Configure Tokens
You must configure tokens for registering GigaVUE Fabric Components using Third Party Orchestration and registering UCT-V with GigaVUE-FM.
This feature verifies the identity of a user for accessing the GigaVUE‑FM REST APIs by generating tokens.
GigaVUE‑FM allows you to generate a token only if you are an authenticated user and based on your privileges in accessing the GigaVUE‑FM. You can copy the generated tokens from the GUI, which can be used to access the REST APIs. Token inherits the Role-Based Access (RBAC) privilege (read or write) of the user groups assigned to a particular user.
GigaVUE‑FM enables the generation of multiple tokens and associates them with the corresponding user groups. If you have GigaVUE‑FM Security Management privileges with write access, you can revoke other users' tokens but not view the created tokens.
Prerequisite
You must create user groups in GigaVUE-FM. For details, refer to
Rules and Notes
|
■
|
Authentication using a token is an additional mechanism to access GigaVUE‑FM REST APIs, and it does not replace the existing GigaVUE‑FM authentication mechanism. |
|
■
|
Only authenticated users can create tokens. |
|
■
|
The token expires or becomes invalid under the following circumstances: |
|
•
|
Based on the configured value for expiry: |
|
•
|
Maximum value: 105 days |
|
•
|
Deleting a related user group that exists as part of the token leads to deletion of the corresponding token. |
|
•
|
A password change for the user(local) deletes the corresponding token. |
|
•
|
A change in the authentication type deletes all the tokens. |
|
■
|
During the back up and restoration of GigaVUE‑FM, previously generated tokens are not available. |
|
■
|
In FMHA role changeover, active GigaVUE‑FM tokens are active. |
|
■
|
For basic authentication, activities such as creating, revoking, and reviewing of Token APIs are restricted. |
|
■
|
For expired or invalid tokens, you notice the error code 401 on GigaVUE‑FM REST API access. |
This section explains about the following:
Create Token
GigaVUE‑FM allows you to create a token or multiple tokens if required.
To create a token, follow these steps:
|
1.
|
Go to  , select Authentication > GigaVUE‑FM User Management. The User Management page appears. |
|
2.
|
In the User Management page, select Tokens. |
Note: If you are a user with write access, then you can view a drop- down list under Tokens. Select Current User Tokens to create a token.
|
4.
|
Enter a name for the new token in the Name field. |
|
5.
|
Enter the days until the token is valid in the Expiry field. |
|
6.
|
Select the user group for which you are privileged to access GigaVUE‑FM from the User Group drop-down list. |
|
7.
|
Select OK to generate a new token. |
The generated token appears on the Tokens page. You can copy and use the generated token to authenticate the GigaVUE‑FM REST APIs.
Copy and Paste a Token
-
Select the token that you want to copy.
-
Select Actions>Copy Token.
The token is copied.
-
Paste the copied token in the required areas.
Note: You cannot view the generated token. You can only copy and paste the generated token.
Revoke Tokens
You can revoke tokens that other users create.
Prerequisite: Write access in GigaVUE‑FM Security Management.
To revoke tokens,
|
1.
|
Go to , select Authentication > GigaVUE‑FM User Management. |
|
2.
|
In the User Management page, select Tokens. |
|
3.
|
From the drop-down, select Token Management. You can view the created tokens. |
|
4.
|
Select the token that you want to revoke. |
|
5.
|
Select Action> Revoke. |
Export Token
GigaVUE‑FM allows you to export selected or all the tokens in CSV and XLSX format.
|
■
|
To export a token, select the token, select the Export Selected drop-down list box, and then select the CSV or XLSX format as per requirement. |
|
■
|
To export all the tokens, select the token, select the Export All drop-down list box, and then select the CSV or XLSX format as per requirement. |
