Default
Creates a new token. Certain options are only available when called by a root or sudo-capable token. If used with a role name in the path, the token will be created against the specified role name.
Custom client token ID (root only). Cannot contain "." or start with "s.".
Name of the token role.
Policies to assign to the token.
If true, creates an orphan token. Requires root or sudo.
false
If true, excludes the default policy.
false
Whether the token can be renewed.
true
Deprecated. Use ttl instead.
TTL (e.g., "1h").
Token type.
Explicit max TTL that cannot be exceeded.
Display name for the token.
token
Max number of uses. 0 means unlimited.
0
Periodic renewal interval. Requires root or sudo.
Entity alias to associate with (must be allowed in role).
Token created successfully
Bad Request – The input is malformed or missing required fields.
Forbidden – The requester's token lacks sufficient privileges
POST /v1/auth/token/create HTTP/1.1
Host: localhost:8200
Content-Type: application/json
Accept: */*
Content-Length: 80
{
"policies": [
"web",
"stage"
],
"meta": {
"user": "armon"
},
"ttl": "1h",
"renewable": true
}
{
"request_id": "f00341c1-fad5-f6e6-13fd-235617f858a1",
"lease_id": "",
"renewable": false,
"lease_duration": 0,
"data": null,
"wrap_info": null,
"warnings": [
"Policy \"stage\" does not exist",
"Policy \"web\" does not exist"
],
"auth": {
"client_token": "s.wOrq9dO9kzOcuvB06CMviJhZ",
"accessor": "B6oixijqmeR4bsLOJH88Ska9",
"policies": [
"default",
"stage",
"web"
],
"token_policies": [
"default",
"stage",
"web"
],
"metadata": {
"user": "armon"
},
"lease_duration": 3600,
"renewable": true,
"entity_id": "",
"token_type": "service",
"orphan": false,
"num_uses": 0
}
}
The unique identifier for this MFA method.
Successfully retrieved Duo MFA configuration
Bad Request – Invalid method ID format.
Forbidden – Access denied to this configuration.
Internal Server Error
GET /v1/identity/mfa/method/duo/{method_id} HTTP/1.1
Host: localhost:8200
Accept: */*
{
"method_id": "duo-primary",
"method": "duo",
"enabled": true,
"integration_key": "DIXXXXXXXXXXXXXXXXXX",
"api_hostname": "api-XXXXXXX.duosecurity.com",
"description": "Primary Duo MFA config for admins"
}
This operation retrieves the configuration details of the Duo MFA method identified by the name
parameter.
The name of the Duo MFA method configuration.
Successfully retrieved the Duo MFA method configuration.
The specified Duo MFA method configuration was not found.
Internal server error while retrieving the Duo MFA method configuration.
GET /v1/sys/mfa/method/duo/{name} HTTP/1.1
Host: localhost:8200
Accept: */*
{
"name": "duo",
"type": "duo",
"details": {
"integration_key": "integration_key_value",
"secret_key": "secret_key_value"
}
}
This operation modifies the configuration of the Duo MFA method identified by the name
parameter. It requires the user to provide the new configuration details in the request body.
The name of the Duo MFA method configuration.
Successfully updated the Duo MFA method configuration.
No content
Bad request. The provided configuration is invalid.
The specified Duo MFA method configuration was not found.
Internal server error while modifying the Duo MFA method configuration.
POST /v1/sys/mfa/method/duo/{name} HTTP/1.1
Host: localhost:8200
Content-Type: application/json
Accept: */*
Content-Length: 109
{
"name": "duo",
"type": "duo",
"details": {
"integration_key": "new_integration_key",
"secret_key": "new_secret_key"
}
}
No content
This operation deletes the Duo MFA method configuration identified by the name
parameter.
The name of the Duo MFA method configuration.
Successfully deleted the Duo MFA method configuration. The body is empty.
No content
Bad request. The name
parameter is invalid.
The specified Duo MFA method configuration was not found.
Internal server error while deleting the Duo MFA method configuration.
DELETE /v1/sys/mfa/method/duo/{name} HTTP/1.1
Host: localhost:8200
Accept: */*
No content
Was this helpful?