Authentication Tokens
A non-persistent login token is obtained from the access service by sending a POST request. This non-persistent login token can be used by all other services as an identity credential. The non-persistent login token is invalidated after a timeout period set by the user's session timeout property. The default is usually 15 minutes. A DELETE request can be used to logout and invalidate the non-persistent login token.
This non-persistent login token is equivalent to the previous authentication session ID. It is supported in both RESTful API version 2 and RESTful API version 1. It is specific to the cluster node on which the ID was created and is not synchronized between the cluster peers.
A user can also create persistent tokens to access RESTful API. Creating persistent tokens is only supported in RESTful API version 2 and later. Persistent tokens are synchronized between the cluster peers and thus can be created on one cluster node and used to communicate with the other cluster node. See RESTful API User Service.
Create Non-persistent Login Token
A POST request requests a new non-persistent login token. On success, an HTTP status of 201 is returned along with a JSON object that has a single property, access, that contains a list of available RESTful API services. An optional property, name, is available to set the token’s name.
Example Create Request:
POST /api/access/v2 HTTP/1.1
Host: zfs-storage.example.com:215
X-Auth-User: root
X-Auth-Key: password-xxxA successful request returns HTTP status 201 (Created), as well as a non-persistent login token through the X-Auth-Session HTTP header. The response body contains a list of services accessible via this login.
Response Header:
HTTP/1.1 201 Created
X-Auth-Session: puPnHZKgSrUmXqYzOwFCrGcLOGwPODj
X-Auth-Name: REST-YG02oRod
Content-Type: application/json
Content-Length: 378
X-Zfssa-Access-Api: 1.0
{
"access": {
"services":[{
...
}]
}
}