public interface TokenAuth
Token authentication method API.
  • Field Details

  • Method Details

    • createToken

      default CreateToken.Response createToken()
      Create a new child token with default configuration.
      Returns:
      a new token
    • createOrphan

      default CreateToken.Response createOrphan()
      Create a new orphan token with default configuration.
      Returns:
      a new token
    • createToken

      Create a new token with customized configuration.
      Parameters:
      request - token request
      Returns:
      a new token
    • renew

      Renews a lease associated with a token. This is used to prevent the expiration of a token, and the automatic revocation of it. Token renewal is possible only if there is a lease associated with it.
      Parameters:
      request - with token to renew
      Returns:
      a new token
    • revoke

      Revokes a token and all child tokens. When the token is revoked, all dynamic secrets generated with it are also revoked.
      Parameters:
      request - with token to revoke
      Returns:
      when revocation finishes
    • createTokenRole

      Creates (or replaces) the named role. Roles enforce specific behavior when creating tokens that allow token functionality that is otherwise not available or would require sudo/root privileges to access. Role parameters, when set, override any provided options to the create endpoints. The role name is also included in the token path, allowing all tokens created against a role to be revoked using the /sys/leases/revoke-prefix endpoint.
      Parameters:
      request - token role request
      Returns:
      when creation finishes
    • deleteTokenRole

      Delete a named token role.
      Parameters:
      request - with name of the role
      Returns:
      when deleted
    • revokeAndOrphan

      Revokes a token and orphans all child tokens. When the token is revoked, all dynamic secrets generated with it are also revoked. This is a root protected endpoint.
      Parameters:
      request - with token to revoke
      Returns:
      when revocation finishes