Tokens
Tokens are short-lived, limited-scope values intended to be used in situations like a browser session or granting temporary access in service-to-service communication. Software lifecycle events like a user login often result in the issuing of a token only valid for the duration of that session. These tokens cannot be refreshed, meaning once it expires, it's gone forever. Your application is responsible for creating and issuing a new one if the session continues.
A token allows access to data operations only. They are unable to perform control plane operations like creating, deleting, or flushing a cache or creating other tokens.
A user with a fully privileged token will be able to perform the following actions:
- Add/edit/delete cache items in any namespace
- Increment counter values via the increment API in any namespace
- Publish and subscribe to any topic in any namespace
It is at the user's discretion to limit the access of a token based on your security requirements.
The token object
Attributes
Indicates whether the operation was successful.
The type of the response, indicating the result of the operation.
Allowed values: Success, ErrorAn auth token that can be used to authenticate further requests. Typically a JWT or similar token.
The endpoint URL that can be used for the returned token.
An object containing information about the expiration of the returned token.
{
"is_success": true,
"type": "Success",
"authToken": "eyJlbmRwb2ludCI6ImNlbGwtdXMt...",
"endpoint": "cell-us-east-1-1.prod.a.momentohq.com",
"expiresAt": {
"validUntil": 1724874811
}
}
Create a token
Use the GenerateDisposableToken function call to create a new token. This token has a max life of 1 hour and cannot be renewed.