f8ba5af130
* docs in doc/ rather than docs/ * write out changelog from git * freeze requirements file Change-Id: If28d5414f7b2747fd6835546c45e1acfac8a3563
12 KiB
Service API Examples Using Curl
The service API is defined to be a subset of the Admin API and, by default, runs on port 5000.
GET /
This call is identical to that documented for the Admin API, except that it uses port 5000, instead of port 35357, by default:
$ curl http://0.0.0.0:5000or:
$ curl http://0.0.0.0:5000/v2.0/See the Admin API Examples Using Curl for more info.
GET /extensions
This call is identical to that documented for the Admin API.
POST /tokens
This call is identical to that documented for the Admin API.
GET /tenants
List all of the tenants your token can access:
$ curl -H "X-Auth-Token:887665443383838" http://localhost:5000/v2.0/tenantsReturns:
{
"tenants_links": [],
"tenants": [
{
"enabled": true,
"description": "None",
"name": "customer-x",
"id": "1"
}
]
}Admin API Examples Using Curl
These examples assume a default port value of 35357, and depend on
the sampledata bundled with keystone.
GET /
Disover API version information, links to documentation (PDF, HTML, WADL), and supported media types:
$ curl http://0.0.0.0:35357or:
$ curl http://0.0.0.0:35357/v2.0/Returns:
{
"version":{
"id":"v2.0",
"status":"beta",
"updated":"2011-11-19T00:00:00Z",
"links":[
{
"rel":"self",
"href":"http://127.0.0.1:35357/v2.0/"
},
{
"rel":"describedby",
"type":"text/html",
"href":"http://docs.openstack.org/api/openstack-identity-service/2.0/content/"
},
{
"rel":"describedby",
"type":"application/pdf",
"href":"http://docs.openstack.org/api/openstack-identity-service/2.0/identity-dev-guide-2.0.pdf"
},
{
"rel":"describedby",
"type":"application/vnd.sun.wadl+xml",
"href":"http://127.0.0.1:35357/v2.0/identity-admin.wadl"
}
],
"media-types":[
{
"base":"application/xml",
"type":"application/vnd.openstack.identity-v2.0+xml"
},
{
"base":"application/json",
"type":"application/vnd.openstack.identity-v2.0+json"
}
]
}
}GET /extensions
Discover the API extensions enabled at the endpoint:
$ curl http://0.0.0.0:35357/extensionsReturns:
{
"extensions":{
"values":[]
}
}POST /tokens
Authenticate by exchanging credentials for an access token:
$ curl -d '{"auth":{"passwordCredentials":{"username": "joeuser", "password": "secrete"}}}' -H "Content-type: application/json" http://localhost:35357/v2.0/tokensReturns:
{
"access":{
"token":{
"expires":"2012-02-05T00:00:00",
"id":"887665443383838",
"tenant":{
"id":"1",
"name":"customer-x"
}
},
"serviceCatalog":[
{
"endpoints":[
{
"adminURL":"http://swift.admin-nets.local:8080/",
"region":"RegionOne",
"internalURL":"http://127.0.0.1:8080/v1/AUTH_1",
"publicURL":"http://swift.publicinternets.com/v1/AUTH_1"
}
],
"type":"object-store",
"name":"swift"
},
{
"endpoints":[
{
"adminURL":"http://cdn.admin-nets.local/v1.1/1",
"region":"RegionOne",
"internalURL":"http://127.0.0.1:7777/v1.1/1",
"publicURL":"http://cdn.publicinternets.com/v1.1/1"
}
],
"type":"object-store",
"name":"cdn"
}
],
"user":{
"id":"1",
"roles":[
{
"tenantId":"1",
"id":"3",
"name":"Member"
}
],
"name":"joeuser"
}
}
}Note
Take note of the value ['access']['token']['id'] value produced here
(887665443383838, above), as you can use it in the calls
below.
GET /tokens/{token_id}
Note
This call refers to a token known to be valid,
887665443383838 in this case.
