NVIDIA Run:ai

Tokens

Use tokens to facilitate authentication to the NVIDIA Run:ai API. The API server must be configured to use the NVIDIA Run:ai identity service to validate authentication tokens.

Create an access token v1

Create tokens using the grant_type parameter.

SecuritybearerAuth
Request
Request Body schema: application/json
grantType
any (TokenRequestGrantTypeEnum)
Enum: "app_token" "client_credentials" "refresh_token" "exchange_token" "password" "external_token_exchange"
appID
string
Deprecated
appSecret
string
Deprecated
code
string
redirectUri
string
refreshToken
string
username
string
password
string
clientID
string
clientSecret
string
externalToken
string
Responses
200

Executed successfully.

400

Bad request.

500

unexpected error

503

unexpected error

post/api/v1/token
Request samples
application/json

Obtain the clientID and the clientSecret using service accounts or access keys endpoints

{
  • "grantType": "client_credentials",
  • "clientID": "clientID",
  • "clientSecret": "clientSecret"
}
Response samples
application/json
{
  • "accessToken": "string",
  • "idToken": "string",
  • "refreshToken": "string",
  • "expiresIn": 0
}

Create an access token v2

Use this endpoint to obtain an access token. Compliant with standard OAuth2 protocol and supports the common OAuth2 grant types.

SecuritybearerAuth
Request
Request Body schema: application/x-www-form-urlencoded
required
grant_type
required
string

The OAuth2 grant type that determines how the token will be issued.

Enum: "authorization_code" "client_credentials" "password" "refresh_token"
client_id
string

OAuth2 client identifier

client_secret
string <password>

OAuth2 client secret

username
string

Resource owner username (for password grant)

password
string <password>

The password of the resource owner. Required only when using the password grant type.

refresh_token
string

The refresh token used to obtain a new access token. Required only when using the refresh_token grant type.

code
string

Authorization code issued by the authorization server. Used in the authorization_code grant to exchange the code for an access token.

redirect_uri
string

The redirect URI used during the authorization request. Required for the authorization_code grant to validate the redirect destination.

Responses
200

Successfully issued token

400

Invalid request

401

Client authentication failed

500

unexpected error

503

unexpected error

post/api/v2/token
Request samples
application/x-www-form-urlencoded
grant_type=authorization_code&code=authorization_code_value&redirect_uri=https%3A%2F%2Fexample.com%2Fcallback&client_id=my-client-id
Response samples
application/json
{
  • "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...",
  • "token_type": "Bearer",
  • "expires_in": 3600,
  • "refresh_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...",
  • "id_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9..."
}

get application tokenDeprecated

Retrieve access token for an application. The application token is retrieved from the authorization server. This endpoint is deprecated. Use /api/v1/token with the grantType parameter set to app_token instead, with AppID and appSecret set accordingly to get an application token

SecuritybearerAuth
Request
Request Body schema: application/json
id
required
string
name
required
string
secret
required
string
Responses
200

Executed successfully.

400

Bad request.

500

unexpected error

503

unexpected error

post/v1/k8s/auth/oauth/apptoken
Request samples
application/json
{
  • "id": "string",
  • "name": "string",
  • "secret": "string"
}
Response samples
application/json
{
  • "access_token": "string",
  • "id_token": "string"
}
➔ Next to Users