Description: Creates an authentication token for an existing (non-transient) user.
Since: 1.2
Security: Admin user required to create tokens for themselves and others (including tokens with an admin scope); other users can create tokens for themselves only
Usage:POST /api/v1/security/token
Request Headers: N/A
Consumes: application/x-www-form-urlencoded
cURL Example
$ curl -X POST -u user:password http://ARTIFACTORY_SERVER_HOSTNAME:8082/distribution/api/v1/security/token -d 'username=user' -d 'refreshable=true' -d 'scope=applied-permissions%2Fadmin' -d "expires_in=123"
Response status codes:
201 - Successfully created token
Response headers: N/A
Produces: application/json
Response
{ "access_token": "eyJ2ZXIiOiIyIiwidHlwIjoiSldUIiwiYWxnIjoiUlMyNTYiLCJraWQiOiJ6WWFWQjVFRlpkOXlpbWtCNkZTbDAtSWFhMHRPWldLX293c1BTVTNTZmdNIn0.eyJzdWIiOiJsZW5vbiIsInNjcCI6ImFwcGxpZWQtcGVybWlzc2lvbnNcL2FkbWluIiwiYXVkIjoiamZkc0AwMWNoMDV0ajRuM3NzODBzNm4zdjIzMDdiOSIsImlzcyI6ImpmZHNAMDFjaDA1dGo0bjNzczgwczZuM3YyMzA3YjkiLCJleHAiOjE1MzAwOTk2MTgsImlhdCI6MTUzMDA5OTQ5NSwianRpIjoiYTQzM2YwZDAtNTQ5OC00YjI5LWE5ODctZjI3MTNkYmMyOTdmIn0.E7csEhcHqsOJxz1jmhDVu_Ij51yQyxYifMXusexqZk78pi_7YHlJcY1iRg6VMthdv8_Db2CsaNzYdubCyTTt77OOTSVfqJdZsm_0AEz-paIj71lvgyJBFLZ2bjE253tMGLgweypUqqEsEH3J3FyfAaw4XXURlKT5inbwKklMu-DvPG5772ZS1Y6YPU8oOGc2dWg_BHUvjMTJ5vQAw0Ws5Ta2CJ0DF40JLQKcyN_JCgzQ2RCXr2C70JIF9Fa0OBaIKVT-DguSNGU83dnr-YF0XBsUcTDu5K-Jl5H3FMdb129awXe4_fLLdltMK8iAaRujsIDlvexdlezVal4nLRZcxA", "refresh_token": "f96bda0c-ab50-4b7e-96f1-be8bd20605a3", "expires_in": 123, "scope": "applied-permissions/admin", "token_type": "Bearer" }
Field | Type | Required | Default Value | Description |
---|---|---|---|---|
| String | no | client_credentials | The grant type used to authenticate the request. In this case, the only value supported is "client_credentials" which is also the default value if this parameter is not specified. |
| String | yes | The user name for which this token is created. Non-admin users can only create tokens for themselves so they must specify their own username. | |
| String | no | The scope to assign to the token provided as a space-separated list of scope tokens. Currently there are only one possible scope option: applied-permissions/admin | |
| Long | no | 0 | The time in seconds for which the token will be valid. To specify a token that never expires, set to zero. |
| Boolean | no | false | If true, this token is refreshable and the refresh token can be used to replace it with a new token once it expires. |