openstack/keystone
Code Issues Proposed changes
ce4d065f23
keystone/doc/source/api_curl_examples.rst

1092 lines
29 KiB
ReStructuredText
Raw Normal View History

doc updates
2012-01-29 10:57:02 -08:00
..
Changed header from LLC to Foundation based on trademark policies Fixes: Bug 1214176 Change-Id: Ie937081a53d377671b8b88f422642c8131002f88
2013-08-26 06:32:10 -07:00
Copyright 2011-2012 OpenStack Foundation
doc updates
2012-01-29 10:57:02 -08:00
All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License"); you may
not use this file except in compliance with the License. You may obtain
a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
License for the specific language governing permissions and limitations
under the License.
Fix curl example refs in docs The keystone developer docs index page had two links to the same API examples page: "Service API Examples Using Curl" and "Admin API Examples Using Curl". This is because the API examples document had 2 top-level sections. Partial-Bug: #1283943 Change-Id: I8204268aa482e59f9108d515b69e9c37a12a9e08
2014-05-30 17:20:43 -05:00
=======================
API Examples using Curl
=======================
doc updates
2012-01-29 10:57:02 -08:00
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
--------------------------
v3 API Examples Using Curl
--------------------------
Add docs for application credentials Add documentation in the User section on managing, using, and rotating application credentials. Since application credential support didn't make it into python-openstackclient in the Queens release, show examples using python-keystoneclient. Change-Id: I24bc51d2f3741771ba321fc05d49fd111aa76c15
2018-02-12 23:16:07 +01:00
.. note::
Following are some API examples using curl. Note that these examples are not
automatically generated. They can be outdated as things change and are subject
to regular updates and changes.
Update curl request documentation to remove v2.0 The curl examples we keep in our documentation contain examples for interacting with the now removed v2.0 APIs. This commit removes those examples since we no long support v2.0, except for the ec2token API until the T release. The curl examples didn't have any v2.0 ec2token examples. Change-Id: I7e16421873de1c2ebf13db971bef80a2d74e5823
2018-02-02 19:20:30 +00:00
GET /
=====
Discover API version information, links to documentation (PDF, HTML, WADL),
and supported media types:
.. WARNING::
The v2.0 portion of this response will be removed in the T release. It is
only advertised here because the v2.0 API supports the ec2tokens API until
the T release. All other functionality of the v2.0 has been removed as of
the Queens release. Use v3 for all functionality as it is more complete and
secure.
.. code-block:: bash
$ curl "http://localhost:5000"
.. code-block:: javascript
{
"versions": {
"values": [
{
"id": "v3.10",
"links": [
{
"href": "http://127.0.0.1:5000/v3/",
"rel": "self"
}
],
"media-types": [
{
"base": "application/json",
"type": "application/vnd.openstack.identity-v3+json"
}
],
"status": "stable",
"updated": "2018-02-28T00:00:00Z"
},
{
"id": "v2.0",
"links": [
{
"href": "http://127.0.0.1:5000/v2.0/",
"rel": "self"
},
{
"href": "https://docs.openstack.org/",
"rel": "describedby",
"type": "text/html"
}
],
"media-types": [
{
"base": "application/json",
"type": "application/vnd.openstack.identity-v2.0+json"
}
],
"status": "deprecated",
"updated": "2016-08-04T00:00:00Z"
}
]
}
}
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Tokens
======
Clean up token extra code Originally, the "extra" in token data is generated by auth plugin and then will be return to users within token data. In Kilo, the "extra" in token data was deprecated[1], after that if the auth plugin generate the "extra", a warning log will be raised. To stop the warning, the auth plugins should stop generating "extra" field. After two releases, in Mitaka, the "extra" in token data was removed[2], but the "extra" was still created by default as an empty dict {}. Actually, "extra" should not be created any more in Mitaka because Keystone has warned the auth plugins for two releases. Now in Rocky, it's safe enough to remove the "extra" from token issue flow at all since it has never been used from Mitaka. The only concern for the out tree plugins about the removal is that if they still put "extra" into auth_context, Keystone will raise KeyError. But can it be happened? Only if the out tree plugins ignore the warning in Kilo, and still contain "extra" but never use them from Mitaka. For most auth plugins which follow the Keystone deprecation step, this patch is a silent change. [1]: https://review.openstack.org/#/c/162662 [2]: https://review.openstack.org/#/c/249480 Change-Id: I828cc0ad3ac265abdfea2e1571806add128ae51e
2018-03-22 19:51:31 +08:00
Unscoped
--------
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Clean up token extra code Originally, the "extra" in token data is generated by auth plugin and then will be return to users within token data. In Kilo, the "extra" in token data was deprecated[1], after that if the auth plugin generate the "extra", a warning log will be raised. To stop the warning, the auth plugins should stop generating "extra" field. After two releases, in Mitaka, the "extra" in token data was removed[2], but the "extra" was still created by default as an empty dict {}. Actually, "extra" should not be created any more in Mitaka because Keystone has warned the auth plugins for two releases. Now in Rocky, it's safe enough to remove the "extra" from token issue flow at all since it has never been used from Mitaka. The only concern for the out tree plugins about the removal is that if they still put "extra" into auth_context, Keystone will raise KeyError. But can it be happened? Only if the out tree plugins ignore the warning in Kilo, and still contain "extra" but never use them from Mitaka. For most auth plugins which follow the Keystone deprecation step, this patch is a silent change. [1]: https://review.openstack.org/#/c/162662 [2]: https://review.openstack.org/#/c/249480 Change-Id: I828cc0ad3ac265abdfea2e1571806add128ae51e
2018-03-22 19:51:31 +08:00
Get an unscoped token:
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
.. code-block:: bash
curl -i \
-H "Content-Type: application/json" \
-d '
{ "auth": {
"identity": {
"methods": ["password"],
"password": {
"user": {
"name": "admin",
"domain": { "id": "default" },
"password": "adminpwd"
}
}
}
}
}' \
Quotation marks should be included in http url using curl I think using qutation marks in http url is more regular, even though the current examples in the doc have no problem without qutation marks. The doc is a manual of api curl, a user is likely to refer to the manual and curl an another api which not in the doc. For example: curl -s \ -H "X-Auth-Token:$OS_TOKEN" \ http://loaclhost:5000/v3/role_assignments?user.id=$USER_ID&scope.project.id=$PROJECT_ID response: [1] 22894 -bash: scope.project.id=4f91eb36955543c9826b705bc5a90c59:command not found ... The url has special characters such as '&', which can not be handled correctly. Using double quotation marks in http url will be ok, like this: "http://loaclhost:5000/v3/role_assignments?user.id&scope.project.id" Change-Id: Id8f4c3cc64d298975ad81f8fc08abbec920a1e09
2017-04-21 14:41:49 +08:00
"http://localhost:5000/v3/auth/tokens" ; echo
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Fix example response formatting Several example responses are not formatted making them hard to read. This patch formats them. Change-Id: I35d890011107fe1414032ddc4b357066e0092ecd Closes-Bug: #1665706
2017-02-17 09:29:35 -07:00
Example response:
.. code-block:: bash
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
HTTP/1.1 201 Created
X-Subject-Token: MIIFvgY...
