11d6b32fd4
Docs at [1] have already been converted from WADL (SGML / XML) to RST using fairy-slipper [2]. This commit polish the results from the conversion and migrate the v2 admin docs to our repository under 'api-ref/source' directory. Missing parameters definitions were added. It also removes admin-extensions.inc as it did not contain any information. The operation of listing roles for user had it title renamed so there is not a duplicate label warning when running the api-ref job. The API examples were moved into '/v2-admin/samples'. Polishing the generated RST files include: - Removing unnecessary blank lines; - Removing empty references. Polishing the generated RST files do not include: - Modifying their content; - Modifying file names; - Wrapping lines at the maximum of 79 chars. Updating the documentation will be done after this migration step. [1] https://github.com/openstack/api-site/tree/master/api-ref/source/identity/v3 [2] https://github.com/russell/fairy-slipper Change-Id: I39d6c6197a939d77fc462c091051760d6b626d80
167 lines
3.5 KiB
ReStructuredText
167 lines
3.5 KiB
ReStructuredText
.. -*- rst -*-
|
|
|
|
======
|
|
Tokens
|
|
======
|
|
|
|
|
|
List endoints for token
|
|
=======================
|
|
|
|
.. rest_method:: GET /v2.0/tokens/{tokenId}/endpoints
|
|
|
|
Lists the endpoints associated with a token.
|
|
|
|
Normal response codes: 200
|
|
Error response codes:203,413,405,404,403,401,400,503,
|
|
|
|
Request
|
|
-------
|
|
|
|
.. rest_parameters:: parameters.yaml
|
|
|
|
- tokenId: tokenId
|
|
|
|
Response Example
|
|
----------------
|
|
|
|
.. literalinclude:: samples/admin/endpoints-list-response.json
|
|
:language: javascript
|
|
|
|
|
|
Authenticate for admin API
|
|
==========================
|
|
|
|
.. rest_method:: POST /v2.0/tokens
|
|
|
|
Authenticates and generates a token.
|
|
|
|
A REST interface provides client authentication by using the POST
|
|
method with ``v2.0/tokens`` as the path. Include a payload of
|
|
credentials in the body.
|
|
|
|
The Identity API is a RESTful web service. It is the entry point to
|
|
all service APIs. To access the Identity API, you must know its
|
|
URL.
|
|
|
|
Each REST request against the Identity Service requires the ``X
|
|
-Auth-Token`` header. Clients obtain this token and the URL
|
|
endpoints for other service APIs by supplying their valid
|
|
credentials to the authentication service.
|
|
|
|
If the authentication token has expired, this call returns the HTTP
|
|
``unauthorized (401)`` response code.
|
|
|
|
If the token has expired, this call returns the ``itemNotFound
|
|
(404)`` response code.
|
|
|
|
The Identity API treats expired tokens as no longer valid tokens.
|
|
|
|
The deployment determines how long expired tokens are stored.
|
|
|
|
To view the ``trust`` object, you need to set ``trust`` enable on
|
|
the keystone configuration.
|
|
|
|
Normal response codes: 200
|
|
Error response codes:203,413,405,404,403,401,400,503,
|
|
|
|
Request Example
|
|
---------------
|
|
|
|
.. literalinclude:: ../v2/samples/admin/authenticate-token-request.json
|
|
:language: javascript
|
|
|
|
Response Parameters
|
|
-------------------
|
|
|
|
.. rest_parameters:: parameters.yaml
|
|
|
|
- impersonation: impersonation
|
|
- endpoints_links: endpoints_links
|
|
- serviceCatalog: serviceCatalog
|
|
- description: description
|
|
- type: type
|
|
- expires: expires
|
|
- enabled: enabled
|
|
- name: name
|
|
- access: access
|
|
- trustee_user_id: trustee_user_id
|
|
- token: token
|
|
- user: user
|
|
- issued_at: issued_at
|
|
- trustor_user_id: trustor_user_id
|
|
- endpoints: endpoints
|
|
- trust: trust
|
|
- id: id
|
|
- tenant: tenant
|
|
- metadata: metadata
|
|
|
|
Response Example
|
|
----------------
|
|
|
|
.. literalinclude:: ../v2/samples/admin/authenticate-response.json
|
|
:language: javascript
|
|
|
|
|
|
Validate token
|
|
==============
|
|
|
|
.. rest_method:: GET /v2.0/tokens/{tokenId}
|
|
|
|
Validates a token and confirms that it belongs to a tenant.
|
|
|
|
Returns the permissions relevant to a particular client. Valid
|
|
tokens are in the ``/tokens/{tokenId}`` path. If the token is not
|
|
valid, this call returns the ``itemNotFound (404)`` response code.
|
|
|
|
Normal response codes: 200
|
|
Error response codes:203,413,405,404,403,401,400,503,
|
|
|
|
Request
|
|
-------
|
|
|
|
.. rest_parameters:: parameters.yaml
|
|
|
|
- tokenId: tokenId
|
|
|
|
Response Example
|
|
----------------
|
|
|
|
.. literalinclude:: samples/admin/token-validate-response.json
|
|
:language: javascript
|
|
|
|
|
|
Validate token (admin)
|
|
======================
|
|
|
|
.. rest_method:: HEAD /v2.0/tokens/{tokenId}
|
|
|
|
Validates a token and confirms that it belongs to a tenant, for performance.
|
|
|
|
Normal response codes: 200
|
|
Error response codes:203,204,413,405,404,403,401,400,503,
|
|
|
|
Request
|
|
-------
|
|
|
|
.. rest_parameters:: parameters.yaml
|
|
|
|
- tokenId: tokenId
|
|
|
|
|
|
Delete token
|
|
============
|
|
|
|
.. rest_method:: DELETE /v2.0/tokens/{tokenId}
|
|
|
|
Deletes a token.
|
|
|
|
Error response codes:204,413,405,404,403,401,400,503,
|
|
|
|
Request
|
|
-------
|
|
|
|
.. rest_parameters:: parameters.yaml
|
|
|
|
- tokenId: tokenId
|