TokenReview attempts to authenticate a token to a known user. Note: TokenReview requests may be cached by the webhook token authenticator plugin in the kube-apiserver.
object
spec
Property | Type | Description |
---|---|---|
|
|
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources |
|
|
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds |
|
||
|
|
TokenReviewSpec is a description of the token authentication request. |
|
|
TokenReviewStatus is the result of the token authentication request. |
TokenReviewSpec is a description of the token authentication request.
object
Property | Type | Description |
---|---|---|
|
|
Token is the opaque bearer token. |
TokenReviewStatus is the result of the token authentication request.
object
Property | Type | Description |
---|---|---|
|
|
Authenticated indicates that the token was associated with a known user. |
|
|
Error indicates that the token couldn’t be checked |
|
|
userInfo holds the information about the user needed to implement the user.Info interface. |
userInfo holds the information about the user needed to implement the user.Info interface.
object
Property | Type | Description |
---|---|---|
|
|
Any additional information provided by the authenticator. |
|
|
|
|
|
The names of groups this user is a part of. |
|
|
A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs. |
|
|
The name that uniquely identifies this user among all active users. |
Any additional information provided by the authenticator.
object
The following API endpoints are available:
/apis/authentication.k8s.io/v1/tokenreviews
POST
: create a TokenReview
Parameter | Type | Description |
---|---|---|
|
|
If 'true', then the output is pretty printed. |
POST
create a TokenReview
Parameter | Type | Description |
---|---|---|
|
HTTP code | Reponse body |
---|---|
200 - OK |
|
201 - Created |
|
202 - Accepted |
|
401 - Unauthorized |
Empty |