API for auth-specific-data routes

Add API docs for the /auth routes. Change-Id: If0c010119512d6a159ce82147a87c4698205a648 Blueprint: auth-specific-data
2014-08-20 08:51:06 +10:00 · 2014-08-20 08:51:06 +10:00 · fadef23172
parent dfb2803e60
commit fadef23172
2 changed files with 115 additions and 4 deletions
--- a/v3/src/markdown/identity-api-v3-os-federation-ext.md
+++ b/v3/src/markdown/identity-api-v3-os-federation-ext.md
@ -19,6 +19,15 @@ Definitions
  mismatches, a mapping can be done either on the sending side (third party
  identity provider), on the consuming side (Identity API service), or both.

+What's New in Version 1.1
+-------------------------
+
+Corresponding to Identity API v3.3 release. These features are not yet
+considered stable (expected September 4th, 2014).
+
+- Deprecate list projects and domains in favour of core functionality available
+  in Identity API v3.3.
+
 API Resources
 -------------

@ -646,10 +655,16 @@ Response:
 Listing projects and domains
 ----------------------------

+**Deprecated in v1.1**. This section is deprecated as the functionality is
+available in the core Identity API.
+
 ### List projects a federated user can access: `GET /OS-FEDERATION/projects`

 Relationship: `http://docs.openstack.org/api/openstack-identity/3/ext/OS-FEDERATION/1.0/rel/projects`

+**Deprecated in v1.1**. Use core `GET /auth/projects`. This call has the same
+response format.
+
 Returns a collection of projects to which the federated user has authorization
 to access. To access this resource, an unscoped token is used, the user can
 then select a project and request a scoped token. Note that only enabled
@ -691,6 +706,9 @@ Response:

 Relationship: `http://docs.openstack.org/api/openstack-identity/3/ext/OS-FEDERATION/1.0/rel/domains`

+**Deprecated in v1.1**. Use core `GET /auth/domains`. This call has the same
+response format.
+
 Returns a collection of domains to which the federated user has authorization
 to access. To access this resource, an unscoped token is used, the user can
 then select a domain and request a scoped token. Note that only enabled
--- a/v3/src/markdown/identity-api-v3.md
+++ b/v3/src/markdown/identity-api-v3.md
@ -18,6 +18,8 @@ These features are not yet considered stable (expected September 4th, 2014).
  into the service catalog.
 - Introduced a stand alone call to retrieve a service catalog.
 - Introduced support for JSON Home.
+- Introduced a standard call to retrieve possible project and domain scope
+  targets for a token.

 What's New in Version 3.2
 -------------------------
@ -1866,14 +1868,14 @@ This call is identical to `HEAD /auth/tokens` except that the `X-Subject-Token`
 token is immediately invalidated, regardless of its `expires_at` attribute. An
 additional `X-Auth-Token` is not required.

-### Catalog
+### Authentication Specific Routes

 The key use cases we need to cover:

- CRUD for regions, services and endpoints
- Retrieving an endpoint URL by service, region, and interface
+- Fetching a service catalog based upon the current authorization.
+- Retrieve available scoping targets based upon the current authorization.

-#### Get service catalog: `GET /catalog`
+#### Get service catalog: `GET /auth/catalog`

 Relationship: `http://docs.openstack.org/api/openstack-identity/3/rel/catalog`

@ -1925,6 +1927,97 @@ Response:
        }
    }

+#### Get available project scopes: `GET /auth/projects`
+
+*New in version 3.3*
+
+This call returns the list of projects that are available to be scoped to based
+on the `X-Auth-Token` provided in the request.
+
+The structure of the response is exactly the same as listing projects for a
+user.
+
+Response:
+
+    Status: 200 OK
+
+    {
+        "projects": [
+            {
+                "domain_id": "1789d1",
+                "enabled": true,
+                "id": "263fd9",
+                "links": {
+                    "self": "https://identity:35357/v3/projects/263fd9"
+                },
+                "name": "Test Group"
+            },
+            {
+                "domain_id": "1789d1",
+                "enabled": true,
+                "id": "50ef01",
+                "links": {
+                    "self": "https://identity:35357/v3/projects/50ef01"
+                },
+                "name": "Build Group"
+            }
+        ],
+        "links": {
+            "self": "https://identity:35357/v3/auth/projects",
+            "previous": null,
+            "next": null
+        }
+    }
+
+#### Get available domain scopes: `GET /auth/domains`
+
+*New in version 3.3*
+
+This call returns the list of domains that are available to be scoped to based
+on the `X-Auth-Token` provided in the request.
+
+The structure is the same as listing domains.
+
+Response:
+
+    Status: 200 OK
+
+    {
+        "domains": [
+            {
+                "description": "my domain description",
+                "enabled": true,
+                "id": "1789d1",
+                "links": {
+                    "self": "https://identity:35357/v3/domains/1789d1"
+                },
+                "name": "my domain"
+            },
+            {
+                "description": "description of my other domain",
+                "enabled": true,
+                "id": "43e8da",
+                "links": {
+                    "self": "https://identity:35357/v3/domains/43e8da"
+                },
+                "name": "another domain"
+            }
+        ],
+        "links": {
+            "self": "https://identity:35357/v3/auth/domains",
+            "previous": null,
+            "next": null
+        }
+    }
+
+### Catalog
+
+The key use cases we need to cover:
+
+- CRUD for regions, services and endpoints
+- Retrieving an endpoint URL by service, region, and interface
+
+
 #### List regions: `GET /regions`

 Relationship: `http://docs.openstack.org/api/openstack-identity/3/rel/regions`