Default
Creates a new token. Certain options are only available when called by a root or sudo-capable token. If used with a role name in the path, the token will be created against the specified role name.
Custom client token ID (root only). Cannot contain "." or start with "s.".
Name of the token role.
Policies to assign to the token.
If true, creates an orphan token. Requires root or sudo.
false
If true, excludes the default policy.
false
Whether the token can be renewed.
true
Deprecated. Use ttl instead.
TTL (e.g., "1h").
Token type.
Explicit max TTL that cannot be exceeded.
Display name for the token.
token
Max number of uses. 0 means unlimited.
0
Periodic renewal interval. Requires root or sudo.
Entity alias to associate with (must be allowed in role).
POST /v1/auth/token/create HTTP/1.1
Host: localhost:8200
Content-Type: application/json
Accept: */*
Content-Length: 80
{
"policies": [
"web",
"stage"
],
"meta": {
"user": "armon"
},
"ttl": "1h",
"renewable": true
}
{
"request_id": "f00341c1-fad5-f6e6-13fd-235617f858a1",
"lease_id": "",
"renewable": false,
"lease_duration": 0,
"data": null,
"wrap_info": null,
"warnings": [
"Policy \"stage\" does not exist",
"Policy \"web\" does not exist"
],
"auth": {
"client_token": "s.wOrq9dO9kzOcuvB06CMviJhZ",
"accessor": "B6oixijqmeR4bsLOJH88Ska9",
"policies": [
"default",
"stage",
"web"
],
"token_policies": [
"default",
"stage",
"web"
],
"metadata": {
"user": "armon"
},
"lease_duration": 3600,
"renewable": true,
"entity_id": "",
"token_type": "service",
"orphan": false,
"num_uses": 0
}
}
The unique identifier for this MFA method.
GET /v1/identity/mfa/method/duo/{method_id} HTTP/1.1
Host: localhost:8200
Accept: */*
{
"method_id": "duo-primary",
"method": "duo",
"enabled": true,
"integration_key": "DIXXXXXXXXXXXXXXXXXX",
"api_hostname": "api-XXXXXXX.duosecurity.com",
"description": "Primary Duo MFA config for admins"
}
The unique identifier for this MFA method.
DELETE /v1/identity/mfa/method/duo/{method_id} HTTP/1.1
Host: localhost:8200
Accept: */*
No content
This operation retrieves the configuration details of the Duo MFA method identified by the name
parameter.
The name of the Duo MFA method configuration.
GET /v1/sys/mfa/method/duo/{name} HTTP/1.1
Host: localhost:8200
Accept: */*
{
"name": "duo",
"type": "duo",
"details": {
"integration_key": "integration_key_value",
"secret_key": "secret_key_value"
}
}
This operation modifies the configuration of the Duo MFA method identified by the name
parameter. It requires the user to provide the new configuration details in the request body.
The name of the Duo MFA method configuration.
POST /v1/sys/mfa/method/duo/{name} HTTP/1.1
Host: localhost:8200
Content-Type: application/json
Accept: */*
Content-Length: 109
{
"name": "duo",
"type": "duo",
"details": {
"integration_key": "new_integration_key",
"secret_key": "new_secret_key"
}
}
No content
This operation deletes the Duo MFA method configuration identified by the name
parameter.
The name of the Duo MFA method configuration.
DELETE /v1/sys/mfa/method/duo/{name} HTTP/1.1
Host: localhost:8200
Accept: */*
No content
Was this helpful?