Authentication Token
authentication_token
The Authentication Token object represents standardized authentication tokens, tickets, or assertions that conform to established authentication protocols such as Kerberos, OIDC, and SAML. These tokens are issued by authentication servers and identity providers and carry protocol-specific metadata, lifecycle information, and security attributes defined by their respective specifications.
Attributes
| Caption | Name | Type | Description |
|---|---|---|---|
| Created Time | created_time |
Timestamp | The time that the authentication token was created. |
| Encryption Details | encryption_details |
Encryption Details[] | The encryption details of the authentication token. |
| Expiration Time | expiration_time |
Timestamp | The expiration time of the authentication token. |
| Renewable | is_renewable |
Boolean | Indicates whether the authentication token is renewable. |
| Kerberos Flags | kerberos_flags |
String | A bitmask, either in hexadecimal or decimal form, which encodes various attributes or permissions associated with a Kerberos ticket. These flags delineate specific characteristics of the ticket, such as its renewability or forwardability. |
| Raw Data | raw_data |
JSON |
Group:contextThe event data as received from the event source. |
| Record ID | record_id |
String |
Group:primaryUnique identifier for the object |
| Type | type |
String | The type of the authentication token. |
| Type ID | type_id |
Integer |
The normalized authentication token type identifier.
|
| Unmapped | unmapped |
Unmapped[] | Data from the source that was not mapped into the schema. |
Relationships
Inbound Relationships
These objects and events reference Authentication Token in their attributes:
Outbound Relationships
Authentication Token references the following objects and events in its attributes:
This page describes qdm-1.5.1+ocsf-1.6.0
Updated about 7 hours ago