Versions Compared

Old Version 6

changes.mady.by.user Kyle Miller

Saved on

compared with

New Version 7

changes.mady.by.user Kyle Miller

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Perform a GET on the token path using an existing authentication token or using HTTP basic authentication to validate the request in order to list your active authentication tokens.

...

Code Block
languagexml
DELETE http://{domain}/.TOKEN/b71805b6c862860bfed892c653cbc4b5 
Auth: superuser@admindomain.example.com:superpassword

HTTP/1.1 200 OK 
Gateway-Request-Id: 4628361DE8318726
Content-Length: 0

Notice that the token administrator lists tokens the same way any user does and is able to specify an arbitrary user with the x-owner-meta query argument. The delete operation is the same pattern whether performed by the user or the token administrator.

Info

Best practice

Use the token administrator's credentials when accessing or deleting tokens for other users so that the audit log reflects that the token administrator performed the operations.

...