1

Say I generated an authentication token on rackspace, and use it for a session login.

Now, for security reason I want to invalidate/revoke that token before the expiry date manually, so that on each new session of the application I have a new token to be safe. Note: There is only one session at any given time.

I read the rackspace API docs. And it says that: the token's default lifespan is 24 hours. But that is too long. Can I set the expiration time manually?

The doc page at: http://docs.rackspace.com/cdns/api/v1.0/cdns-devguide/content/Authentication-d1e647.html says that: A token may be manually revoked before the time identified by the expires attribute. So I started searching more but no luck.

There was this question on setting the expiration time manually for the token https://community.rackspace.com/developers/f/7/t/669 and it say that there is no way to set it manually now.

I think revoking the token is possible currently, but I can't find any way for it, I just wanted to make sure I didn't miss something in the docs.

Anurag
  • 1,018
  • 1
  • 14
  • 36

1 Answers1

3

You should be able to revoke a token by sending a DELETE call to the identity endpoint: https://identity.api.rackspacecloud.com/v2.0/tokens/{tokenId}. It's documented in the identity service guide:

http://docs.rackspace.com/auth/api/v2.0/auth-client-devguide/content/DELETE_revokeToken_v2.0_tokens__tokenId__Token_Calls.html

Ash Wilson
  • 22,820
  • 3
  • 34
  • 45
  • Thanks for the help ASH. It was exactly what I needed and knew it must be there in the docs somewhere. – Anurag Jan 09 '15 at 12:25