Decrypting an Existing Token

Applies To:

HTTP LargeThis platform has been optimized to cache and deliver static content (e.g., HTML, CSS, JavaScript, ISO, multimedia, and software downloads, etc.) over HTTP or HTTPS.

HTTP SmallLegacy. If you are currently serving traffic over this platform, then you may continue to do so. However, we recommend that you serve your traffic over our more robust HTTP Large platform.

ADNThe Application Delivery Network platform has been optimized to deliver dynamic content (e.g., login credentials, account information, etc.) over HTTP or HTTPS. Typically, user-specific and database-driven content are served over this platform.

TBAThe Token-Based Authentication feature enforces authentication prior to content delivery. Authentication takes place via an encoded token value that must be included in the request URL. This token value is then decrypted on an edge server. The requested content will only be delivered when the user meets the requirement(s) defined in the token.

You should upgrade to Token-Based Authentication 3.0.
Learn more.

If you know the exact encryption key that was used for a particular token, then you can decrypt it. Decrypting an existing token allows you to view its requirements. If you suspect that a particular client is having trouble viewing your content, you can decrypt his/her token to discover which requirement is not being met.

A token value can be decrypted using any of the following:

Decrypt Tool (Token Auth page)
Token Generator

Syntax:

ectoken3 decrypt KeyNameReplace this term with the encryption key used to generate the token value. TokenReplace this term with the token value that you would like to decrypt.
Custom token generator

Leverage our open-source repository to create a custom application to decrypt token values. This repository, which is hosted on GitHub, contains C, C++, C#, PHP, Perl, and Python source code.

This repository is located at:

https://github.com/Edgecast/ectoken

To decrypt a token using the Decrypt tool

Navigate to the Decrypt Tool section of the Token Auth page.
In the Token To Decrypt option, paste the desired token value.
In the Key to Decrypt option, select the encryption key used to generate that token value.
Click Decrypt. The requirements for that token will appear next to the Original Parameters label.

The Decrypt tool will not be able to decrypt tokens generated with an old encryption key. Use the Token Generation executable to decrypt these types of token values.

To decrypt a token using the Token Generator executable

Download the Token Generator application.
Extract the Windows or Linux version to a local drive.
Open the command line.
- WindowsWindows Key + R, CMD
- LinuxOpen a terminal window.
Navigate to the directory where the Token Generator executable is located.
Issue the following command:
ectoken3 decrypt KeyName Replace this term with the encryption key used to generate the token value. TokenReplace this term with the token value that you would like to decrypt.