Vary: X-Auth-Token
Content-Type: application/json
Clean up token extra code Originally, the "extra" in token data is generated by auth plugin and then will be return to users within token data. In Kilo, the "extra" in token data was deprecated[1], after that if the auth plugin generate the "extra", a warning log will be raised. To stop the warning, the auth plugins should stop generating "extra" field. After two releases, in Mitaka, the "extra" in token data was removed[2], but the "extra" was still created by default as an empty dict {}. Actually, "extra" should not be created any more in Mitaka because Keystone has warned the auth plugins for two releases. Now in Rocky, it's safe enough to remove the "extra" from token issue flow at all since it has never been used from Mitaka. The only concern for the out tree plugins about the removal is that if they still put "extra" into auth_context, Keystone will raise KeyError. But can it be happened? Only if the out tree plugins ignore the warning in Kilo, and still contain "extra" but never use them from Mitaka. For most auth plugins which follow the Keystone deprecation step, this patch is a silent change. [1]: https://review.openstack.org/#/c/162662 [2]: https://review.openstack.org/#/c/249480 Change-Id: I828cc0ad3ac265abdfea2e1571806add128ae51e
2018-03-22 19:51:31 +08:00
Content-Length: 312
Date: Fri, 11 May 2018 03:15:01 GMT
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Fix example response formatting Several example responses are not formatted making them hard to read. This patch formats them. Change-Id: I35d890011107fe1414032ddc4b357066e0092ecd Closes-Bug: #1665706
2017-02-17 09:29:35 -07:00
{
"token": {
Clean up token extra code Originally, the "extra" in token data is generated by auth plugin and then will be return to users within token data. In Kilo, the "extra" in token data was deprecated[1], after that if the auth plugin generate the "extra", a warning log will be raised. To stop the warning, the auth plugins should stop generating "extra" field. After two releases, in Mitaka, the "extra" in token data was removed[2], but the "extra" was still created by default as an empty dict {}. Actually, "extra" should not be created any more in Mitaka because Keystone has warned the auth plugins for two releases. Now in Rocky, it's safe enough to remove the "extra" from token issue flow at all since it has never been used from Mitaka. The only concern for the out tree plugins about the removal is that if they still put "extra" into auth_context, Keystone will raise KeyError. But can it be happened? Only if the out tree plugins ignore the warning in Kilo, and still contain "extra" but never use them from Mitaka. For most auth plugins which follow the Keystone deprecation step, this patch is a silent change. [1]: https://review.openstack.org/#/c/162662 [2]: https://review.openstack.org/#/c/249480 Change-Id: I828cc0ad3ac265abdfea2e1571806add128ae51e
2018-03-22 19:51:31 +08:00
"issued_at": "2018-05-11T03:15:01.000000Z",
"audit_ids": [
"0PKh_BDKTWqqaFONE-Sxbg"
],
"methods": [
"password"
],
"expires_at": "2018-05-11T04:15:01.000000Z",
"user": {
"password_expires_at": null,
"domain": {
"id": "default",
"name": "Default"
},
"id": "9a7e43333cc44ef4b988f05fc3d3a49d",
"name": "admin"
}
Fix example response formatting Several example responses are not formatted making them hard to read. This patch formats them. Change-Id: I35d890011107fe1414032ddc4b357066e0092ecd Closes-Bug: #1665706
2017-02-17 09:29:35 -07:00
}
}
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Project-scoped
--------------
Get a project-scoped token:
.. code-block:: bash
curl -i \
-H "Content-Type: application/json" \
-d '
{ "auth": {
"identity": {
"methods": ["password"],
"password": {
"user": {
"name": "admin",
"domain": { "id": "default" },
"password": "adminpwd"
}
}
},
"scope": {
"project": {
Clean up token extra code Originally, the "extra" in token data is generated by auth plugin and then will be return to users within token data. In Kilo, the "extra" in token data was deprecated[1], after that if the auth plugin generate the "extra", a warning log will be raised. To stop the warning, the auth plugins should stop generating "extra" field. After two releases, in Mitaka, the "extra" in token data was removed[2], but the "extra" was still created by default as an empty dict {}. Actually, "extra" should not be created any more in Mitaka because Keystone has warned the auth plugins for two releases. Now in Rocky, it's safe enough to remove the "extra" from token issue flow at all since it has never been used from Mitaka. The only concern for the out tree plugins about the removal is that if they still put "extra" into auth_context, Keystone will raise KeyError. But can it be happened? Only if the out tree plugins ignore the warning in Kilo, and still contain "extra" but never use them from Mitaka. For most auth plugins which follow the Keystone deprecation step, this patch is a silent change. [1]: https://review.openstack.org/#/c/162662 [2]: https://review.openstack.org/#/c/249480 Change-Id: I828cc0ad3ac265abdfea2e1571806add128ae51e
2018-03-22 19:51:31 +08:00
"name": "admin",
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
"domain": { "id": "default" }
}
}
}
}' \
Quotation marks should be included in http url using curl I think using qutation marks in http url is more regular, even though the current examples in the doc have no problem without qutation marks. The doc is a manual of api curl, a user is likely to refer to the manual and curl an another api which not in the doc. For example: curl -s \ -H "X-Auth-Token:$OS_TOKEN" \ http://loaclhost:5000/v3/role_assignments?user.id=$USER_ID&scope.project.id=$PROJECT_ID response: [1] 22894 -bash: scope.project.id=4f91eb36955543c9826b705bc5a90c59:command not found ... The url has special characters such as '&', which can not be handled correctly. Using double quotation marks in http url will be ok, like this: "http://loaclhost:5000/v3/role_assignments?user.id&scope.project.id" Change-Id: Id8f4c3cc64d298975ad81f8fc08abbec920a1e09
2017-04-21 14:41:49 +08:00
"http://localhost:5000/v3/auth/tokens" ; echo
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Fix example response formatting Several example responses are not formatted making them hard to read. This patch formats them. Change-Id: I35d890011107fe1414032ddc4b357066e0092ecd Closes-Bug: #1665706
2017-02-17 09:29:35 -07:00
Example response:
.. code-block:: bash
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
HTTP/1.1 201 Created
X-Subject-Token: MIIFfQ...
