token

The token operation handles configuration related to TokenPayloadUnion model. 

Data Parameters

Parameter Required Type Description
grant_type True string An enum value that indicates the type of request.
password - to obtain an access token and a refresh token using a username and password.
refresh_token - to get a new pair of access token and refresh token using a refresh token that was obtained in a previous request.
revoke_token - to revoke an existing access token.
custom_token - to obtain an access token and a refresh token using custom options. You must already have a password-granted token.
access_token False string For a custom or revoke_token grant_type, a valid password-granted access token. You cannot revoke a token using a custom access token.
desired_expires_in False integer For a custom grant_type, an integer representing the number of seconds for which the custom access token will be valid. In comparison, the password-granted tokens are valid for 1800 seconds (30 minutes). The maximum value is 31536000, which is equivalent to 365 days.
desired_refresh_expires_in False integer For a custom grant_type, an integer representing the number of seconds for which the custom refresh token will be valid. If you obtain a refresh token, ensure that this value is larger than the desired_expires_in value. In comparison, the password-granted refresh tokens are valid for 2400 seconds (40 minutes). The maximum value is 34128000, which is the equivalent of 395 days. This parameter is not required if you specify 0 for desired_refresh_count.
desired_subject False string For a custom grant_type, a name you give to the custom token.
desired_refresh_count False integer For a custom grant_type, the number of times you want to be able to refresh the token. Specify 0 if you do not want to get a refresh token. When you do not have a refresh token, you must obtain a new access token when the existing one expires.
refresh_token False string For a refresh_token grant_type, the refresh token from a password-granted or custom access token.
token_to_revoke False string For a revoke_token grant_type, a password-granted token or custom-granted token that you want to revoke. This can be the same token as access_token, so you can use a password-granted token to revoke itself. You must specify one, and only one, of token_to_revoke or custom_token_subject_to_revoke.
custom_token_id_to_revoke False string (Do not use.) This identifies custom acess token by its internal unique ID. However, there is no direct way for you to obtain this value. Use the other options instead.
custom_token_subject_to_revoke False string For a revoke_token grant_type when used to revoke a custom token, the desired_subject value for the custom access token that you want to revoke. You can specify one, and only one, of token_to_revoke or custom_token_subject_to_revoke when revoking a token.
username False string For a password grant_type request, the username of the user that is requesting the grant.
password False string For a password grant_type, the password for the user specified in username.

Example

- name: Execute 'token' operation
  ftd_configuration:
    operation: "token"
    data:
        grant_type: "{{ grant_type }}"
        access_token: "{{ access_token }}"
        desired_expires_in: "{{ desired_expires_in }}"
        desired_refresh_expires_in: "{{ desired_refresh_expires_in }}"
        desired_subject: "{{ desired_subject }}"
        desired_refresh_count: "{{ desired_refresh_count }}"
        refresh_token: "{{ refresh_token }}"
        token_to_revoke: "{{ token_to_revoke }}"
        custom_token_id_to_revoke: "{{ custom_token_id_to_revoke }}"
        custom_token_subject_to_revoke: "{{ custom_token_subject_to_revoke }}"
        username: "{{ username }}"
        password: "{{ password }}"