NavigationContentFooter
Jump toSuggest an edit

How to create and manage an authentication token from the console

Reviewed on 23 July 2024Published on 14 October 2022

This page shows you how to create and manage an authentication token from the console.

Before you start

To complete the actions presented below, you must have:

  • A Scaleway account logged into the console
  • Owner status or IAM permissions allowing you to perform actions in the intended Organization
  • A functions namespace
  • A function

Creating authentication tokens from the console

  1. Click Functions in the Serverless section of the side menu. The Serverless Functions page displays.

  2. Click the relevant functions namespace to see a list of functions in this namespace.

  3. Click the name of the relevant function in the Functions tab. The function’s Code tab displays.

  4. Click the Security tab. The function’s security settings page displays.

  5. Set the privacy policy to private.

  6. Click Generate token. A pop-up displays.

  7. Enter the token description and set an expiration date for the token. Optionally, tick the box No expiration date, to have a token with unlimited validity. Then click Generate token.

  8. Copy the token from the pop-up and store it in a safe environment.

    Important

    The token key will only be available for copy once. Make sure to store it securely before leaving the page.

Using tokens

To use the token, you have to add the generated token to an X-Auth-Token header.

To execute a private function by providing a token using curl, run the following command:

curl -H "X-Auth-Token: <YOUR_FUNCTION_TOKEN>" <YOUR_FUNCTION_ENDPOINT>

A private function observes this behavior:

  • If a call is made without the X-Auth-Token header, the call is rejected (status code 403).
  • If a call is made with the X-Auth-Token header, the token is validated using a public key attached to the namespace.

Deleting tokens

Tokens will expire by default on their given expiry date. You can delete them manually if they are no longer needed.

  1. Click Functions in the Serverless section of the side menu. The Serverless Functions page displays.

  2. Click the relevant functions namespace to see a list of functions in this namespace.

  3. Click the name of the relevant function in the Functions tab. The function’s Code tab displays.

  4. Click the Security tab. A list of your functions settings displays.

  5. Click «Delete Icon» in the Tokens panel. A pop-up displays.

  6. Confirm by clicking Delete token to delete the token and revoke access to the function.

    Important

    This action is irreversible and this token will not be able to access your function anymore.

See also
How to add a custom domain name to a functionHow to secure a function
API DocsScaleway consoleDedibox consoleScaleway LearningScaleway.comPricingBlogCareers
© 2023-2024 – Scaleway