Sidebar navigationMain contentFooter
HomeServerlessContainersHow to
Create and manage an authentication token from the console
Jump toUpdate content

How to create and manage an authentication token from the console

Reviewed on 23 October 2023 • Published on 14 October 2022

This page shows you how to create and manage an authentication token from the console.

Security & Identity (IAM):

You may need certain IAM permissions to carry out some actions described on this page. This means:

  • you are the Owner of the Scaleway Organization in which the actions will be carried out, or
  • you are an IAM user of the Organization, with a policy granting you the necessary permission sets
Requirements:

Creating authentication tokens from the Scaleway console

  1. Click Containers in the Serverless section of the side menu. The Serverless Containers page displays.

  2. Click the relevant containers namespace to see a list of containers in this namespace.

  3. Click the name of the relevant container in the Containers tab. The container’s details display.

  4. Click the Containers Settings tab. A list of settings displays.

  5. Click Generate token in the Tokens panel. A pop-up displays.

  6. Enter the token description and set an expiration date for the token. Optionally, tick the box No expiration date, to have a token with unlimited validity. Then click Generate token.

  7. Copy the token from the pop-up and store it in a safe environment.

    Important:

    The token key will only be available for copy once. Make sure to store it securely before leaving the page.

Using tokens

To use your token, you have to add the generated token to a x-auth-token-header.

A private container observes this behavior:

  • If a call is made without the x-auth-token-header, the call is rejected (status code 403)
  • If the x-auth-token-header is provided, the token is validated using a public key attached to the namespace.

For example, to execute a private container by providing a JWT using curl, you may run the following command:

curl -H "X-AUTH-TOKEN: <generated-token>" <your-container-host>

Deleting tokens

Tokens will expire by default on their given expiry date. You can delete them manually if they are no longer needed.

  1. Click Containers in the Serverless section of the side menu. The Serverless Containers page displays.

  2. Click the relevant containers namespace to see a list of containers in this namespace.

  3. Click the name of the relevant container in the Containers tab. The container’s details display.

  4. Click the Security tab. A list of your containers settings displays.

  5. Click «Delete Icon» in the Tokens panel. A pop-up displays.

  6. Confirm by clicking Delete token to delete the token and to revoke access to the container.

    Important:

    This action is irreversible, and this token will not be able to access your container anymore.

See Also
How to modify container privacyHow to secure a container