Browse Source

api-ref: Correcting V3 Authentication APIs

http://developer.openstack.org/api-ref/identity/v3/index.html#authentication-and-token-management

Change-Id: I17a3a974c36c0992c681100833f0443963edbf69
Partial-Bug: #1610777
changes/91/352291/5
Anh Tran 5 years ago
parent
commit
b3c838153f
  1. 68
      api-ref/source/v3/authenticate-v3.inc
  2. 142
      api-ref/source/v3/parameters.yaml

68
api-ref/source/v3/authenticate-v3.inc

@ -104,15 +104,15 @@ Request
.. rest_parameters:: parameters.yaml
- nocatalog: nocatalog
- domain: domain
- name: name
- name: user_name
- auth: auth
- user: user
- password: password
- id: id
- id: user_id
- identity: identity
- methods: methods
- nocatalog: nocatalog
- methods: auth_methods_passwd
Request Example
---------------
@ -127,15 +127,15 @@ Response Parameters
- X-Subject-Token: X-Subject-Token
- domain: domain
- methods: methods
- methods: auth_methods_passwd
- expires_at: expires_at
- token: token
- extras: extras
- user: user
- audit_ids: audit_ids
- issued_at: issued_at
- id: id
- name: name
- id: user_id
- name: user_name
Password authentication with scoped authorization
@ -157,15 +157,15 @@ Request
.. rest_parameters:: parameters.yaml
- name: name
- nocatalog: nocatalog
- name: user_name
- auth: auth
- user: user
- scope: scope
- password: password
- id: id
- id: user_id
- identity: identity
- methods: methods
- nocatalog: nocatalog
- methods: auth_methods_passwd
Request Example
---------------
@ -181,7 +181,7 @@ Response Parameters
- X-Subject-Token: X-Subject-Token
- domain: domain
- region_id: region_id
- methods: methods
- methods: auth_methods_passwd
- roles: roles
- url: endpoint_url
- region: endpoint_region
@ -195,9 +195,9 @@ Response Parameters
- audit_ids: audit_ids
- interface: endpoint_interface
- endpoints: endpoints
- type: type
- id: id
- name: name
- type: endpoint_type
- id: user_id
- name: user_name
Password authentication with explicit unscoped authorization
@ -219,15 +219,15 @@ Request
.. rest_parameters:: parameters.yaml
- name: name
- nocatalog: nocatalog
- name: user_name
- auth: auth
- user: user
- scope: scope
- password: password
- id: id
- id: user_id
- identity: identity
- methods: methods
- nocatalog: nocatalog
- methods: auth_methods_passwd
Request Example
---------------
@ -242,7 +242,7 @@ Response Parameters
- X-Subject-Token: X-Subject-Token
- domain: domain
- methods: methods
- methods: auth_methods_passwd
- roles: roles
- expires_at: expires_at
- token: token
@ -250,8 +250,8 @@ Response Parameters
- user: user
- audit_ids: audit_ids
- issued_at: issued_at
- id: id
- name: name
- id: user_id
- name: user_name
Token authentication with unscoped authorization
@ -271,12 +271,12 @@ Request
.. rest_parameters:: parameters.yaml
- nocatalog: nocatalog
- identity: identity
- token: token
- id: id
- token: auth_token
- id: auth_token_id
- auth: auth
- methods: methods
- nocatalog: nocatalog
- methods: auth_methods_token
Request Example
---------------
@ -311,14 +311,14 @@ Request
.. rest_parameters:: parameters.yaml
- methods: methods
- nocatalog: nocatalog
- methods: auth_methods_token
- auth: auth
- token: token
- token: auth_token
- audit_ids: audit_ids
- scope: scope
- id: id
- id: auth_token_id
- identity: identity
- nocatalog: nocatalog
Request Example
---------------
@ -367,8 +367,8 @@ Response Parameters
- X-Subject-Token: X-Subject-Token
- X-Auth-Token: X-Auth-Token
- domain: domain
- methods: methods
- links: links
- methods: auth_methods
- links: domain_link_response_body
- user: user
- token: token
- expires_at: expires_at
@ -378,8 +378,8 @@ Response Parameters
- roles: roles
- audit_ids: audit_ids
- issued_at: issued_at
- id: id
- name: name
- id: user_id
- name: user_name
Response Example
----------------