Vary: X-Auth-Token
Content-Type: application/json
Clean up token extra code Originally, the "extra" in token data is generated by auth plugin and then will be return to users within token data. In Kilo, the "extra" in token data was deprecated[1], after that if the auth plugin generate the "extra", a warning log will be raised. To stop the warning, the auth plugins should stop generating "extra" field. After two releases, in Mitaka, the "extra" in token data was removed[2], but the "extra" was still created by default as an empty dict {}. Actually, "extra" should not be created any more in Mitaka because Keystone has warned the auth plugins for two releases. Now in Rocky, it's safe enough to remove the "extra" from token issue flow at all since it has never been used from Mitaka. The only concern for the out tree plugins about the removal is that if they still put "extra" into auth_context, Keystone will raise KeyError. But can it be happened? Only if the out tree plugins ignore the warning in Kilo, and still contain "extra" but never use them from Mitaka. For most auth plugins which follow the Keystone deprecation step, this patch is a silent change. [1]: https://review.openstack.org/#/c/162662 [2]: https://review.openstack.org/#/c/249480 Change-Id: I828cc0ad3ac265abdfea2e1571806add128ae51e
2018-03-22 19:51:31 +08:00
Content-Length: 3518
Date: Fri, 11 May 2018 03:38:39 GMT
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Fix example response formatting Several example responses are not formatted making them hard to read. This patch formats them. Change-Id: I35d890011107fe1414032ddc4b357066e0092ecd Closes-Bug: #1665706
2017-02-17 09:29:35 -07:00
{
"token": {
Clean up token extra code Originally, the "extra" in token data is generated by auth plugin and then will be return to users within token data. In Kilo, the "extra" in token data was deprecated[1], after that if the auth plugin generate the "extra", a warning log will be raised. To stop the warning, the auth plugins should stop generating "extra" field. After two releases, in Mitaka, the "extra" in token data was removed[2], but the "extra" was still created by default as an empty dict {}. Actually, "extra" should not be created any more in Mitaka because Keystone has warned the auth plugins for two releases. Now in Rocky, it's safe enough to remove the "extra" from token issue flow at all since it has never been used from Mitaka. The only concern for the out tree plugins about the removal is that if they still put "extra" into auth_context, Keystone will raise KeyError. But can it be happened? Only if the out tree plugins ignore the warning in Kilo, and still contain "extra" but never use them from Mitaka. For most auth plugins which follow the Keystone deprecation step, this patch is a silent change. [1]: https://review.openstack.org/#/c/162662 [2]: https://review.openstack.org/#/c/249480 Change-Id: I828cc0ad3ac265abdfea2e1571806add128ae51e
2018-03-22 19:51:31 +08:00
"is_domain": false,
"methods": [
"password"
],
"roles": [
{
"id": "b57680c826b44b5ca6122d0f792c3184",
"name": "Member"
},
{
"id": "3a7bd258345f47479a26aea11a6cc2bb",
"name": "admin"
}
],
"expires_at": "2018-05-11T04:38:39.000000Z",
"project": {
"domain": {
"id": "default",
"name": "Default"
},
"id": "3a705b9f56bb439381b43c4fe59dccce",
"name": "admin"
Fix example response formatting Several example responses are not formatted making them hard to read. This patch formats them. Change-Id: I35d890011107fe1414032ddc4b357066e0092ecd Closes-Bug: #1665706
2017-02-17 09:29:35 -07:00
},
Clean up token extra code Originally, the "extra" in token data is generated by auth plugin and then will be return to users within token data. In Kilo, the "extra" in token data was deprecated[1], after that if the auth plugin generate the "extra", a warning log will be raised. To stop the warning, the auth plugins should stop generating "extra" field. After two releases, in Mitaka, the "extra" in token data was removed[2], but the "extra" was still created by default as an empty dict {}. Actually, "extra" should not be created any more in Mitaka because Keystone has warned the auth plugins for two releases. Now in Rocky, it's safe enough to remove the "extra" from token issue flow at all since it has never been used from Mitaka. The only concern for the out tree plugins about the removal is that if they still put "extra" into auth_context, Keystone will raise KeyError. But can it be happened? Only if the out tree plugins ignore the warning in Kilo, and still contain "extra" but never use them from Mitaka. For most auth plugins which follow the Keystone deprecation step, this patch is a silent change. [1]: https://review.openstack.org/#/c/162662 [2]: https://review.openstack.org/#/c/249480 Change-Id: I828cc0ad3ac265abdfea2e1571806add128ae51e
2018-03-22 19:51:31 +08:00
"catalog": [
{
"endpoints": [
{
"url": "http://localhost/identity",
"interface": "public",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "30a91932e4e94a8ca4dc145bb1bb6b4b"
},
{
"url": "http://localhost/identity",
"interface": "admin",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "94d4768735104c9091f0468e7d31c189"
}
],
"type": "identity",
"id": "09af9253500b41ef976a07322b2fa388",
"name": "keystone"
},
{
"endpoints": [
{
"url": "http://localhost/volume/v2/3a705b9f56bb439381b43c4fe59dccce",
"interface": "public",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "1c4ffe935e7643d99b55938cb12bc38d"
}
],
"type": "volumev2",
"id": "413a44234e1a4c3781d4a3c7a7e4c895",
"name": "cinderv2"
},
{
"endpoints": [
{
"url": "http://localhost/image",
"interface": "public",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "33237fdd1a744d0fb40f9127f21ddad4"
}
],
"type": "image",
"id": "4d473252145546d2aa589605f1e177c7",
"name": "glance"
},
{
"endpoints": [
{
"url": "http://localhost/placement",
"interface": "public",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "1a421e2f97684d3f86ab4d2cc9c86362"
}
],
"type": "placement",
"id": "5dcecbdd4a1d44d0855c560301b27bb5",
"name": "placement"
},
{
"endpoints": [
{
"url": "http://localhost/compute/v2.1",
"interface": "public",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "8e7ea663cc41477c9629cc710bbb1c7d"
}
],
"type": "compute",
"id": "87d49efa8fb64006bdb123d223ddcae2",
"name": "nova"
},
{
"endpoints": [
{
"url": "http://localhost/volume/v1/3a705b9f56bb439381b43c4fe59dccce",
"interface": "public",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "97a2c0ac7e304316a1eb58a3757e6ef8"
}
],
"type": "volume",
"id": "9408080f1970482aa0e38bc2d4ea34b7",
"name": "cinder"
},
{
"endpoints": [
{
"url": "http://localhost:8080/v1/AUTH_3a705b9f56bb439381b43c4fe59dccce",
"interface": "public",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "d0d823615b0747a9aeca8b83fba105f0"
},
{
"url": "http://localhost:8080",
"interface": "admin",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "e4cb86d9232349f091e0a02390deeb79"
}
],
"type": "object-store",
"id": "957ba1fe8b0443f0afe64bfd0858ba5e",
"name": "swift"
},
{
"endpoints": [
{
"url": "http://localhost:9696/",
"interface": "public",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "aa4a0e61cdc54372967ee9e2298f1d53"
}
],
"type": "network",
"id": "960fbc66bfcb4fa7900023f647fdc3a5",
"name": "neutron"
},
{
"endpoints": [
{
"url": "http://localhost/volume/v3/3a705b9f56bb439381b43c4fe59dccce",
"interface": "public",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "0c38045a91c34d798e0d2008fee7521d"
}
],
"type": "volumev3",
"id": "98adb083914f423d9cb74ad5527e37cb",
"name": "cinderv3"
},
{
"endpoints": [
{
"url": "http://localhost/compute/v2/3a705b9f56bb439381b43c4fe59dccce",
"interface": "public",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "562e12b9ee9549e8b857218ccf2ae321"
}
],
"type": "compute_legacy",
"id": "a31e688016614430b28cddddf12d7b88",
"name": "nova_legacy"
}
],
"user": {
"password_expires_at": null,
"domain": {
"id": "default",
"name": "Default"
},
"id": "9a7e43333cc44ef4b988f05fc3d3a49d",
"name": "admin"
