For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
GitHub
DocumentationREST API Reference
DocumentationREST API Reference
  • API Reference
      • GETRetrieve Tenant Identity Configuration for current Org
      • PUTCreate or Update Tenant Identity Configuration
      • DELDelete Tenant Identity Configuration
      • GETRetrieve Token Delegation for current Org
      • PUTCreate or Update Token Delegation
      • DELDelete Token Delegation
      • GETRetrieve OIDC JWKS for current Org
      • GETRetrieve OpenID Configuration for current Org
      • GETRetrieve SPIFFE JWKS for current Org
GitHub
NVIDIANVIDIA
Developer-friendly docs for your API
Privacy Policy | Your Privacy Choices | Terms of Service | Accessibility | Corporate Policies | Product Security | Contact

Copyright © 2026, NVIDIA Corporation.

LogoLogo
API ReferenceTenant Identity

Retrieve Token Delegation for current Org

||View as Markdown|
GET
https://nico-rest-api.nico.svc.cluster.local/v2/org/:org/nico/site/:siteID/tenant-identity/token-delegation
GET
/v2/org/:org/nico/site/:siteID/tenant-identity/token-delegation
$curl https://nico-rest-api.nico.svc.cluster.local/v2/org/org/nico/site/siteID/tenant-identity/token-delegation \
>     -H "Authorization: Bearer <token>" \
>     -H "Content-Type: application/json"
1{
2  "tokenEndpoint": "https://auth.acme-inc.com/oauth2/token",
3  "clientSecretBasic": {
4    "clientId": "acme-client-123",
5    "clientSecretHash": "3a7bd3e2360a3d5f8b9e2c4f1a5d6e7f8c9b0a1d2e3f4b5c6d7e8f9a0b1c2d3e"
6  },
7  "subjectTokenAudience": "https://api.acme-inc.com/",
8  "created": "2024-01-15T09:30:00Z",
9  "updated": "2024-01-15T09:30:00Z"
10}

Retrieve the registered token exchange callback for the tenant.

User must have authorization role with TENANT_ADMIN suffix in the URL {org}.

The raw clientSecret is never returned; only its SHA-256 hash.

Previous

Delete Tenant Identity Configuration

Next

Create or Update Token Delegation

Authentication

AuthorizationBearer
``` export JWT_BEARER_TOKEN="<jwt-bearer-token>" # Example org name: "acme-inc export ORG_NAME=<org-name> # Use the JWT bearer token in your API request auth header: curl -v -X GET -H "Content-Type: application/json" -H "Authorization: Bearer $JWT_BEARER_TOKEN" https://nico-rest-api.nico.svc.cluster.local/v2/org/$ORG_NAME/nico/user/current ```

Path parameters

orgstringRequired
Name of the Org
siteIDstringRequiredformat: "uuid"
ID of the Site

Response

Token delegation retrieved
tokenEndpointstringformat: "uri"
clientSecretBasicobject

Public half of client_secret_basic credentials. Only the SHA-256 hash of the secret is returned.

subjectTokenAudiencestring
createddatetime
updateddatetime

Errors

400
Bad Request Error
403
Forbidden Error
404
Not Found Error
500
Internal Server Error
503
Service Unavailable Error
export JWT_BEARER_TOKEN="<jwt-bearer-token>"
# Example org name: "acme-inc
export ORG_NAME=<org-name>
# Use the JWT bearer token in your API request auth header:
curl -v -X GET -H "Content-Type: application/json" -H "Authorization: Bearer $JWT_BEARER_TOKEN" https://nico-rest-api.nico.svc.cluster.local/v2/org/$ORG_NAME/nico/user/current