142
api-ref/source/v3/parameters.yaml

@ -116,12 +116,6 @@ service_id_path:
in: path
required: false
type: string
user_id:
description: |
The user ID.
in: path
required: true
type: string
user_id_path:
description: |
The user ID.
@ -402,6 +396,58 @@ auth:
in: body
required: true
type: object
auth_domain_id:
description: |
The ID of the domain. If you specify a user
name, you must specify either a domain ID or domain name.
in: body
required: false
type: string
auth_methods:
description: |
The authentication method, which is ``password``,
``token``, or both methods. Indicates the accumulated set of
authentication methods that were used to obtain the token. For
example, if the token was obtained by password authentication, it
contains ``password``. Later, if the token is exchanged by using
the token authentication method one or more times, the
subsequently created tokens contain both ``password`` and
``token`` in their ``methods`` attribute. Unlike multi-factor
authentication, the ``methods`` attribute merely indicates the
methods that were used to authenticate the user in exchange for a
token. The client is responsible for determining the total number
of authentication factors.
in: body
required: true
type: array
auth_methods_passwd:
description: |
The authentication method. For password
authentication, specify ``password``.
in: body
required: true
type: array
auth_methods_token:
description: |
The authentication method. For token
authentication, specify ``token``.
in: body
required: true
type: array
auth_token:
description: |
A ``token`` object. The token authentication
method is used. This method is typically used in combination with
a request to change authorization scope.
in: body
required: true
type: object
auth_token_id:
description: |
A token ID.
in: body
required: true
type: string
blob:
description: |
The credential itself, as a serialized blob.
@ -865,6 +911,12 @@ endpoint_region:
in: body
required: true
type: string
endpoint_type:
description: |
The endpoint type.
in: body
required: true
type: string
endpoint_url:
description: |
The endpoint URL.
@ -985,15 +1037,7 @@ groups:
type: array
id:
description: |
The ID of the user. Required if you do not
specify the user name.
in: body
required: false
type: string
id_1:
description: |
The ID of the domain. If you specify a user
name, you must specify either a domain ID or domain name.
[WIP]
in: body
required: false
type: string
@ -1197,45 +1241,6 @@ links_user:
in: body
required: true
type: object
methods:
description: |
The authentication method. For password
authentication, specify ``password``.
in: body
required: true
type: array
methods_1:
description: |
The authentication method. For token
authentication, specify ``token``.
in: body
required: true
type: array
methods_2:
description: |
The authentication method, which is ``password``,
``token``, or both methods. Indicates the accumulated set of
authentication methods that were used to obtain the token. For
example, if the token was obtained by password authentication, it
contains ``password``. Later, if the token is exchanged by using
the token authentication method one or more times, the
subsequently created tokens contain both ``password`` and
``token`` in their ``methods`` attribute. Unlike multi-factor
authentication, the ``methods`` attribute merely indicates the
methods that were used to authenticate the user in exchange for a
token. The client is responsible for determining the total number
of authentication factors.
in: body
required: true
type: array
name:
description: |
The user name. Required if you do not specify
the ID of the user. If you specify the user name, you must also
specify the domain, by ID or name.
in: body
required: false
type: string
name_1:
description: |
The name of the domain. If you specify a user
@ -1335,10 +1340,10 @@ parent_region_id_response_body:
type: string
password:
description: |
The user password.
The ``password`` object, contains the authentication information.
in: body
required: true
type: string
type: object
password_expires_at:
description: |
The date and time when the password expires. The time zone
@ -1682,17 +1687,9 @@ token:
in: body
required: true
type: object
token_1:
description: |
A ``token`` object. The token authentication
method is used. This method is typically used in combination with
a request to change authorization scope.
in: body
required: true
type: object
type:
description: |
The endpoint type.
[WIP]
in: body
required: true
type: string
@ -1745,6 +1742,13 @@ user_domain_id_update_body:
in: body
required: false
type: string
user_id:
description: |
The ID of the user. Required if you do not
specify the user name.
in: body
required: false
type: string
user_id_1:
description: |
The ID of the user who owns the credential.
@ -1769,6 +1773,14 @@ user_id_5:
in: body
required: false
type: string
user_name:
description: |
The user name. Required if you do not specify
the ID of the user. If you specify the user name, you must also
specify the domain, by ID or name.
in: body
required: false
type: string
user_name_create_request_body:
description: |
The user name. Must be unique within the owning domain.

Loading…
Cancel
Save