To make api-server use this scheme, it needs to be started with the --token-auth-file=<PATH_TO_TOKEN_FILE> switch. Similar to the HTTP basic auth strategy, the provided file is a csv file with a record for every user. The record needs to be in the following format:
token, user, userid, group
Again, the group name is optional and if there is more than one group for the user, you will need to separate them with a comma and enclose them in double quotes. The token is just a base64 encoded string. An example command to generate a token on Linux can be as follows:
$ echo `dd if=/dev/urandom bs=128 count=1 2>/dev/null | base64 | tr -d "=+/" | dd bs=32 count=1 2>/dev/null`
The output will be a token, which you then enter into ...