List
List subjects Refresh Tokens.
- TypeScript
- Python
import { cloudApi, serviceClients, Session } from "@yandex-cloud/nodejs-sdk";
const ListRefreshTokensRequest =
cloudApi.iam.refresh_token_service.ListRefreshTokensRequest;
(async () => {
const authToken = process.env["YC_OAUTH_TOKEN"];
const session = new Session({ oauthToken: authToken });
const client = session.client(serviceClients.RefreshTokenServiceClient);
const result = await client.list(
ListRefreshTokensRequest.fromPartial({
// subjectId: "subjectId",
// pageSize: 0,
// pageToken: "pageToken",
// filter: "filter"
})
);
console.log(result);
})();
import os
import grpc
import yandexcloud
from yandex.cloud.iam.v1.refresh_token_service_pb2 import ListRefreshTokensRequest
from yandex.cloud.iam.v1.refresh_token_service_pb2_grpc import RefreshTokenServiceStub
token = os.getenv("YC_OAUTH_TOKEN")
sdk = yandexcloud.SDK(token=token)
service = sdk.client(RefreshTokenServiceStub)
response = service.List(
ListRefreshTokensRequest(
# subject_id = "subjectId",
# page_size = 0,
# page_token = "pageToken",
# filter = "filter"
)
)
print(response)
ListRefreshTokensRequest
subjectId : string
pageSize : int64
The maximum number of results per page to return. If the number of available results is larger than page_size, the service returns a ListRefreshTokensResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Default value: 100.
pageToken : string
Page token. To get the next page of results, set page_token to the ListRefreshTokensResponse.next_page_token returned by a previous list request.
filter : string
A filter expression that filters refresh tokens listed in the response.
The expression must specify:
- The field name. Currently you can use filtering only on RefreshToken.client_instance_info, RefreshToken.client_id or RefreshToken.protection_level fields.
- The operator. An
=operator can be used for all fields. An 'IN' operator can be used for RefreshToken.protection_level. - The value. The value must be in double quotes (
"). Must be 3-63 characters long and match the regular expression[a-zA-Z][_-a-zA-Z0-9]{1,61}[a-z0-9]. Example of a filter:client_instance_info="clientInstanceInfo" AND protection_level IN ("INSECURE_KEY_DPOP", "SECURE_KEY_DPOP").
ListRefreshTokensResponse
refreshTokens : RefreshToken
List of Refresh Tokens
nextPageToken : string
This token allows you to get the next page of results for list requests. If the number of results is larger than ListRefreshTokensForSubjectRequest.page_size, use the next_page_token as the value for the ListRefreshTokensForSubjectRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results.
RefreshToken
ProtectionLevel
Protection level of the refresh token.
PROTECTION_LEVEL_UNSPECIFIEDProtection level of the refresh token.
NO_PROTECTIONRefresh token without DPOP
INSECURE_KEY_DPOPRefresh token with dpop. The dpop key is not a YubiKey PIV key with required pin/touch policy and attestation.
SECURE_KEY_DPOPRefresh token with dpop. The dpop key is a YubiKey PIV key with required pin/touch policy and attestation.
id : string
Refresh Token id.
clientInstanceInfo : string
Information about the app for which the Refresh Token was issued.
clientId : string
The OAuth client identifier for which the Refresh Token was issued.
subjectId : string
The subject identifier for whom the Refresh Token was issued.
createdAt : google.protobuf.Timestamp
Refresh token creation time.
expiresAt : google.protobuf.Timestamp
Refresh token expiration time.
lastUsedAt : google.protobuf.Timestamp
Timestamp for the last authentication using this Refresh Token.
protectionLevel : RefreshToken.ProtectionLevel
Protection level of the refresh token.
It shows whether DPOP was used to protect the Refresh Token and and the level of security of the storage used for the DPOP key.