Fix example response formatting Several example responses are not formatted making them hard to read. This patch formats them. Change-Id: I35d890011107fe1414032ddc4b357066e0092ecd Closes-Bug: #1665706
2017-02-17 09:29:35 -07:00
},
Clean up token extra code Originally, the "extra" in token data is generated by auth plugin and then will be return to users within token data. In Kilo, the "extra" in token data was deprecated[1], after that if the auth plugin generate the "extra", a warning log will be raised. To stop the warning, the auth plugins should stop generating "extra" field. After two releases, in Mitaka, the "extra" in token data was removed[2], but the "extra" was still created by default as an empty dict {}. Actually, "extra" should not be created any more in Mitaka because Keystone has warned the auth plugins for two releases. Now in Rocky, it's safe enough to remove the "extra" from token issue flow at all since it has never been used from Mitaka. The only concern for the out tree plugins about the removal is that if they still put "extra" into auth_context, Keystone will raise KeyError. But can it be happened? Only if the out tree plugins ignore the warning in Kilo, and still contain "extra" but never use them from Mitaka. For most auth plugins which follow the Keystone deprecation step, this patch is a silent change. [1]: https://review.openstack.org/#/c/162662 [2]: https://review.openstack.org/#/c/249480 Change-Id: I828cc0ad3ac265abdfea2e1571806add128ae51e
2018-03-22 19:51:31 +08:00
"audit_ids": [
"TbdrnW4MQDq_GPAVN9-JOQ"
],
"issued_at": "2018-05-11T03:38:39.000000Z"
Fix example response formatting Several example responses are not formatted making them hard to read. This patch formats them. Change-Id: I35d890011107fe1414032ddc4b357066e0092ecd Closes-Bug: #1665706
2017-02-17 09:29:35 -07:00
}
}
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Domain-Scoped
-------------
Get a domain-scoped token (Note that you're going to need a role-assignment on
the domain first!):
.. code-block:: bash
curl -i \
-H "Content-Type: application/json" \
-d '
{ "auth": {
"identity": {
"methods": ["password"],
"password": {
"user": {
"name": "admin",
"domain": { "id": "default" },
"password": "adminpwd"
}
}
},
"scope": {
"domain": {
"id": "default"
}
}
}
}' \
Quotation marks should be included in http url using curl I think using qutation marks in http url is more regular, even though the current examples in the doc have no problem without qutation marks. The doc is a manual of api curl, a user is likely to refer to the manual and curl an another api which not in the doc. For example: curl -s \ -H "X-Auth-Token:$OS_TOKEN" \ http://loaclhost:5000/v3/role_assignments?user.id=$USER_ID&scope.project.id=$PROJECT_ID response: [1] 22894 -bash: scope.project.id=4f91eb36955543c9826b705bc5a90c59:command not found ... The url has special characters such as '&', which can not be handled correctly. Using double quotation marks in http url will be ok, like this: "http://loaclhost:5000/v3/role_assignments?user.id&scope.project.id" Change-Id: Id8f4c3cc64d298975ad81f8fc08abbec920a1e09
2017-04-21 14:41:49 +08:00
"http://localhost:5000/v3/auth/tokens" ; echo
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Fix example response formatting Several example responses are not formatted making them hard to read. This patch formats them. Change-Id: I35d890011107fe1414032ddc4b357066e0092ecd Closes-Bug: #1665706
2017-02-17 09:29:35 -07:00
Example response:
.. code-block:: bash
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
HTTP/1.1 201 Created
X-Subject-Token: MIIFNg...
Vary: X-Auth-Token
Content-Type: application/json
Clean up token extra code Originally, the "extra" in token data is generated by auth plugin and then will be return to users within token data. In Kilo, the "extra" in token data was deprecated[1], after that if the auth plugin generate the "extra", a warning log will be raised. To stop the warning, the auth plugins should stop generating "extra" field. After two releases, in Mitaka, the "extra" in token data was removed[2], but the "extra" was still created by default as an empty dict {}. Actually, "extra" should not be created any more in Mitaka because Keystone has warned the auth plugins for two releases. Now in Rocky, it's safe enough to remove the "extra" from token issue flow at all since it has never been used from Mitaka. The only concern for the out tree plugins about the removal is that if they still put "extra" into auth_context, Keystone will raise KeyError. But can it be happened? Only if the out tree plugins ignore the warning in Kilo, and still contain "extra" but never use them from Mitaka. For most auth plugins which follow the Keystone deprecation step, this patch is a silent change. [1]: https://review.openstack.org/#/c/162662 [2]: https://review.openstack.org/#/c/249480 Change-Id: I828cc0ad3ac265abdfea2e1571806add128ae51e
2018-03-22 19:51:31 +08:00
Content-Length: 2590
Date: Fri, 11 May 2018 03:37:09 GMT
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Fix example response formatting Several example responses are not formatted making them hard to read. This patch formats them. Change-Id: I35d890011107fe1414032ddc4b357066e0092ecd Closes-Bug: #1665706
2017-02-17 09:29:35 -07:00
{
"token": {
"domain": {
Clean up token extra code Originally, the "extra" in token data is generated by auth plugin and then will be return to users within token data. In Kilo, the "extra" in token data was deprecated[1], after that if the auth plugin generate the "extra", a warning log will be raised. To stop the warning, the auth plugins should stop generating "extra" field. After two releases, in Mitaka, the "extra" in token data was removed[2], but the "extra" was still created by default as an empty dict {}. Actually, "extra" should not be created any more in Mitaka because Keystone has warned the auth plugins for two releases. Now in Rocky, it's safe enough to remove the "extra" from token issue flow at all since it has never been used from Mitaka. The only concern for the out tree plugins about the removal is that if they still put "extra" into auth_context, Keystone will raise KeyError. But can it be happened? Only if the out tree plugins ignore the warning in Kilo, and still contain "extra" but never use them from Mitaka. For most auth plugins which follow the Keystone deprecation step, this patch is a silent change. [1]: https://review.openstack.org/#/c/162662 [2]: https://review.openstack.org/#/c/249480 Change-Id: I828cc0ad3ac265abdfea2e1571806add128ae51e
2018-03-22 19:51:31 +08:00
"id": "default",
"name": "Default"
},
"methods": [
"password"
],
"roles": [
{
"id": "b57680c826b44b5ca6122d0f792c3184",
"name": "Member"
},
{
"id": "3a7bd258345f47479a26aea11a6cc2bb",
"name": "admin"
}
],
"expires_at": "2018-05-11T04:37:09.000000Z",
"catalog": [
{
"endpoints": [
{
"region_id": "RegionOne",
"url": "http://localhost/identity",
"region": "RegionOne",
"interface": "public",
"id": "30a91932e4e94a8ca4dc145bb1bb6b4b"
},
{
"region_id": "RegionOne",
"url": "http://localhost/identity",
"region": "RegionOne",
"interface": "admin",
"id": "94d4768735104c9091f0468e7d31c189"
}
],
"type": "identity",
"id": "09af9253500b41ef976a07322b2fa388",
"name": "keystone"
},
{
"endpoints": [],
"type": "volumev2",
"id": "413a44234e1a4c3781d4a3c7a7e4c895",
"name": "cinderv2"
},
{
"endpoints": [
{
"region_id": "RegionOne",
"url": "http://localhost/image",
"region": "RegionOne",
"interface": "public",
"id": "33237fdd1a744d0fb40f9127f21ddad4"
}
],
"type": "image",
"id": "4d473252145546d2aa589605f1e177c7",
"name": "glance"
},
{
"endpoints": [
{
"region_id": "RegionOne",
"url": "http://localhost/placement",
"region": "RegionOne",
"interface": "public",
"id": "1a421e2f97684d3f86ab4d2cc9c86362"
}
],
"type": "placement",
"id": "5dcecbdd4a1d44d0855c560301b27bb5",
"name": "placement"
},
{
"endpoints": [
{
"region_id": "RegionOne",
"url": "http://localhost/compute/v2.1",
"region": "RegionOne",
"interface": "public",
"id": "8e7ea663cc41477c9629cc710bbb1c7d"
}
],
"type": "compute",
"id": "87d49efa8fb64006bdb123d223ddcae2",
"name": "nova"
},
{
"endpoints": [],
"type": "volume",
