openstack
/
keystone
Code Issues Proposed changes
keystone/api-ref/source/v3-ext/parameters.yaml

410 lines
8.7 KiB
YAML
Raw Blame History

# variables in header
# variables in path
access_token_id:
description: |
The UUID of the access token.
in: path
required: false
type: string
consumer_id:
description: |
The UUID of the consumer.
in: path
required: false
type: string
domain_id:
description: |
The UUID of the domain.
in: path
required: false
type: string
endpoint_id:
description: |
The endpoint ID.
in: path
required: false
type: string
group_id:
description: |
The UUID of the group.
in: path
required: false
type: string
name:
description: |
The name of the group.
in: path
required: false
type: string
policy_id:
description: |
The policy ID.
in: path
required: false
type: string
project_id:
description: |
The UUID of the project.
in: path
required: false
type: string
region_id:
description: |
The region ID.
in: path
required: false
type: string
role_id:
description: |
The UUID of the role.
in: path
required: false
type: string
service_id:
description: |
The service ID.
in: path
required: false
type: string
user_id:
description: |
The UUID of the user.
in: path
required: false
type: string
# variables in query
since:
description: |
A timestamp used to limit the list of results to events
that occurred on or after the specified time.
(RFC 1123 format date time)
in: query
required: false
type: string
# variables in body
blob:
description: |
The policy rule itself, as a serialized blob.
in: body
required: true
type: object
consumer_id:
description: |
The ID of the consumer.
in: path
required: false
type: string
description:
description: |
The consumer description.
in: body
required: false
type: string
endpoints:
description: |
An ``endpoints`` object.
in: body
required: true
type: array
id:
description: |
The ID of the trust.
in: body
required: true
type: string
id_1:
description: |
The endpoint UUID.
in: body
required: true
type: string
id_2:
description: |
The ID of the policy.
in: body
required: true
type: string
impersonation:
description: |
The impersonation flag. Default is false.
in: body
required: false
type: boolean
interface:
description: |
The interface type, which describes the
visibility of the endpoint. Value is: - ``public``. Visible by
end users on a publicly available network interface. -
``internal``. Visible by end users on an unmetered internal
network interface. - ``admin``. Visible by administrative users
on a secure network interface.
in: body
required: true
type: string
links:
description: |
Trust links.
in: body
required: true
type: object
links_1:
description: |
The links for the ``endpoints`` resource.
in: body
required: true
type: object
links_2:
description: |
The links for the ``policy`` resource.
in: body
required: true
type: object
name_1:
description: |
The role name.
in: body
required: true
type: string
name_2:
description: |
The name of the group.
in: body
required: true
type: string
next:
description: |
The ``next`` relative link for the ``endpoints``
resource.
in: body
required: true
type: string
oauth_expires_at:
description: |
The date and time when a request token expires.
The date and time stamp format is `ISO 8601
<https://en.wikipedia.org/wiki/ISO_8601>`_:
::
CCYY-MM-DDThh:mm:ss±hh:mm
The ``±hh:mm`` value, if included, is the time zone as an offset
from UTC.
For example, ``2015-08-27T09:49:58-05:00``.
If the Identity API does not include this attribute or its value is
``null``, the token never expires.
in: body
required: false
type: string
policy:
description: |
A ``policy`` object.
in: body
required: true
type: object
previous:
description: |
The ``previous`` relative link for the
``endpoints`` resource.
in: body
required: true
type: string
project_id_1:
description: |
The ID of the project.
in: body
required: true
type: string
region:
description: |
(Deprecated in v3.2) The geographic location of
the service endpoint.
in: body
required: true
type: string
remaining_uses:
description: |
Remaining uses flag. Default is null.
in: body
required: false
type: boolean
requested_project_id:
description: |
The ID of the requested project.
in: body
required: true
type: string
revoke_audit_chain_id:
description: |
Specifies a group of tokens based upon the ``audit_id`` of the
first token in the chain.
If a revocation event specifies the ``audit_chain_id`` any
token that is part of the token chain (based upon the original
token at the start of the chain) will be revoked, including
the original token at the start of the chain.
If an event is issued for ``audit_chain_id`` then the event cannot
contain an ``audit_id``.
in: body
required: true
type: string
revoke_audit_id:
description: |
Specifies the unique identifier (UUID) assigned to the token
itself.
This will revoke a single token only. This attribute mirrors
the use of the Token Revocation List (the mechanism used
prior to revocation events) but does not utilize data that
could convey authorization (the token id).
If an event is issued for ``audit_id`` then the event cannot
contain an ``audit_chain_id``.
in: body
required: true
type: string
revoke_consumer_id:
description: |
Revoke tokens issued to a specific OAuth consumer, as part
of the OS-OAUTH1 API extension.
in: body
required: true
type: string
revoke_domain_id:
description: |
Revoke tokens scoped to a particular domain.
in: body
required: true
type: string
revoke_events:
description: |
List of recovation events.
in: body
required: true
type: string
revoke_expires_at:
description: |
Specifies the exact expiration time of one or more tokens to
be revoked.
This attribute is useful for revoking chains of tokens, such
as those produced when re-scoping an existing token. When a
token is issued based on initial authentication, it is given
an expires_at value. When a token is used to get another
token, the new token will have the same expires_at value as
the original.
in: body
required: true
type: string
revoke_issued_before:
description: |
(string, ISO 8601 extended format date time with
microseconds).
Tokens issued before this time are considered revoked.
This attribute can be used to determine how long the
expiration event is valid. It can also be used in
queries to filter events, so that only a subset that
have occurred since the last request are returned.
in: body
required: true
type: string
revoke_project_id:
description: |
Revoke tokens scoped to a particular project.
in: body
required: true
type: string
revoke_role_id:
description: |
Revoke tokens issued with a specific role.
in: body
required: true
type: string
revoke_trust_id:
description: |
Revoke tokens issued as the result of a particular
trust, as part of the OS-TRUST API extension.
in: body
required: true
type: string
revoke_user_id:
description: |
Revoke tokens expressing the identity of a particular user.
in: body
required: true
type: string
roles:
description: |
A roles object.
in: body
required: true
type: array
roles_links:
description: |
A roles links object. Includes ``next``,
``previous``, and ``self`` links for roles.
in: body
required: true
type: object
self:
description: |
The ``self`` relative link for the ``endpoints``
resource.
in: body
required: true
type: string
service_id_1:
description: |
The UUID of the service to which the endpoint
belongs.
in: body
required: true
type: string
trust:
description: |
A trust object.
in: body
required: true
type: object
trustee_user_id:
description: |
The trustee user ID.
in: body
required: true
type: string
trustor_user_id:
description: |
The trustor user ID.
in: body
required: true
type: string
type:
description: |
The MIME media type of the serialized policy
blob. From the perspective of the Identity API, a policy blob can
be based on any technology. In OpenStack, the ``policy.json`` blob
(``type="application/json"``) is the conventional solution.
However, you might want to use an alternative policy engine that
uses a different policy language type. For example,
``type="application/xacml+xml"``.
in: body
required: true
type: string
url:
description: |
The endpoint URL.
in: body
required: true
type: string
View Git Blame Copy Permalink