open-vault/website/source/docs/auth/token.html.md

---
layout: "docs"
page_title: "Token - Auth Methods"
sidebar_current: "docs-auth-token"
description: |-
  The token store auth method is used to authenticate using tokens.
---

# Token Auth Method

The `token` method is built-in and automatically available at `/auth/token`. It
allows users to authenticate using a token, as well to create new tokens, revoke
secrets by token, and more.

When any other auth method returns an identity, Vault core invokes the
token method to create a new unique token for that identity.

The token store can also be used to bypass any other auth method:
you can create tokens directly, as well as perform a variety of other
operations on tokens such as renewal and revocation.

Please see the [token concepts](/docs/concepts/tokens.html) page dedicated
to tokens.

## Authentication

### Via the CLI

```text
$ vault login token=<token>
```

### Via the API

The token is set directly as a header for the HTTP API. The name
of the header should be "X-Vault-Token" and the value should be the token.

## API

The Token auth method has a full HTTP API. Please see the
[Token auth method API](/api/auth/token/index.html) for more
details.
website: token auth help 2015-04-18 20:35:55 +00:00			`---`
			`layout: "docs"`
Standardize on "auth method" This removes all references I could find to: - credential provider - authentication backend - authentication provider - auth provider - auth backend in favor of the unified: - auth method 2017-09-13 01:48:52 +00:00			`page_title: "Token - Auth Methods"`
website: token auth help 2015-04-18 20:35:55 +00:00			`sidebar_current: "docs-auth-token"`
			`description: \|-`
Standardize on "auth method" This removes all references I could find to: - credential provider - authentication backend - authentication provider - auth provider - auth backend in favor of the unified: - auth method 2017-09-13 01:48:52 +00:00			`The token store auth method is used to authenticate using tokens.`
website: token auth help 2015-04-18 20:35:55 +00:00			`---`

Standardize on "auth method" This removes all references I could find to: - credential provider - authentication backend - authentication provider - auth provider - auth backend in favor of the unified: - auth method 2017-09-13 01:48:52 +00:00			`# Token Auth Method`
website: token auth help 2015-04-18 20:35:55 +00:00
Standardize on "auth method" This removes all references I could find to: - credential provider - authentication backend - authentication provider - auth provider - auth backend in favor of the unified: - auth method 2017-09-13 01:48:52 +00:00			The `token` method is built-in and automatically available at `/auth/token`. It
			`allows users to authenticate using a token, as well to create new tokens, revoke`
website: token auth help 2015-04-18 20:35:55 +00:00			`secrets by token, and more.`

Standardize on "auth method" This removes all references I could find to: - credential provider - authentication backend - authentication provider - auth provider - auth backend in favor of the unified: - auth method 2017-09-13 01:48:52 +00:00			`When any other auth method returns an identity, Vault core invokes the`
			`token method to create a new unique token for that identity.`
website: token auth help 2015-04-18 20:35:55 +00:00
Standardize on "auth method" This removes all references I could find to: - credential provider - authentication backend - authentication provider - auth provider - auth backend in favor of the unified: - auth method 2017-09-13 01:48:52 +00:00			`The token store can also be used to bypass any other auth method:`
website: token auth help 2015-04-18 20:35:55 +00:00			`you can create tokens directly, as well as perform a variety of other`
			`operations on tokens such as renewal and revocation.`

website: more auth 2015-04-18 20:45:50 +00:00			`Please see the [token concepts](/docs/concepts/tokens.html) page dedicated`
website: token auth help 2015-04-18 20:35:55 +00:00			`to tokens.`

			`## Authentication`

API Docs updates (#3101) 2017-08-08 16:28:17 +00:00			`### Via the CLI`
website: token auth help 2015-04-18 20:35:55 +00:00
Standardize on "auth method" This removes all references I could find to: - credential provider - authentication backend - authentication provider - auth provider - auth backend in favor of the unified: - auth method 2017-09-13 01:48:52 +00:00			```text
			`$ vault login token=<token>`
website: token auth help 2015-04-18 20:35:55 +00:00			```

API Docs updates (#3101) 2017-08-08 16:28:17 +00:00			`### Via the API`
website: token auth help 2015-04-18 20:35:55 +00:00
Update documentation around cookies 2015-09-03 14:36:59 +00:00			`The token is set directly as a header for the HTTP API. The name`
			`of the header should be "X-Vault-Token" and the value should be the token.`
website: token auth help 2015-04-18 20:35:55 +00:00
			`## API`

Standardize on "auth method" This removes all references I could find to: - credential provider - authentication backend - authentication provider - auth provider - auth backend in favor of the unified: - auth method 2017-09-13 01:48:52 +00:00			`The Token auth method has a full HTTP API. Please see the`
			`[Token auth method API](/api/auth/token/index.html) for more`
API Docs updates (#3101) 2017-08-08 16:28:17 +00:00			`details.`