"id": "9408080f1970482aa0e38bc2d4ea34b7",
"name": "cinder"
},
{
"endpoints": [
{
"region_id": "RegionOne",
"url": "http://localhost:8080",
"region": "RegionOne",
"interface": "admin",
"id": "e4cb86d9232349f091e0a02390deeb79"
}
],
"type": "object-store",
"id": "957ba1fe8b0443f0afe64bfd0858ba5e",
"name": "swift"
},
{
"endpoints": [
{
"region_id": "RegionOne",
"url": "http://localhost:9696/",
"region": "RegionOne",
"interface": "public",
"id": "aa4a0e61cdc54372967ee9e2298f1d53"
}
],
"type": "network",
"id": "960fbc66bfcb4fa7900023f647fdc3a5",
"name": "neutron"
},
{
"endpoints": [],
"type": "volumev3",
"id": "98adb083914f423d9cb74ad5527e37cb",
"name": "cinderv3"
},
{
"endpoints": [],
"type": "compute_legacy",
"id": "a31e688016614430b28cddddf12d7b88",
"name": "nova_legacy"
}
],
"user": {
"password_expires_at": null,
"domain": {
"id": "default",
"name": "Default"
},
"id": "9a7e43333cc44ef4b988f05fc3d3a49d",
"name": "admin"
Fix example response formatting Several example responses are not formatted making them hard to read. This patch formats them. Change-Id: I35d890011107fe1414032ddc4b357066e0092ecd Closes-Bug: #1665706
2017-02-17 09:29:35 -07:00
},
Clean up token extra code Originally, the "extra" in token data is generated by auth plugin and then will be return to users within token data. In Kilo, the "extra" in token data was deprecated[1], after that if the auth plugin generate the "extra", a warning log will be raised. To stop the warning, the auth plugins should stop generating "extra" field. After two releases, in Mitaka, the "extra" in token data was removed[2], but the "extra" was still created by default as an empty dict {}. Actually, "extra" should not be created any more in Mitaka because Keystone has warned the auth plugins for two releases. Now in Rocky, it's safe enough to remove the "extra" from token issue flow at all since it has never been used from Mitaka. The only concern for the out tree plugins about the removal is that if they still put "extra" into auth_context, Keystone will raise KeyError. But can it be happened? Only if the out tree plugins ignore the warning in Kilo, and still contain "extra" but never use them from Mitaka. For most auth plugins which follow the Keystone deprecation step, this patch is a silent change. [1]: https://review.openstack.org/#/c/162662 [2]: https://review.openstack.org/#/c/249480 Change-Id: I828cc0ad3ac265abdfea2e1571806add128ae51e
2018-03-22 19:51:31 +08:00
"audit_ids": [
"Sfc8_kywQx-tWNkEVqA1Iw"
],
"issued_at": "2018-05-11T03:37:09.000000Z"
Fix example response formatting Several example responses are not formatted making them hard to read. This patch formats them. Change-Id: I35d890011107fe1414032ddc4b357066e0092ecd Closes-Bug: #1665706
2017-02-17 09:29:35 -07:00
}
}
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Getting a token from a token
----------------------------
Get a token from a token:
.. code-block:: bash
curl -i \
-H "Content-Type: application/json" \
-d '
{ "auth": {
"identity": {
"methods": ["token"],
"token": {
"id": "'$OS_TOKEN'"
}
}
}
}' \
Quotation marks should be included in http url using curl I think using qutation marks in http url is more regular, even though the current examples in the doc have no problem without qutation marks. The doc is a manual of api curl, a user is likely to refer to the manual and curl an another api which not in the doc. For example: curl -s \ -H "X-Auth-Token:$OS_TOKEN" \ http://loaclhost:5000/v3/role_assignments?user.id=$USER_ID&scope.project.id=$PROJECT_ID response: [1] 22894 -bash: scope.project.id=4f91eb36955543c9826b705bc5a90c59:command not found ... The url has special characters such as '&', which can not be handled correctly. Using double quotation marks in http url will be ok, like this: "http://loaclhost:5000/v3/role_assignments?user.id&scope.project.id" Change-Id: Id8f4c3cc64d298975ad81f8fc08abbec920a1e09
2017-04-21 14:41:49 +08:00
"http://localhost:5000/v3/auth/tokens" ; echo
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Fix example response formatting Several example responses are not formatted making them hard to read. This patch formats them. Change-Id: I35d890011107fe1414032ddc4b357066e0092ecd Closes-Bug: #1665706
2017-02-17 09:29:35 -07:00
Example response:
.. code-block:: bash
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
HTTP/1.1 201 Created
X-Subject-Token: MIIFxw...
Vary: X-Auth-Token
Content-Type: application/json
Clean up token extra code Originally, the "extra" in token data is generated by auth plugin and then will be return to users within token data. In Kilo, the "extra" in token data was deprecated[1], after that if the auth plugin generate the "extra", a warning log will be raised. To stop the warning, the auth plugins should stop generating "extra" field. After two releases, in Mitaka, the "extra" in token data was removed[2], but the "extra" was still created by default as an empty dict {}. Actually, "extra" should not be created any more in Mitaka because Keystone has warned the auth plugins for two releases. Now in Rocky, it's safe enough to remove the "extra" from token issue flow at all since it has never been used from Mitaka. The only concern for the out tree plugins about the removal is that if they still put "extra" into auth_context, Keystone will raise KeyError. But can it be happened? Only if the out tree plugins ignore the warning in Kilo, and still contain "extra" but never use them from Mitaka. For most auth plugins which follow the Keystone deprecation step, this patch is a silent change. [1]: https://review.openstack.org/#/c/162662 [2]: https://review.openstack.org/#/c/249480 Change-Id: I828cc0ad3ac265abdfea2e1571806add128ae51e
2018-03-22 19:51:31 +08:00
Content-Length: 347
Date: Fri, 11 May 2018 03:41:29 GMT
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Fix example response formatting Several example responses are not formatted making them hard to read. This patch formats them. Change-Id: I35d890011107fe1414032ddc4b357066e0092ecd Closes-Bug: #1665706
2017-02-17 09:29:35 -07:00
{
"token": {
Clean up token extra code Originally, the "extra" in token data is generated by auth plugin and then will be return to users within token data. In Kilo, the "extra" in token data was deprecated[1], after that if the auth plugin generate the "extra", a warning log will be raised. To stop the warning, the auth plugins should stop generating "extra" field. After two releases, in Mitaka, the "extra" in token data was removed[2], but the "extra" was still created by default as an empty dict {}. Actually, "extra" should not be created any more in Mitaka because Keystone has warned the auth plugins for two releases. Now in Rocky, it's safe enough to remove the "extra" from token issue flow at all since it has never been used from Mitaka. The only concern for the out tree plugins about the removal is that if they still put "extra" into auth_context, Keystone will raise KeyError. But can it be happened? Only if the out tree plugins ignore the warning in Kilo, and still contain "extra" but never use them from Mitaka. For most auth plugins which follow the Keystone deprecation step, this patch is a silent change. [1]: https://review.openstack.org/#/c/162662 [2]: https://review.openstack.org/#/c/249480 Change-Id: I828cc0ad3ac265abdfea2e1571806add128ae51e
2018-03-22 19:51:31 +08:00
"issued_at": "2018-05-11T03:41:29.000000Z",
"audit_ids": [
"zS_C_KROTFeZm-VlG1LjbA",
"RAjE82q8Rz-Cd50ogCpx3Q"
],
"methods": [
"token",
"password"
],
"expires_at": "2018-05-11T04:40:00.000000Z",
"user": {
"password_expires_at": null,
"domain": {
"id": "default",
"name": "Default"
},
"id": "9a7e43333cc44ef4b988f05fc3d3a49d",
"name": "admin"
}
Fix example response formatting Several example responses are not formatted making them hard to read. This patch formats them. Change-Id: I35d890011107fe1414032ddc4b357066e0092ecd Closes-Bug: #1665706
2017-02-17 09:29:35 -07:00
}
}
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
.. note::
If a scope was included in the request body then this would get a token
with the new scope.
