IBM Cloud:API function 查找现有 IAM 访问令牌的帐户 ID?
[英]IBM Cloud: API function to find account ID for existing IAM access token?
问题描述
In my script I have an IBM Cloud IAM bearer token (access token).
在我的脚本中,我有一个 IBM Cloud IAM 持有者令牌(访问令牌)。 Some API functions require to pass in the account ID.一些 API 函数需要传入帐户 ID。 Which API functions would allow me to retrieve the related account ID?哪些 API 函数可以让我检索相关帐户 ID? I know that I could base64 decode the access token, but...我知道我可以 base64 解码访问令牌,但是......
2 个解决方案
解决方案1
0 2022-07-28 17:16:02
docs: https://cloud.ibm.com/apidocs/iam-identity-token-api?code=python#get-api-keys-details-permissions文档: https://cloud.ibm.com/apidocs/iam-identity-token-api?code=python#get-api-keys-details-permissions
Python: Python:
iam_identity_service.get_api_keys_details( iam_api_key=apikey ).get_result() iam_identity_service.get_api_keys_details(iam_api_key=apikey).get_result()
解决方案2
0 2022-07-29 05:17:08
There is an API function to retrieve the list of accounts and only needs a bearer token:有一个 API function 来检索帐户列表,只需要一个不记名令牌:
curl -X GET "https://accounts.cloud.ibm.com/v1/accounts"
-H "Authorization: $IBMCLOUD_TOKEN" -H 'Content-Type: application/json'
The API can be seen in use with trace enabled during login using the CLI.可以看到 API 正在使用中,并在使用 CLI 登录期间启用了跟踪。 The service is described as Account Management Service in the CLI docs .该服务在 CLI 文档中被描述为 Account Management Service 。
I resorted to just decoding the bearer token:我只好解码承载令牌:
# use split and base64 to get to the content of the IAM token
def extractAccount(iam_token):
data = iam_token.split('.')
padded = data[1] + "="*divmod(len(data[1]),4)[1]
jsondata = json.loads(base64.urlsafe_b64decode(padded))
return jsondata
The account ID can then be retrieved by accessing the related field in the token payload:然后可以通过访问令牌有效负载中的相关字段来检索帐户 ID:
token_data=extractAccount(iam_token)
account_id=token_data["account"]["bss"]
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.