Validate a token:
$ curl -H "X-Auth-Token:999888777666" http://localhost:35357/v2.0/tokens/887665443383838If the token is valid, returns:
{
"access":{
"token":{
"expires":"2012-02-05T00:00:00",
"id":"887665443383838",
"tenant":{
"id":"1",
"name":"customer-x"
}
},
"user":{
"name":"joeuser",
"tenantName":"customer-x",
"id":"1",
"roles":[
{
"serviceId":"1",
"id":"3",
"name":"Member"
}
],
"tenantId":"1"
}
}
}HEAD /tokens/{token_id}
This is a high-performance variant of the GET call documented above, which by definition, returns no response body:
$ curl -I -H "X-Auth-Token:999888777666" http://localhost:35357/v2.0/tokens/887665443383838... which returns 200, indicating the token is
valid:
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: None
Date: Tue, 08 Nov 2011 23:07:44 GMTGET /tokens/{token_id}/endpoints
List all endpoints for a token:
$ curl -H "X-Auth-Token:999888777666" http://localhost:35357/v2.0/tokens/887665443383838/endpointsReturns:
{
"endpoints_links": [
{
"href": "http://127.0.0.1:35357/tokens/887665443383838/endpoints?'marker=5&limit=10'",
"rel": "next"
}
],
"endpoints": [
{
"internalURL": "http://127.0.0.1:8080/v1/AUTH_1",
"name": "swift",
"adminURL": "http://swift.admin-nets.local:8080/",
"region": "RegionOne",
"tenantId": 1,
"type": "object-store",
"id": 1,
"publicURL": "http://swift.publicinternets.com/v1/AUTH_1"
},
{
"internalURL": "http://localhost:8774/v1.0",
"name": "nova_compat",
"adminURL": "http://127.0.0.1:8774/v1.0",
"region": "RegionOne",
"tenantId": 1,
"type": "compute",
"id": 2,
"publicURL": "http://nova.publicinternets.com/v1.0/"
},
{
"internalURL": "http://localhost:8774/v1.1",
"name": "nova",
"adminURL": "http://127.0.0.1:8774/v1.1",
"region": "RegionOne",
"tenantId": 1,
"type": "compute",
"id": 3,
"publicURL": "http://nova.publicinternets.com/v1.1/
},
{
"internalURL": "http://127.0.0.1:9292/v1.1/",
"name": "glance",
"adminURL": "http://nova.admin-nets.local/v1.1/",
"region": "RegionOne",
"tenantId": 1,
"type": "image",
"id": 4,
"publicURL": "http://glance.publicinternets.com/v1.1/"
},
{
"internalURL": "http://127.0.0.1:7777/v1.1/1",
"name": "cdn",
"adminURL": "http://cdn.admin-nets.local/v1.1/1",
"region": "RegionOne",
"tenantId": 1,
"versionId": "1.1",
"versionList": "http://127.0.0.1:7777/",
"versionInfo": "http://127.0.0.1:7777/v1.1",
"type": "object-store",
"id": 5,
"publicURL": "http://cdn.publicinternets.com/v1.1/1"
}
]
}GET /tenants
List all of the tenants in the system (requires an Admin
X-Auth-Token):
$ curl -H "X-Auth-Token:999888777666" http://localhost:35357/v2.0/tenantsReturns:
{
"tenants_links": [],
"tenants": [
{
"enabled": false,
"description": "None",
"name": "project-y",
"id": "3"
},
{
"enabled": true,
"description": "None",
"name": "ANOTHER:TENANT",
"id": "2"
},
{
"enabled": true,
"description": "None",
"name": "customer-x",
"id": "1"
}
]
}GET /tenants/{tenant_id}
Retrieve information about a tenant, by tenant ID:
$ curl -H "X-Auth-Token:999888777666" http://localhost:35357/v2.0/tenants/1Returns:
{
"tenant":{
"enabled":true,
"description":"None",
"name":"customer-x",
"id":"1"
}
}GET /tenants/{tenant_id}/users/{user_id}/roles
List the roles a user has been granted on a tenant:
$ curl -H "X-Auth-Token:999888777666" http://localhost:35357/v2.0/tenants/1/users/1/rolesReturns:
{
"roles_links":[],
"roles":[
{
"id":"3",
"name":"Member"
}
]
}GET /users/{user_id}
Retrieve information about a user, by user ID:
$ curl -H "X-Auth-Token:999888777666" http://localhost:35357/v2.0/users/1Returns:
{
"user":{
"tenantId":"1",
"enabled":true,
"id":"1",
"name":"joeuser"
}
}GET /users/{user_id}/roles
Retrieve the roles granted to a user, given a user ID:
$ curl -H "X-Auth-Token:999888777666" http://localhost:35357/v2.0/users/4/rolesReturns:
{
"roles_links":[],
"roles":[
{
"id":"2",
"name":"KeystoneServiceAdmin"
}
]
}