java.lang.Object
org.elasticsearch.xpack.security.authc.UserToken
All Implemented Interfaces:
Writeable, ToXContent, ToXContentObject

public final class UserToken extends Object implements Writeable, ToXContentObject
This token is a combination of a Authentication object with an expiry. This token can be serialized for use later. Note, if serializing this token to a entity outside of the cluster, care must be taken to encrypt and validate the serialized bytes or they cannot be trusted. Additionally, care must also be used when transporting these tokens as a stolen token can be used by an adversary to gain access. For this reason, TLS must be enabled for these tokens to be used.