DELETE /v3/auth/tokens
----------------------
Revoke a token:
.. code-block:: bash
curl -i -X DELETE \
-H "X-Auth-Token: $OS_TOKEN" \
-H "X-Subject-Token: $OS_TOKEN" \
Quotation marks should be included in http url using curl I think using qutation marks in http url is more regular, even though the current examples in the doc have no problem without qutation marks. The doc is a manual of api curl, a user is likely to refer to the manual and curl an another api which not in the doc. For example: curl -s \ -H "X-Auth-Token:$OS_TOKEN" \ http://loaclhost:5000/v3/role_assignments?user.id=$USER_ID&scope.project.id=$PROJECT_ID response: [1] 22894 -bash: scope.project.id=4f91eb36955543c9826b705bc5a90c59:command not found ... The url has special characters such as '&', which can not be handled correctly. Using double quotation marks in http url will be ok, like this: "http://loaclhost:5000/v3/role_assignments?user.id&scope.project.id" Change-Id: Id8f4c3cc64d298975ad81f8fc08abbec920a1e09
2017-04-21 14:41:49 +08:00
"http://localhost:5000/v3/auth/tokens"
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
If there's no error then the response is empty.
Domains
=======
GET /v3/domains
---------------
List domains:
.. code-block:: bash
curl -s \
-H "X-Auth-Token: $OS_TOKEN" \
Quotation marks should be included in http url using curl I think using qutation marks in http url is more regular, even though the current examples in the doc have no problem without qutation marks. The doc is a manual of api curl, a user is likely to refer to the manual and curl an another api which not in the doc. For example: curl -s \ -H "X-Auth-Token:$OS_TOKEN" \ http://loaclhost:5000/v3/role_assignments?user.id=$USER_ID&scope.project.id=$PROJECT_ID response: [1] 22894 -bash: scope.project.id=4f91eb36955543c9826b705bc5a90c59:command not found ... The url has special characters such as '&', which can not be handled correctly. Using double quotation marks in http url will be ok, like this: "http://loaclhost:5000/v3/role_assignments?user.id&scope.project.id" Change-Id: Id8f4c3cc64d298975ad81f8fc08abbec920a1e09
2017-04-21 14:41:49 +08:00
"http://localhost:5000/v3/domains" | python -mjson.tool
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Example response:
.. code-block:: javascript
{
"domains": [
{
"description": "Owns users and tenants (i.e. projects) available on Identity API v2.",
"enabled": true,
"id": "default",
"links": {
"self": "http://identity-server:5000/v3/domains/default"
},
"name": "Default"
}
],
"links": {
"next": null,
"previous": null,
"self": "http://identity-server:5000/v3/domains"
}
}
POST /v3/domains
----------------
Create a domain:
.. code-block:: bash
curl -s \
-H "X-Auth-Token: $OS_TOKEN" \
-H "Content-Type: application/json" \
-d '{ "domain": { "name": "newdomain"}}' \
Quotation marks should be included in http url using curl I think using qutation marks in http url is more regular, even though the current examples in the doc have no problem without qutation marks. The doc is a manual of api curl, a user is likely to refer to the manual and curl an another api which not in the doc. For example: curl -s \ -H "X-Auth-Token:$OS_TOKEN" \ http://loaclhost:5000/v3/role_assignments?user.id=$USER_ID&scope.project.id=$PROJECT_ID response: [1] 22894 -bash: scope.project.id=4f91eb36955543c9826b705bc5a90c59:command not found ... The url has special characters such as '&', which can not be handled correctly. Using double quotation marks in http url will be ok, like this: "http://loaclhost:5000/v3/role_assignments?user.id&scope.project.id" Change-Id: Id8f4c3cc64d298975ad81f8fc08abbec920a1e09
2017-04-21 14:41:49 +08:00
"http://localhost:5000/v3/domains" | python -mjson.tool
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Example response:
.. code-block:: javascript
{
"domain": {
"enabled": true,
"id": "3a5140aecd974bf08041328b53a62458",
"links": {
"self": "http://identity-server:5000/v3/domains/3a5140aecd974bf08041328b53a62458"
},
"name": "newdomain"
}
}
Projects
========
GET /v3/projects
----------------
List projects:
.. code-block:: bash
curl -s \
-H "X-Auth-Token: $OS_TOKEN" \
Quotation marks should be included in http url using curl I think using qutation marks in http url is more regular, even though the current examples in the doc have no problem without qutation marks. The doc is a manual of api curl, a user is likely to refer to the manual and curl an another api which not in the doc. For example: curl -s \ -H "X-Auth-Token:$OS_TOKEN" \ http://loaclhost:5000/v3/role_assignments?user.id=$USER_ID&scope.project.id=$PROJECT_ID response: [1] 22894 -bash: scope.project.id=4f91eb36955543c9826b705bc5a90c59:command not found ... The url has special characters such as '&', which can not be handled correctly. Using double quotation marks in http url will be ok, like this: "http://loaclhost:5000/v3/role_assignments?user.id&scope.project.id" Change-Id: Id8f4c3cc64d298975ad81f8fc08abbec920a1e09
2017-04-21 14:41:49 +08:00
"http://localhost:5000/v3/projects" | python -mjson.tool
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Example response:
.. code-block:: javascript
{
"links": {
"next": null,
"previous": null,
"self": "http://localhost:5000/v3/projects"
},
"projects": [
{
"description": null,
"domain_id": "default",
"enabled": true,
"id": "3d4c2c82bd5948f0bcab0cf3a7c9b48c",
"links": {
"self": "http://localhost:5000/v3/projects/3d4c2c82bd5948f0bcab0cf3a7c9b48c"
},
"name": "demo"
}
]
}
PATCH /v3/projects/{id}
-----------------------
Disable a project:
.. code-block:: bash
curl -s -X PATCH \
-H "X-Auth-Token: $OS_TOKEN" \
-H "Content-Type: application/json" \
-d '
{
"project": {
"enabled": false
}
}'\
Quotation marks should be included in http url using curl I think using qutation marks in http url is more regular, even though the current examples in the doc have no problem without qutation marks. The doc is a manual of api curl, a user is likely to refer to the manual and curl an another api which not in the doc. For example: curl -s \ -H "X-Auth-Token:$OS_TOKEN" \ http://loaclhost:5000/v3/role_assignments?user.id=$USER_ID&scope.project.id=$PROJECT_ID response: [1] 22894 -bash: scope.project.id=4f91eb36955543c9826b705bc5a90c59:command not found ... The url has special characters such as '&', which can not be handled correctly. Using double quotation marks in http url will be ok, like this: "http://loaclhost:5000/v3/role_assignments?user.id&scope.project.id" Change-Id: Id8f4c3cc64d298975ad81f8fc08abbec920a1e09
2017-04-21 14:41:49 +08:00
"http://localhost:5000/v3/projects/$PROJECT_ID" | python -mjson.tool
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Example response:
.. code-block:: javascript
{
"project": {
"description": null,
"domain_id": "default",
"enabled": false,
"extra": {},
"id": "3d4c2c82bd5948f0bcab0cf3a7c9b48c",
"links": {
"self": "http://localhost:5000/v3/projects/3d4c2c82bd5948f0bcab0cf3a7c9b48c"
},
"name": "demo"
}
}
GET /v3/services
================
List the services:
.. code-block:: bash
curl -s \
-H "X-Auth-Token: $OS_TOKEN" \
Quotation marks should be included in http url using curl I think using qutation marks in http url is more regular, even though the current examples in the doc have no problem without qutation marks. The doc is a manual of api curl, a user is likely to refer to the manual and curl an another api which not in the doc. For example: curl -s \ -H "X-Auth-Token:$OS_TOKEN" \ http://loaclhost:5000/v3/role_assignments?user.id=$USER_ID&scope.project.id=$PROJECT_ID response: [1] 22894 -bash: scope.project.id=4f91eb36955543c9826b705bc5a90c59:command not found ... The url has special characters such as '&', which can not be handled correctly. Using double quotation marks in http url will be ok, like this: "http://loaclhost:5000/v3/role_assignments?user.id&scope.project.id" Change-Id: Id8f4c3cc64d298975ad81f8fc08abbec920a1e09
