The Token Controller manages authentication tokens and implements OAuth2 token-related functionality in the Auth Server.
Reference
Request Code
Request a code which then must be exchanged for a token. The code is only very short-lived.
Request Token
This endpoint exchanges an authorization code for a short-lived access token. The response includes token type, user details, client ID, access token, and expiration time.
Example Response
{
"tokenType": "bearer",
"user": {
"customerId": 123,
"id": 123,
"adminLevel": 0,
"email": "jane.doe@admiralcloud.com"
},
"client": {
"id": "ae744902-efb2-448a-919d-18b27212aa86"
},
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
"accessTokenExpiresAt": "2024-02-22T14:45:23.090Z",
"accessTokenExpires": 1708609523
}Introspect
This endpoint provides token introspection following the OAuth2 specification. It checks token validity and returns active status, token type, expiration, and session information including user and customer details.
Check Signed Session
This endpoint validates signed session requests, verifying authentication metadata and returning client, user, and customer information for valid sessions.
You have to send the header “x-admiralcloud-authmeta” that contains the HTTP method and the path for the signed payload, e.g. “post:/v1/userTask”.
POST /v4/checkSignedSession