Authentication
Authentication and token management operations
Validates and shows information for a token, including its expiration date and authorization scope
Authentication token obtained from the authentication service
Excludes the service catalog from the response
Allow fetching a token that has expired
A valid authentication token
The authentication token to validate
Token validation successful
Some content in the request was invalid
User must authenticate before making a request
Policy does not allow current user to do this operation
The requested resource could not be found
GET /v3/auth/tokens HTTP/1.1
Host: identity.example.com
X-Auth-Token: text
X-Subject-Token: text
Accept: */*
{
"token": {
"methods": [
"text"
],
"user": {
"id": "text",
"name": "text",
"description": "text",
"enabled": true,
"domain_id": "text",
"domain": {
"id": "text",
"name": "text",
"description": "text",
"enabled": true,
"links": {
"self": "text",
"previous": "text",
"next": "text"
},
"options": {}
},
"default_project_id": "text",
"email": "text",
"password_expires_at": "2025-11-28T20:22:21.668Z",
"options": {},
"links": {
"self": "text",
"previous": "text",
"next": "text"
}
},
"audit_ids": [
"text"
],
"expires_at": "2025-11-28T20:22:21.668Z",
"issued_at": "2025-11-28T20:22:21.668Z",
"project": {
"id": "text",
"name": "text",
"description": "text",
"enabled": true,
"domain_id": "text",
"domain": {
"id": "text",
"name": "text",
"description": "text",
"enabled": true,
"links": {
"self": "text",
"previous": "text",
"next": "text"
},
"options": {}
},
"parent_id": "text",
"is_domain": true,
"tags": [
"text"
],
"options": {},
"links": {
"self": "text",
"previous": "text",
"next": "text"
}
},
"domain": {
"id": "text",
"name": "text",
"description": "text",
"enabled": true,
"links": {
"self": "text",
"previous": "text",
"next": "text"
},
"options": {}
},
"system": {
"all": true
},
"roles": [
{
"id": "text",
"name": "text",
"description": "text",
"domain_id": "text",
"options": {},
"links": {
"self": "text",
"previous": "text",
"next": "text"
}
}
],
"catalog": [
{
"id": "text",
"type": "text",
"name": "text",
"endpoints": [
{
"id": "text",
"interface": "public",
"region": "text",
"region_id": "text",
"url": "text"
}
]
}
],
"is_domain": true,
"application_credential": {
"id": "text",
"name": "text",
"restricted": true
}
}
}Authenticates an identity and generates a token. Uses various authentication methods including password, token, and multi-factor authentication.
Authentication token obtained from the authentication service
Excludes the service catalog from the authentication response
Token created successfully
Some content in the request was invalid
Authentication failed or partial authentication (MFA)
Policy does not allow current user to do this operation
The requested resource could not be found
POST /v3/auth/tokens HTTP/1.1
Host: identity.example.com
X-Auth-Token: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 194
{
"auth": {
"identity": {
"methods": [
"password"
],
"password": {
"user": {
"id": "ee4dfb6e5540447cb3741905149d9b6e",
"password": "devstacker"
}
}
},
"scope": {
"project": {
"id": "a6944d763bf64ee6a275f1263fae0352"
}
}
}
}{
"token": {
"methods": [
"text"
],
"user": {
"id": "text",
"name": "text",
"description": "text",
"enabled": true,
"domain_id": "text",
"domain": {
"id": "text",
"name": "text",
"description": "text",
"enabled": true,
"links": {
"self": "text",
"previous": "text",
"next": "text"
},
"options": {}
},
"default_project_id": "text",
"email": "text",
"password_expires_at": "2025-11-28T20:22:21.668Z",
"options": {},
"links": {
"self": "text",
"previous": "text",
"next": "text"
}
},
"audit_ids": [
"text"
],
"expires_at": "2025-11-28T20:22:21.668Z",
"issued_at": "2025-11-28T20:22:21.668Z",
"project": {
"id": "text",
"name": "text",
"description": "text",
"enabled": true,
"domain_id": "text",
"domain": {
"id": "text",
"name": "text",
"description": "text",
"enabled": true,
"links": {
"self": "text",
"previous": "text",
"next": "text"
},
"options": {}
},
"parent_id": "text",
"is_domain": true,
"tags": [
"text"
],
"options": {},
"links": {
"self": "text",
"previous": "text",
"next": "text"
}
},
"domain": {
"id": "text",
"name": "text",
"description": "text",
"enabled": true,
"links": {
"self": "text",
"previous": "text",
"next": "text"
},
"options": {}
},
