Update api-ref for federated objects in user
Also includes a release note. Change-Id: I72a5d461488b50f20b59d1288016514a2b8f71e5 Closes-Bug: 1816076
This commit is contained in:
parent
b3d3735138
commit
d23965aaf1
|
@ -33,6 +33,7 @@ What's New in Version 3.14 (Ussuri)
|
||||||
- New attribute ``authorization_ttl`` for identity providers
|
- New attribute ``authorization_ttl`` for identity providers
|
||||||
- New attribute ``membership_expires_at`` when listing groups for a user
|
- New attribute ``membership_expires_at`` when listing groups for a user
|
||||||
- Ability to persist group memberships carried through mapping for a federated user
|
- Ability to persist group memberships carried through mapping for a federated user
|
||||||
|
- Added the ability to create, update and delete federated attributes for a user
|
||||||
|
|
||||||
==================================
|
==================================
|
||||||
What's New in Version 3.13 (Train)
|
What's New in Version 3.13 (Train)
|
||||||
|
|
|
@ -1021,6 +1021,42 @@ extra_request_body:
|
||||||
in: body
|
in: body
|
||||||
required: false
|
required: false
|
||||||
type: string
|
type: string
|
||||||
|
federated_in_request_body:
|
||||||
|
description: |
|
||||||
|
List of federated objects associated with a user. Each object in the list
|
||||||
|
contains the ``idp_id`` and ``protocols``. ``protocols`` is a list of
|
||||||
|
objects, each of which contains ``protocol_id`` and ``unique_id`` of
|
||||||
|
the protocol and user respectively. For example::
|
||||||
|
|
||||||
|
"federated": [
|
||||||
|
{
|
||||||
|
"idp_id": "efbab5a6acad4d108fec6c63d9609d83",
|
||||||
|
"protocols": [
|
||||||
|
{"protocol_id": mapped, "unique_id": "test@example.com"}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
in: body
|
||||||
|
required: false
|
||||||
|
type: list
|
||||||
|
federated_in_response_body:
|
||||||
|
description: |
|
||||||
|
List of federated objects associated with a user. Each object in the list
|
||||||
|
contains the ``idp_id`` and ``protocols``. ``protocols`` is a list of
|
||||||
|
objects, each of which contains ``protocol_id`` and ``unique_id`` of
|
||||||
|
the protocol and user respectively. For example::
|
||||||
|
|
||||||
|
"federated": [
|
||||||
|
{
|
||||||
|
"idp_id": "efbab5a6acad4d108fec6c63d9609d83",
|
||||||
|
"protocols": [
|
||||||
|
{"protocol_id": "mapped", "unique_id": "test@example.com"}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
in: body
|
||||||
|
required: false
|
||||||
|
type: list
|
||||||
group:
|
group:
|
||||||
description: |
|
description: |
|
||||||
A ``group`` object
|
A ``group`` object
|
||||||
|
|
|
@ -3,6 +3,17 @@
|
||||||
"default_project_id": "263fd9",
|
"default_project_id": "263fd9",
|
||||||
"domain_id": "1789d1",
|
"domain_id": "1789d1",
|
||||||
"enabled": true,
|
"enabled": true,
|
||||||
|
"federated": [
|
||||||
|
{
|
||||||
|
"idp_id": "efbab5a6acad4d108fec6c63d9609d83",
|
||||||
|
"protocols": [
|
||||||
|
{
|
||||||
|
"protocol_id": "mapped",
|
||||||
|
"unique_id": "test@example.com"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
"name": "James Doe",
|
"name": "James Doe",
|
||||||
"password": "secretsecret",
|
"password": "secretsecret",
|
||||||
"description": "James Doe user",
|
"description": "James Doe user",
|
||||||
|
|
|
@ -5,6 +5,17 @@
|
||||||
"domain_id": "1789d1",
|
"domain_id": "1789d1",
|
||||||
"email": "jdoe@example.com",
|
"email": "jdoe@example.com",
|
||||||
"enabled": true,
|
"enabled": true,
|
||||||
|
"federated": [
|
||||||
|
{
|
||||||
|
"idp_id": "efbab5a6acad4d108fec6c63d9609d83",
|
||||||
|
"protocols": [
|
||||||
|
{
|
||||||
|
"protocol_id": "mapped",
|
||||||
|
"unique_id": "test@example.com"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
"id": "ff4e51",
|
"id": "ff4e51",
|
||||||
"links": {
|
"links": {
|
||||||
"self": "https://example.com/identity/v3/users/ff4e51"
|
"self": "https://example.com/identity/v3/users/ff4e51"
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
"default_project_id": "263fd9",
|
"default_project_id": "263fd9",
|
||||||
"domain_id": "1789d1",
|
"domain_id": "1789d1",
|
||||||
"enabled": true,
|
"enabled": true,
|
||||||
|
"federated": [],
|
||||||
"id": "9fe1d3",
|
"id": "9fe1d3",
|
||||||
"links": {
|
