TokenserviceTokenExchangeExchangeSpec

The TokenExchange.ExchangeSpec structure contains arguments required for token exchange.

Properties

string

actor_token Optional

A security token that represents the identity of the acting party. Typically, this will be the party that is authorized to use the requested security token and act on behalf of the subject. if not needed for specific case of exchange.

string

actor_token_type Optional

An identifier, that indicates the type of the security token in the TokenExchange.ExchangeSpec.actor-token parameter. if TokenExchange.ExchangeSpec.actor-token parameter is not present.

string

audience Optional

The logical name of the target service where the client intends to use the requested security token. This serves a purpose similar to the TokenExchange.ExchangeSpec.resource parameter, but with the client providing a logical name rather than a location. if can be inferred from other arguments or not needed for specific case of exchange.

string

grant_type Required

The value of “urn:ietf:params:oauth:grant-type:token-exchange” indicates that a token exchange is being performed.

string

requested_token_type Optional

An identifier for the type of the requested security token. If the requested type is unspecified, the issued token type is at the discretion of the server and may be dictated by knowledge of the requirements of the service or resource indicated by the TokenExchange.ExchangeSpec.resource or TokenExchange.ExchangeSpec.audience parameter. if can be inferred from other arguments or not needed for specific case of exchange.

string

resource Optional

Indicates the location of the target service or resource where the client intends to use the requested security token. if can be inferred from other arguments or not needed for specific case of exchange.

string

scope Optional

A list of space-delimited, case-sensitive strings, that allow the client to specify the desired scope of the requested security token in the context of the service or resource where the token will be used. if can be inferred from other arguments or not needed for specific case of exchange.

string

subject_token Required

A security token that represents the identity of the party on behalf of whom exchange is being made. Typically, the subject of this token will be the subject of the security token issued. Token is base64-encoded.

string

subject_token_type Required

An identifier, that indicates the type of the security token in the TokenExchange.ExchangeSpec.subject-token parameter.

JSON Example

Show optional properties

{
	"grant_type": "string",
	"subject_token": "string",
	"subject_token_type": "string"
}

{
	"actor_token": "string",
	"actor_token_type": "string",
	"audience": "string",
	"grant_type": "string",
	"requested_token_type": "string",
	"resource": "string",
	"scope": "string",
	"subject_token": "string",
	"subject_token_type": "string"
}

Vendor Extensions

This class contains the following vendor extensions defined in the spec:

x-vmw-doc-deprecated: "true"

TokenserviceTokenExchangeExchangeSpec

Properties

JSON Example

Vendor Extensions

Was this page helpful?