verifyTokenAuthorization

Property Manager name: Auth Token 2.0 Verification
Behavior version: The v2025-10-16 rule format supports the verifyTokenAuthorization behavior v1.4.
Rule format status: GA, stable
Access: Read/Write
Allowed in includes: Yes

Verifies Auth 2.0 tokens.

Option	Type	Description	Requires
`useAdvanced`	boolean	If enabled, allows you to specify advanced options such as `algorithm`, `escapeHmacInputs`, `ignoreQueryString`, `transitionKey`, and `salt`.		{"displayType":"boolean","tag":"input","type":"checkbox"}
`location`	enum	Specifies where to find the token in the incoming request.		{"displayType":"enum","options":["COOKIE","QUERY_STRING","CLIENT_REQUEST_HEADER"],"tag":"select"}
		Supported values: CLIENT_REQUEST_HEADER COOKIE QUERY_STRING
`locationId`	string	When `location` is `CLIENT_REQUEST_HEADER`, specifies the name of the incoming request's header where to find the token.		{"displayType":"string","tag":"input","type":"text"}
`algorithm`	enum	Specifies the algorithm that generates the token. It needs to match the method chosen in the token generation code.	`useAdvanced` is `true`	{"displayType":"enum","options":["SHA256","SHA1","MD5"],"tag":"select"} {"if":{"attribute":"useAdvanced","op":"eq","value":true}}
		Supported values: MD5 SHA1 SHA256
`escapeHmacInputs`	boolean	URL-escapes HMAC inputs passed in as query parameters.	`useAdvanced` is `true`	{"displayType":"boolean","tag":"input","type":"checkbox"} {"if":{"attribute":"useAdvanced","op":"eq","value":true}}
`ignoreQueryString`	boolean	Enabling this removes the query string from the URL used to form an encryption key.	`useAdvanced` is `true`	{"displayType":"boolean","tag":"input","type":"checkbox"} {"if":{"attribute":"useAdvanced","op":"eq","value":true}}
`key`	object array	The shared secret used to validate tokens, which needs to match the key used in the token generation code.		{"displayType":"object array","tag":"input","todo":true}
`transitionKey`	object array	Specifies a transition key as a hex value.	`useAdvanced` is `true`	{"displayType":"object array","tag":"input","todo":true} {"if":{"attribute":"useAdvanced","op":"eq","value":true}}
`salt`	object array	Specifies a salt string for input when generating the token, which needs to match the salt value used in the token generation code.	`useAdvanced` is `true`	{"displayType":"object array","tag":"input","todo":true} {"if":{"attribute":"useAdvanced","op":"eq","value":true}}
`failureResponse`	boolean	When enabled, sends an HTTP error when an authentication test fails.		{"displayType":"boolean","tag":"input","type":"checkbox"}