Home > Storage > PowerScale (Isilon) > Product Documentation > Management and Migration > PowerScale OneFS Authentication, Identity Management, and Authorization > Checking access tokens
You can check an access token by dumping it on the PowerScale CLI. You can view a token by username, UID, GID, or Kerberos-principal, paired with an access zone. The following figure displays a token by username, with corresponding SIDs, UID, and GIDs:
Figure 12. Viewing an access token
In the figure, a UID of a 1000000 is displayed, signifying a fake value. The value of 1000000 is assigned to the first user requiring a fake value and increments for each corresponding GID and as more users join. Additionally, a GID is generated for each SID group that was pulled from Active Directory.
Another option to view an access token is isi auth id, which lists IDs, privileges, and zone information for the logged in user, as shown in the following example:
Figure 13. Abridged example of isi auth id