2017-04-21 14:41:49 +08:00
"http://localhost:5000/v3/services" | python -mjson.tool
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Corrects minor spelling mistakes Change-Id: Ib603861ad19a525c112153ac3799f2cbe453d4f7
2014-06-24 13:50:31 +00:00
Example response:
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
.. code-block:: javascript
{
"links": {
"next": null,
"previous": null,
"self": "http://localhost:5000/v3/services"
},
"services": [
{
"description": "Keystone Identity Service",
"enabled": true,
"id": "bd7397d2c0e14fb69bae8ff76e112a90",
"links": {
"self": "http://localhost:5000/v3/services/bd7397d2c0e14fb69bae8ff76e112a90"
},
"name": "keystone",
"type": "identity"
}
]
}
GET /v3/endpoints
=================
List the endpoints:
.. code-block:: bash
curl -s \
-H "X-Auth-Token: $OS_TOKEN" \
Quotation marks should be included in http url using curl I think using qutation marks in http url is more regular, even though the current examples in the doc have no problem without qutation marks. The doc is a manual of api curl, a user is likely to refer to the manual and curl an another api which not in the doc. For example: curl -s \ -H "X-Auth-Token:$OS_TOKEN" \ http://loaclhost:5000/v3/role_assignments?user.id=$USER_ID&scope.project.id=$PROJECT_ID response: [1] 22894 -bash: scope.project.id=4f91eb36955543c9826b705bc5a90c59:command not found ... The url has special characters such as '&', which can not be handled correctly. Using double quotation marks in http url will be ok, like this: "http://loaclhost:5000/v3/role_assignments?user.id&scope.project.id" Change-Id: Id8f4c3cc64d298975ad81f8fc08abbec920a1e09
2017-04-21 14:41:49 +08:00
"http://localhost:5000/v3/endpoints" | python -mjson.tool
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Example response:
.. code-block:: javascript
{
"endpoints": [
{
"enabled": true,
"id": "29beb2f1567642eb810b042b6719ea88",
"interface": "admin",
"links": {
"self": "http://localhost:5000/v3/endpoints/29beb2f1567642eb810b042b6719ea88"
},
"region": "RegionOne",
"service_id": "bd7397d2c0e14fb69bae8ff76e112a90",
Change port and version on v3 endpoints example On doc/source/api_curl_examples.rst the GET /v3/endpoints example response section had http://localhost:35357/v2.0 but API v2 was removed so it was modified to http://localhost:5000/v3. Change-Id: Ic51c2d530296c9a92245b34b50fea5e82036d163
2018-10-27 15:56:26 -03:00
"url": "http://localhost:5000/v3"
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
}
],
"links": {
"next": null,
"previous": null,
"self": "http://localhost:5000/v3/endpoints"
}
}
Users
=====
GET /v3/users
-------------
List users:
.. code-block:: bash
curl -s \
-H "X-Auth-Token: $OS_TOKEN" \
Quotation marks should be included in http url using curl I think using qutation marks in http url is more regular, even though the current examples in the doc have no problem without qutation marks. The doc is a manual of api curl, a user is likely to refer to the manual and curl an another api which not in the doc. For example: curl -s \ -H "X-Auth-Token:$OS_TOKEN" \ http://loaclhost:5000/v3/role_assignments?user.id=$USER_ID&scope.project.id=$PROJECT_ID response: [1] 22894 -bash: scope.project.id=4f91eb36955543c9826b705bc5a90c59:command not found ... The url has special characters such as '&', which can not be handled correctly. Using double quotation marks in http url will be ok, like this: "http://loaclhost:5000/v3/role_assignments?user.id&scope.project.id" Change-Id: Id8f4c3cc64d298975ad81f8fc08abbec920a1e09
2017-04-21 14:41:49 +08:00
"http://localhost:5000/v3/users" | python -mjson.tool
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
POST /v3/users
--------------
Create a user:
.. code-block:: bash
curl -s \
-H "X-Auth-Token: $OS_TOKEN" \
-H "Content-Type: application/json" \
-d '{"user": {"name": "newuser", "password": "changeme"}}' \
Quotation marks should be included in http url using curl I think using qutation marks in http url is more regular, even though the current examples in the doc have no problem without qutation marks. The doc is a manual of api curl, a user is likely to refer to the manual and curl an another api which not in the doc. For example: curl -s \ -H "X-Auth-Token:$OS_TOKEN" \ http://loaclhost:5000/v3/role_assignments?user.id=$USER_ID&scope.project.id=$PROJECT_ID response: [1] 22894 -bash: scope.project.id=4f91eb36955543c9826b705bc5a90c59:command not found ... The url has special characters such as '&', which can not be handled correctly. Using double quotation marks in http url will be ok, like this: "http://loaclhost:5000/v3/role_assignments?user.id&scope.project.id" Change-Id: Id8f4c3cc64d298975ad81f8fc08abbec920a1e09
2017-04-21 14:41:49 +08:00
"http://localhost:5000/v3/users" | python -mjson.tool
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Example response:
.. code-block:: javascript
{
"user": {
"domain_id": "default",
"enabled": true,
"id": "ec8fc20605354edd91873f2d66bf4fc4",
"links": {
"self": "http://identity-server:5000/v3/users/ec8fc20605354edd91873f2d66bf4fc4"
},
"name": "newuser"
}
}
GET /v3/users/{user_id}
-----------------------
Show details for a user:
.. code-block:: bash
USER_ID=ec8fc20605354edd91873f2d66bf4fc4
curl -s \
-H "X-Auth-Token: $OS_TOKEN" \
Quotation marks should be included in http url using curl I think using qutation marks in http url is more regular, even though the current examples in the doc have no problem without qutation marks. The doc is a manual of api curl, a user is likely to refer to the manual and curl an another api which not in the doc. For example: curl -s \ -H "X-Auth-Token:$OS_TOKEN" \ http://loaclhost:5000/v3/role_assignments?user.id=$USER_ID&scope.project.id=$PROJECT_ID response: [1] 22894 -bash: scope.project.id=4f91eb36955543c9826b705bc5a90c59:command not found ... The url has special characters such as '&', which can not be handled correctly. Using double quotation marks in http url will be ok, like this: "http://loaclhost:5000/v3/role_assignments?user.id&scope.project.id" Change-Id: Id8f4c3cc64d298975ad81f8fc08abbec920a1e09
2017-04-21 14:41:49 +08:00
"http://localhost:5000/v3/users/$USER_ID" | python -mjson.tool
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Example response:
.. code-block:: javascript
{
"user": {
"domain_id": "default",
"enabled": true,
"id": "ec8fc20605354edd91873f2d66bf4fc4",
"links": {
"self": "http://localhost:5000/v3/users/ec8fc20605354edd91873f2d66bf4fc4"
},
"name": "newuser"
}
}
POST /v3/users/{user_id}/password
---------------------------------
Change password (using the default policy, this can be done as the user):
.. code-block:: bash
USER_ID=b7793000f8d84c79af4e215e9da78654
ORIG_PASS=userpwd
NEW_PASS=newuserpwd
curl \
-H "X-Auth-Token: $OS_TOKEN" \
-H "Content-Type: application/json" \
-d '{ "user": {"password": "'$NEW_PASS'", "original_password": "'$ORIG_PASS'"} }' \
Quotation marks should be included in http url using curl I think using qutation marks in http url is more regular, even though the current examples in the doc have no problem without qutation marks. The doc is a manual of api curl, a user is likely to refer to the manual and curl an another api which not in the doc. For example: curl -s \ -H "X-Auth-Token:$OS_TOKEN" \ http://loaclhost:5000/v3/role_assignments?user.id=$USER_ID&scope.project.id=$PROJECT_ID response: [1] 22894 -bash: scope.project.id=4f91eb36955543c9826b705bc5a90c59:command not found ... The url has special characters such as '&', which can not be handled correctly. Using double quotation marks in http url will be ok, like this: "http://loaclhost:5000/v3/role_assignments?user.id&scope.project.id" Change-Id: Id8f4c3cc64d298975ad81f8fc08abbec920a1e09
2017-04-21 14:41:49 +08:00
"http://localhost:5000/v3/users/$USER_ID/password"
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
.. note::
This command doesn't print anything if the request was successful.
