Create a proxy user token

Create a short-lived bearer token for a parent user on a child account, using the euuid of that child account. In the context of the API, a parent user on a child account is referred to as a "proxy user." When Akamai provisions your parent-child account environment, a proxy user is automatically set in the child account. It follows a specific naming convention:

<Parent account `company` name>_<SHA256 hash of parent `company` name and child account `euuid`>

Note. The variables above use only the first 15 and 16 characters of these values, respectively.

The token lets a parent account run API operations through the proxy user, as if they are a child user in the child account.

These points apply to the use of this operation:

  • To create a token, a parent account user needs the child_account_access grant. This lets them use the proxy user on the child account. You can run List a user's grants on a parent account user to check its child_account_access setting. To add this access, you can update the parent account user.

  • The created token inherits the permissions of the proxy user. It will never have less.

  • The API returns the raw token in the response. You can't get it again, so be sure to store it.

Example workflow:

  1. List child accounts and store the euuid for the applicable one.
  2. Run this operation and store the token that's created for the proxy user.
  3. As a parent account user with access to the proxy user in the child account, use this token to authenticate API operations, as if you were a child user.

linode-cli child-account create A1BC2DEF-34GH-567I-J890KLMN12O34P56


Click Try It! to start a request and see the response here!