Core
API v2.x
2

checkToken #

Checks the validity of an authentication token.


Query Syntax #

HTTP #

Copied to clipboard!
URL: http://kuzzle:7512/_checkToken
Method: POST
Body:
Copied to clipboard!
{
  "token": "<authentication token to check>"
}

Other protocols #

Copied to clipboard!
{
  "controller": "auth",
  "action": "checkToken",
  "body": {
    "token": "<authentication token to check>"
  }
}

Available since 2.16.8

When no token is provided the method returns information about the anonymous token (kuid is -1), instead of throwing an error.

Body properties #

  • token: the authentication token to be tested

Optional: #


Response #

The returned result contains the following properties:

  • expiresAt: token expiration timestamp. Present only if valid is true
  • state: the reason why a token is invalid. Present only if valid is false
  • kuid: identifier of the user linked to this token
    Available since 2.8.0
  • valid: a boolean telling whether the provided token is valid or not

Example:

Copied to clipboard!
{
  "status": 200,
  "error": null,
  "controller": "auth",
  "action": "checkToken",
  "requestId": "<unique request identifier>",
  "result": {
    "valid": true,
    "expiresAt": 1538557452248,
    "kuid": "5c6a775f-495c-472e-b29b-f6a4fa9f6a3e"
  }
}