8cc91845fb
On doc/source/api_curl_examples.rst the GET /v3/endpoints example response section had http://localhost:35357/v2.0 but API v2 was removed so it was modified to http://localhost:5000/v3. Change-Id: Ic51c2d530296c9a92245b34b50fea5e82036d163
29 KiB
29 KiB
API Examples using Curl
v3 API Examples Using Curl
Note
Following are some API examples using curl. Note that these examples are not automatically generated. They can be outdated as things change and are subject to regular updates and changes.
GET /
Discover API version information, links to documentation (PDF, HTML, WADL), and supported media types:
Warning
The v2.0 portion of this response will be removed in the T release. It is only advertised here because the v2.0 API supports the ec2tokens API until the T release. All other functionality of the v2.0 has been removed as of the Queens release. Use v3 for all functionality as it is more complete and secure.
$ curl "http://localhost:5000"{
"versions": {
"values": [
{
"id": "v3.10",
"links": [
{
"href": "http://127.0.0.1:5000/v3/",
"rel": "self"
}
],
"media-types": [
{
"base": "application/json",
"type": "application/vnd.openstack.identity-v3+json"
}
],
"status": "stable",
"updated": "2018-02-28T00:00:00Z"
},
{
"id": "v2.0",
"links": [
{
"href": "http://127.0.0.1:5000/v2.0/",
"rel": "self"
},
{
"href": "https://docs.openstack.org/",
"rel": "describedby",
"type": "text/html"
}
],
"media-types": [
{
"base": "application/json",
"type": "application/vnd.openstack.identity-v2.0+json"
}
],
"status": "deprecated",
"updated": "2016-08-04T00:00:00Z"
}
]
}
}Tokens
Unscoped
Get an unscoped token:
curl -i \
-H "Content-Type: application/json" \
-d '
{ "auth": {
"identity": {
"methods": ["password"],
"password": {
"user": {
"name": "admin",
"domain": { "id": "default" },
"password": "adminpwd"
}
}
}
}
}' \
"http://localhost:5000/v3/auth/tokens" ; echoExample response:
HTTP/1.1 201 Created
X-Subject-Token: MIIFvgY...
Vary: X-Auth-Token
Content-Type: application/json
Content-Length: 312
Date: Fri, 11 May 2018 03:15:01 GMT
{
"token": {
"issued_at": "2018-05-11T03:15:01.000000Z",
"audit_ids": [
"0PKh_BDKTWqqaFONE-Sxbg"
],
"methods": [
"password"
],
"expires_at": "2018-05-11T04:15:01.000000Z",
"user": {
"password_expires_at": null,
"domain": {
"id": "default",
"name": "Default"
},
"id": "9a7e43333cc44ef4b988f05fc3d3a49d",
"name": "admin"
}
}
}Project-scoped
Get a project-scoped token:
curl -i \
-H "Content-Type: application/json" \
-d '
{ "auth": {
"identity": {
"methods": ["password"],
"password": {
"user": {
"name": "admin",
"domain": { "id": "default" },
"password": "adminpwd"
}
}
},
"scope": {
"project": {
"name": "admin",
"domain": { "id": "default" }
}
}
}
}' \
"http://localhost:5000/v3/auth/tokens" ; echoExample response:
HTTP/1.1 201 Created
X-Subject-Token: MIIFfQ...
Vary: X-Auth-Token
Content-Type: application/json
Content-Length: 3518
Date: Fri, 11 May 2018 03:38:39 GMT
{
"token": {
"is_domain": false,
"methods": [
"password"
],
"roles": [
{
"id": "b57680c826b44b5ca6122d0f792c3184",
"name": "Member"
},
{
"id": "3a7bd258345f47479a26aea11a6cc2bb",
"name": "admin"
}
],
"expires_at": "2018-05-11T04:38:39.000000Z",
"project": {
"domain": {
"id": "default",
"name": "Default"
},
"id": "3a705b9f56bb439381b43c4fe59dccce",
"name": "admin"
},
"catalog": [
{
"endpoints": [
{
"url": "http://localhost/identity",
"interface": "public",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "30a91932e4e94a8ca4dc145bb1bb6b4b"
},
{
"url": "http://localhost/identity",
"interface": "admin",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "94d4768735104c9091f0468e7d31c189"
}
],
"type": "identity",
"id": "09af9253500b41ef976a07322b2fa388",
"name": "keystone"
},
{
"endpoints": [
{
"url": "http://localhost/volume/v2/3a705b9f56bb439381b43c4fe59dccce",
"interface": "public",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "1c4ffe935e7643d99b55938cb12bc38d"
}
],
"type": "volumev2",
