Table of Contents
Audience
This document is meant for the maintainers of CMR and is considered DRAFT
Overview
Technical documentation of the types of tokens that pass thru CMR.
Tokens
Token | Source | Consumption | Example | Length | Tech Docs | Notes |
---|---|---|---|---|---|---|
Legacy | Legacy-Services | -H "Echo-Token: <token>" | AF14A97A-A916-B45A-B7C9-31BBB73ECB99 | 35? | To be replaced with "Heritage" tokens. | |
"EDL-" Prefixed | EDL | -H "ECHO-Token: <token>" -H "Authorization: Bearer <token>"? | EDL-<BASE 64 text 60 long> | 64 | Name coined by tcherry and may need to be rename, soon to be created by EDL | |
JWT | EDL | -H "ECHO-Token: <token>" -H "Authorization: Bearer <token>" | <Base64-Text>.<Base64-Text>.<Base64-Text> | Up to 2k | Not yet implemented by EDL | |
LaunchPad | idmax.nasa.gov | -H "Echo-Token: <token>" -H "Authorization: Bearer <token>" | something really long and ugly ; a SAML token | 4k | this | |
Client-ized Token | MMT | -H "Echo-Token: <token>:<client_id>" -H "Authorization: <token>:<client_id>" | MMT action | What is this? MMT remembers sending a client id |
Notes
- The "Authorization: Bearer" flag is only for Launchpad or EDL(URS) tokens.
Questions
- Can all tokens be sent with Echo-Token and Authorization headers?
- Do other tokens need to be documented
- Why are Legacy tokens shorter then 64 now?
- What is an example Heritage token?
Token Usage
curl -H "Echo-Token: AF14A97A-A916-B45A-B7C9-31BBB73ECB99" https://cmr.sit.earthdata.nasa.gov/search/collections/
Code
legacy-services
cmr.common-app.api.launchpad-token-validation/launchpad_token_validation.clj
Overview
Content Tools