PATCH /v3/users/{user_id}
-------------------------
Reset password (using the default policy, this requires admin):
.. code-block:: bash
USER_ID=b7793000f8d84c79af4e215e9da78654
NEW_PASS=newuserpwd
curl -s -X PATCH \
-H "X-Auth-Token: $OS_TOKEN" \
-H "Content-Type: application/json" \
-d '{ "user": {"password": "'$NEW_PASS'"} }' \
Quotation marks should be included in http url using curl I think using qutation marks in http url is more regular, even though the current examples in the doc have no problem without qutation marks. The doc is a manual of api curl, a user is likely to refer to the manual and curl an another api which not in the doc. For example: curl -s \ -H "X-Auth-Token:$OS_TOKEN" \ http://loaclhost:5000/v3/role_assignments?user.id=$USER_ID&scope.project.id=$PROJECT_ID response: [1] 22894 -bash: scope.project.id=4f91eb36955543c9826b705bc5a90c59:command not found ... The url has special characters such as '&', which can not be handled correctly. Using double quotation marks in http url will be ok, like this: "http://loaclhost:5000/v3/role_assignments?user.id&scope.project.id" Change-Id: Id8f4c3cc64d298975ad81f8fc08abbec920a1e09
2017-04-21 14:41:49 +08:00
"http://localhost:5000/v3/users/$USER_ID" | python -mjson.tool
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Example response:
.. code-block:: javascript
{
"user": {
"default_project_id": "3d4c2c82bd5948f0bcab0cf3a7c9b48c",
"domain_id": "default",
"email": "demo@example.com",
"enabled": true,
"extra": {
"email": "demo@example.com"
},
"id": "269348fdd9374b8885da1418e0730af1",
"links": {
"self": "http://localhost:5000/v3/users/269348fdd9374b8885da1418e0730af1"
},
"name": "demo"
}
}
PUT /v3/projects/{project_id}/groups/{group_id}/roles/{role_id}
===============================================================
Create group role assignment on project:
.. code-block:: bash
curl -s -X PUT \
-H "X-Auth-Token: $OS_TOKEN" \
Quotation marks should be included in http url using curl I think using qutation marks in http url is more regular, even though the current examples in the doc have no problem without qutation marks. The doc is a manual of api curl, a user is likely to refer to the manual and curl an another api which not in the doc. For example: curl -s \ -H "X-Auth-Token:$OS_TOKEN" \ http://loaclhost:5000/v3/role_assignments?user.id=$USER_ID&scope.project.id=$PROJECT_ID response: [1] 22894 -bash: scope.project.id=4f91eb36955543c9826b705bc5a90c59:command not found ... The url has special characters such as '&', which can not be handled correctly. Using double quotation marks in http url will be ok, like this: "http://loaclhost:5000/v3/role_assignments?user.id&scope.project.id" Change-Id: Id8f4c3cc64d298975ad81f8fc08abbec920a1e09
2017-04-21 14:41:49 +08:00
"http://localhost:5000/v3/projects/$PROJECT_ID/groups/$GROUP_ID/roles/$ROLE_ID" |
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
python -mjson.tool
There's no data in the response if the operation is successful.
POST /v3/OS-TRUST/trusts
========================
Create a trust:
.. code-block:: bash
curl -s \
-H "X-Auth-Token: $OS_TOKEN" \
-H "Content-Type: application/json" \
-d '
{ "trust": {
"expires_at": "2014-12-30T23:59:59.999999Z",
"impersonation": false,
"project_id": "'$PROJECT_ID'",
"roles": [
{ "name": "admin" }
],
"trustee_user_id": "'$DEMO_USER_ID'",
"trustor_user_id": "'$ADMIN_USER_ID'"
}}'\
Quotation marks should be included in http url using curl I think using qutation marks in http url is more regular, even though the current examples in the doc have no problem without qutation marks. The doc is a manual of api curl, a user is likely to refer to the manual and curl an another api which not in the doc. For example: curl -s \ -H "X-Auth-Token:$OS_TOKEN" \ http://loaclhost:5000/v3/role_assignments?user.id=$USER_ID&scope.project.id=$PROJECT_ID response: [1] 22894 -bash: scope.project.id=4f91eb36955543c9826b705bc5a90c59:command not found ... The url has special characters such as '&', which can not be handled correctly. Using double quotation marks in http url will be ok, like this: "http://loaclhost:5000/v3/role_assignments?user.id&scope.project.id" Change-Id: Id8f4c3cc64d298975ad81f8fc08abbec920a1e09
2017-04-21 14:41:49 +08:00
"http://localhost:5000/v3/OS-TRUST/trusts" | python -mjson.tool
Add v3 curl examples There were curl examples for v2 APIs, but none for V3. This change adds some that I've found handy. Also, added an example of getting the revocation list using the v2 API. This is handy for checking token revocations. Partial-Bug: #1283943 Change-Id: I228dc479b29db730873ba95207e4ace85c20e1fe
2014-05-30 17:43:34 -05:00
Example response:
.. code-block:: javascript
{
"trust": {
"expires_at": "2014-12-30T23:59:59.999999Z",
"id": "394998fa61f14736b1f0c1f322882949",
"impersonation": false,
"links": {
"self": "http://localhost:5000/v3/OS-TRUST/trusts/394998fa61f14736b1f0c1f322882949"
},
"project_id": "3d4c2c82bd5948f0bcab0cf3a7c9b48c",
"remaining_uses": null,
"roles": [
{
"id": "c703057be878458588961ce9a0ce686b",
"links": {
"self": "http://localhost:5000/v3/roles/c703057be878458588961ce9a0ce686b"
},
"name": "admin"
}
],
"roles_links": {
"next": null,
"previous": null,
"self": "http://localhost:5000/v3/OS-TRUST/trusts/394998fa61f14736b1f0c1f322882949/roles"
},
"trustee_user_id": "269348fdd9374b8885da1418e0730af1",
"trustor_user_id": "3ec3164f750146be97f21559ee4d9c51"
}
}
Copy Permalink