verify_token_authorization
Version: v2025-01-13 | Includes use: Yes |
---|
Behavior name: Auth Token 2.0 Verification
Verifies Auth 2.0 tokens.
Default behavior
These samples reflect the behavior's default settings. You can use these as is in your configurations or make adjustments based on the behavior's available options.
data "akamai_property_rules_builder" "verify_token_authorization" {
rules_v2025_02_18 {
name = "Auth Token 2.0 Verification"
comments = "Verifies Auth 2.0 tokens."
behavior {
verify_token_authorization {
use_Advanced = false
location = "COOKIE"
location_id = "__token__"
key = ""
failure_response = true
}
}
}
}
"behaviors": [
{
"name": "verifyTokenAuthorization",
"options": {
"useAdvanced": false,
"location": "COOKIE",
"locationId": "__token__",
"key": "",
"failureResponse": true
}
}
]
Options
Option | Description |
---|---|
use_advanced |
If enabled, allows you to specify advanced options.
|
location |
Specifies where to find the token in the incoming request. Value is one of:
|
location_id |
When
location is CLIENT_REQUEST_HEADER specifies the name of the incoming request's header where to find the token.
|
algorithm |
Specifies the algorithm that generates the token. It needs to match the method chosen in the token generation code. Value is one of:
|
escape_hmac_inputs |
URL-escapes HMAC inputs passed in as query parameters.
|
ignore_query_string |
Enabling this removes the query string from the URL used to form an encryption key.
|
key |
The shared secret used to validate tokens that matches the key used in the token generation code.
|
transition_key |
Specifies a transition key as a hex value.
|
salt |
Specifies a salt string for input when generating the token, which needs to match the salt value used in the token generation code.
|
failure_response |
When enabled, sends an HTTP error when an authentication test fails.
|
Updated about 1 hour ago