"system": {
"all": true
},
"roles": [
{
"id": "text",
"name": "text",
"description": "text",
"domain_id": "text",
"options": {},
"links": {
"self": "text",
"previous": "text",
"next": "text"
}
}
],
"catalog": [
{
"id": "text",
"type": "text",
"name": "text",
"endpoints": [
{
"id": "text",
"interface": "public",
"region": "text",
"region_id": "text",
"url": "text"
}
]
}
],
"is_domain": true,
"application_credential": {
"id": "text",
"name": "text",
"restricted": true
}
}
}Revokes a token, making it immediately invalid
Authentication token obtained from the authentication service
A valid authentication token
The authentication token to validate
Token revoked successfully
Some content in the request was invalid
User must authenticate before making a request
Policy does not allow current user to do this operation
The requested resource could not be found
DELETE /v3/auth/tokens HTTP/1.1
Host: identity.example.com
X-Auth-Token: text
X-Subject-Token: text
Accept: */*
No content
Validates a token without returning a response body
Authentication token obtained from the authentication service
Allow fetching a token that has expired
A valid authentication token
The authentication token to validate
Token is valid
No content
Some content in the request was invalid
User must authenticate before making a request
Policy does not allow current user to do this operation
The requested resource could not be found
HEAD /v3/auth/tokens HTTP/1.1
Host: identity.example.com
X-Auth-Token: text
X-Subject-Token: text
Accept: */*
No content
Returns a service catalog for the provided token
Authentication token obtained from the authentication service
A valid authentication token
Service catalog retrieved successfully
Some content in the request was invalid
User must authenticate before making a request
Policy does not allow current user to do this operation
The requested resource could not be found
GET /v3/auth/catalog HTTP/1.1
Host: identity.example.com
X-Auth-Token: text
Accept: */*
{
"catalog": [
{
"id": "text",
"type": "text",
"name": "text",
"endpoints": [
{
"id": "text",
"interface": "public",
"region": "text",
"region_id": "text",
"url": "text"
}
]
}
],
"links": {
"self": "text",
"previous": "text",
"next": "text"
}
}Returns the list of projects that are available to be scoped to
Authentication token obtained from the authentication service
A valid authentication token
Projects listed successfully
Some content in the request was invalid
User must authenticate before making a request
Policy does not allow current user to do this operation
The requested resource could not be found
GET /v3/auth/projects HTTP/1.1
Host: identity.example.com
X-Auth-Token: text
Accept: */*
{
"projects": [
{
"id": "text",
"name": "text",
"description": "text",
"enabled": true,
"domain_id": "text",
"domain": {
"id": "text",
"name": "text",
"description": "text",
"enabled": true,
"links": {
"self": "text",
"previous": "text",
"next": "text"
},
"options": {}
},
"parent_id": "text",
"is_domain": true,
"tags": [
"text"
],
"options": {},
"links": {
"self": "text",
"previous": "text",
"next": "text"
}
}
],
"links": {
"self": "text",
"previous": "text",
"next": "text"
}
}Returns the list of domains that are available to be scoped to
Authentication token obtained from the authentication service
A valid authentication token
Domains listed successfully
Some content in the request was invalid
User must authenticate before making a request
Policy does not allow current user to do this operation
The requested resource could not be found
GET /v3/auth/domains HTTP/1.1
Host: identity.example.com
X-Auth-Token: text
Accept: */*
{
"domains": [
{
"id": "text",
"name": "text",
"description": "text",
"enabled": true,
"links": {
"self": "text",
"previous": "text",
"next": "text"
},
"options": {}
}
],
"links": {
"self": "text",
"previous": "text",
"next": "text"
}
}Returns the list of systems that are available to be scoped to
Authentication token obtained from the authentication service
A valid authentication token
Systems listed successfully
Some content in the request was invalid
User must authenticate before making a request
GET /v3/auth/system HTTP/1.1
Host: identity.example.com
X-Auth-Token: text
Accept: */*
{
"system": [
{
"all": true
}
],
"links": {
"self": "text",
"previous": "text",
"next": "text"
}
}Last updated
Was this helpful?