"links": {
|
||||||
"self": "https://example.com/identity/v3/users/9fe1d3"
|
"self": "https://example.com/identity/v3/users/9fe1d3"
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
"default_project_id": "263fd9",
|
"default_project_id": "263fd9",
|
||||||
"domain_id": "1789d1",
|
"domain_id": "1789d1",
|
||||||
"enabled": true,
|
"enabled": true,
|
||||||
|
"federated": [],
|
||||||
"id": "ff4e51",
|
"id": "ff4e51",
|
||||||
"links": {
|
"links": {
|
||||||
"self": "https://example.com/identity/v3/users/ff4e51"
|
"self": "https://example.com/identity/v3/users/ff4e51"
|
||||||
|
|
|
@ -100,6 +100,7 @@ Parameters
|
||||||
- user: user_object
|
- user: user_object
|
||||||
- default_project_id: default_project_id_request_body
|
- default_project_id: default_project_id_request_body
|
||||||
- domain_id: user_domain_id_request_body
|
- domain_id: user_domain_id_request_body
|
||||||
|
- federated: federated_in_request_body
|
||||||
- enabled: enabled_user_request_body
|
- enabled: enabled_user_request_body
|
||||||
- name: user_name_create_request_body
|
- name: user_name_create_request_body
|
||||||
- password: password_request_body
|
- password: password_request_body
|
||||||
|
@ -124,6 +125,7 @@ Parameters
|
||||||
- default_project_id: default_project_id_response_body
|
- default_project_id: default_project_id_response_body
|
||||||
- domain_id: domain_id_response_body
|
- domain_id: domain_id_response_body
|
||||||
- enabled: enabled_user_response_body
|
- enabled: enabled_user_response_body
|
||||||
|
- federated: federated_in_response_body
|
||||||
- id: id_user_body
|
- id: id_user_body
|
||||||
- links: links_user
|
- links: links_user
|
||||||
- name: user_name_response_body
|
- name: user_name_response_body
|
||||||
|
@ -182,6 +184,7 @@ Parameters
|
||||||
- default_project_id: default_project_id_response_body
|
- default_project_id: default_project_id_response_body
|
||||||
- domain_id: domain_id_response_body
|
- domain_id: domain_id_response_body
|
||||||
- enabled: enabled_user_response_body
|
- enabled: enabled_user_response_body
|
||||||
|
- federated: federated_in_response_body
|
||||||
- id: id_user_body
|
- id: id_user_body
|
||||||
- links: links_user
|
- links: links_user
|
||||||
- name: user_name_response_body
|
- name: user_name_response_body
|
||||||
|
@ -233,6 +236,7 @@ Parameters
|
||||||
- default_project_id: default_project_id_update_body
|
- default_project_id: default_project_id_update_body
|
||||||
- domain_id: user_domain_id_update_body
|
- domain_id: user_domain_id_update_body
|
||||||
- enabled: enabled_user_update_body
|
- enabled: enabled_user_update_body
|
||||||
|
- federated: federated_in_request_body
|
||||||
- name: user_name_update_body
|
- name: user_name_update_body
|
||||||
- password: user_update_password_body
|
- password: user_update_password_body
|
||||||
- options: user_options_request_body
|
- options: user_options_request_body
|
||||||
|
@ -255,6 +259,7 @@ Parameters
|
||||||
- default_project_id: default_project_id_response_body
|
- default_project_id: default_project_id_response_body
|
||||||
- domain_id: domain_id_response_body
|
- domain_id: domain_id_response_body
|
||||||
- enabled: enabled_user_response_body
|
- enabled: enabled_user_response_body
|
||||||
|
- federated: federated_in_response_body
|
||||||
- id: id_user_body
|
- id: id_user_body
|
||||||
- links: links_user
|
- links: links_user
|
||||||
- name: user_name_response_body
|
- name: user_name_response_body
|
||||||
|
|
|
@ -0,0 +1,15 @@
|
||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
`GET /v3/users/{user_id}` now returns a federated object associated with
|
||||||
|
the user if any. `POST /v3/users` allows an operator to add a list of
|
||||||
|
federated objects to associate with the user. `PATCH /v3/users` allows the operator
|
||||||
|
to update a users associated federated objects.
|
||||||
|
|
||||||
|
upgrade:
|
||||||
|
- |
|
||||||
|
If you have a custom implementation for the shadow users backend, you will
|
||||||
|
need to implement the new methods:
|
||||||
|
``delete_federated_object``, ``create_federated_object``,
|
||||||
|
``get_federated_objects``. These methods are needed to support federated
|
||||||
|
attributes via the user API.
|
Loading…
Reference in New Issue