Description

TokenReview attempts to authenticate a token to a known user. Note: TokenReview requests may be cached by the webhook token authenticator plugin in the kube-apiserver.

Object Schema

Expand or mouse-over a field for more information about it.

apiVersion:
kind:
metadata:
annotations:
[string]:
clusterName:
creationTimestamp:
deletionGracePeriodSeconds:
deletionTimestamp:
finalizers:
- [string]:
generateName:
generation:
initializers:
pending:
- name:
result:
apiVersion:
code:
details:
causes:
- field:
message:
reason:
group:
kind:
name:
retryAfterSeconds:
uid:
kind:
message:
metadata:
continue:
resourceVersion:
selfLink:
reason:
status:
labels:
[string]:
name:
namespace:
ownerReferences:
- apiVersion:
blockOwnerDeletion:
controller:
kind:
name:
uid:
resourceVersion:
selfLink:
uid:
spec:
token:
status:
authenticated:
error:
user:
extra:
[string]:
groups:
- [string]:
uid:
username:

Operations

Create a TokenReview

Create a TokenReview

HTTP request

POST /apis/authentication.k8s.io/v1beta1/tokenreviews HTTP/1.1
Authorization: Bearer $TOKEN
Accept: application/json
Connection: close
Content-Type: application/json'

{
  "kind": "TokenReview",
  "apiVersion": "authentication.k8s.io/v1beta1",
  ...
}

Curl request

$ curl -k \
    -X POST \
    -d @- \
    -H "Authorization: Bearer $TOKEN" \
    -H 'Accept: application/json' \
    -H 'Content-Type: application/json' \
    https://$ENDPOINT/apis/authentication.k8s.io/v1beta1/tokenreviews <<'EOF'
{
  "kind": "TokenReview",
  "apiVersion": "authentication.k8s.io/v1beta1",
  ...
}
EOF

HTTP body

Parameter Schema

body

v1beta1.TokenReview

Query parameters

Parameter Description

pretty

If 'true', then the output is pretty printed.

Responses

HTTP Code Schema

200 OK

v1beta1.TokenReview

201 Created

v1beta1.TokenReview

202 Accepted

v1beta1.TokenReview

401 Unauthorized

Consumes

  • */*

Produces

  • application/json

  • application/yaml

  • application/vnd.kubernetes.protobuf