.
Example 3.5. Validate token: JSON response
{
"access":{
"token":{
"id":"ab48a9efdfedb23ty3494",
"expires":"2010-11-01T03:32:15-05:00",
"tenant":{
"id":"345",
"name":"My Project"
}
},
"user":{
"id":"123",
"name":"jqsmith",
"roles":[
{
"id":"234",
"name":"compute:admin"
},
{
"id":"234",
"name":"object-store:admin",
"tenantId":"1"
}
],
"roles_links":[
]
}
}
}Example 3.6. Validate token: XML response
<?xml version="1.0" encoding="UTF-8"?>
<access xmlns="http://docs.openstack.org/identity/api/v2.0">
<token id="ab48a9efdfedb23ty3494" expires="2010-11-01T03:32:15-05:00">
<tenant id="456" name="My Project" />
</token>
<user id="123" username="jqsmith">
<roles>
<role id="123" name="Admin" tenantId="one" />
<role id="234" name="object-store:admin" tenantId="1" />
</roles>
</user>
</access>
