Description: Returns the token information by token ID.
Since: 7.21.1
Security: Requires a valid token.
Usage: GET /access/api/v1/tokens/my-id-is-here
GET /access/api/v1/tokens/me
Note
From Artifactory release 7.53.1, you can also use this API not only with the token-id but also with me to indicate the currently used token.
From Artifactory Self-Hosted release 7.68, returns token details without validating that the audience field is compatible.
Produces: application/json
{
"token_id": "<id>",
"subject": "<subject>",
"expiry": <epoch-in-secs>, // optional
"issued_at": <epoch-in-secs>,
"issuer": "<issuer>",
"description": "<description>", // optional
"refreshable": <true|false>,
"last_used": <epoch-in-secs> // optional
}Note
An Admin user can get any token.
A non-admin user can get only the a token where the subject matches the username.
Note
The last_used parameter is supported for Artifactory versions 7.108.3 and above. To use it, you need to configure the following system properties:
access_token_last_used_enabled: Trueaccess_token_last_used_threshold: 900
Limitations
When using the last_used parameter, note that it has the following limitations:
The returned value might not be precise, and might not include changes from the last 2 hours, due to the verify flow cache or to the
last_used_thresholdparameter which controls the frequency of updates.last_usedis not supported for:Environments using Circle of Trust without Federation configured
Short-lived tokens: with an expiry value of less than 6 hours
Service, internal, or session tokens: only identity tokens are supported
Propagation of
last_usedtimestamp to federated JPDs
Errors:
401- unauthenticated
403- the authenticated principal has no permissions to get the token
404- not found