"id": "413a44234e1a4c3781d4a3c7a7e4c895",
"name": "cinderv2"
},
{
"endpoints": [
{
"url": "http://localhost/image",
"interface": "public",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "33237fdd1a744d0fb40f9127f21ddad4"
}
],
"type": "image",
"id": "4d473252145546d2aa589605f1e177c7",
"name": "glance"
},
{
"endpoints": [
{
"url": "http://localhost/placement",
"interface": "public",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "1a421e2f97684d3f86ab4d2cc9c86362"
}
],
"type": "placement",
"id": "5dcecbdd4a1d44d0855c560301b27bb5",
"name": "placement"
},
{
"endpoints": [
{
"url": "http://localhost/compute/v2.1",
"interface": "public",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "8e7ea663cc41477c9629cc710bbb1c7d"
}
],
"type": "compute",
"id": "87d49efa8fb64006bdb123d223ddcae2",
"name": "nova"
},
{
"endpoints": [
{
"url": "http://localhost/volume/v1/3a705b9f56bb439381b43c4fe59dccce",
"interface": "public",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "97a2c0ac7e304316a1eb58a3757e6ef8"
}
],
"type": "volume",
"id": "9408080f1970482aa0e38bc2d4ea34b7",
"name": "cinder"
},
{
"endpoints": [
{
"url": "http://localhost:8080/v1/AUTH_3a705b9f56bb439381b43c4fe59dccce",
"interface": "public",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "d0d823615b0747a9aeca8b83fba105f0"
},
{
"url": "http://localhost:8080",
"interface": "admin",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "e4cb86d9232349f091e0a02390deeb79"
}
],
"type": "object-store",
"id": "957ba1fe8b0443f0afe64bfd0858ba5e",
"name": "swift"
},
{
"endpoints": [
{
"url": "http://localhost:9696/",
"interface": "public",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "aa4a0e61cdc54372967ee9e2298f1d53"
}
],
"type": "network",
"id": "960fbc66bfcb4fa7900023f647fdc3a5",
"name": "neutron"
},
{
"endpoints": [
{
"url": "http://localhost/volume/v3/3a705b9f56bb439381b43c4fe59dccce",
"interface": "public",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "0c38045a91c34d798e0d2008fee7521d"
}
],
"type": "volumev3",
"id": "98adb083914f423d9cb74ad5527e37cb",
"name": "cinderv3"
},
{
"endpoints": [
{
"url": "http://localhost/compute/v2/3a705b9f56bb439381b43c4fe59dccce",
"interface": "public",
"region": "RegionOne",
"region_id": "RegionOne",
"id": "562e12b9ee9549e8b857218ccf2ae321"
}
],
"type": "compute_legacy",
"id": "a31e688016614430b28cddddf12d7b88",
"name": "nova_legacy"
}
],
"user": {
"password_expires_at": null,
"domain": {
"id": "default",
"name": "Default"
},
"id": "9a7e43333cc44ef4b988f05fc3d3a49d",
"name": "admin"
},
"audit_ids": [
"TbdrnW4MQDq_GPAVN9-JOQ"
],
"issued_at": "2018-05-11T03:38:39.000000Z"
}
}Domain-Scoped
Get a domain-scoped token (Note that you're going to need a role-assignment on the domain first!):
curl -i \
-H "Content-Type: application/json" \
-d '
{ "auth": {
"identity": {
"methods": ["password"],
"password": {
"user": {
"name": "admin",
"domain": { "id": "default" },
"password": "adminpwd"
}
}
},
"scope": {
"domain": {
"id": "default"
}
}
}
}' \
"http://localhost:5000/v3/auth/tokens" ; echoExample response:
HTTP/1.1 201 Created
X-Subject-Token: MIIFNg...
Vary: X-Auth-Token
Content-Type: application/json
Content-Length: 2590
Date: Fri, 11 May 2018 03:37:09 GMT
{
"token": {
"domain": {
"id": "default",
"name": "Default"
},
"methods": [
"password"
],
"roles": [
{
"id": "b57680c826b44b5ca6122d0f792c3184",
"name": "Member"
},
{
"id": "3a7bd258345f47479a26aea11a6cc2bb",
"name": "admin"
}
],
"expires_at": "2018-05-11T04:37:09.000000Z",
"catalog": [
{
"endpoints": [
{
"region_id": "RegionOne",
"url": "http://localhost/identity",
"region": "RegionOne",
"interface": "public",
"id": "30a91932e4e94a8ca4dc145bb1bb6b4b"
},
{
"region_id": "RegionOne",
"url": "http://localhost/identity",
"region": "RegionOne",
"interface": "admin",
"id": "94d4768735104c9091f0468e7d31c189"
}
],
"type": "identity",
"id": "09af9253500b41ef976a07322b2fa388",
"name": "keystone"
},
{
"endpoints": [],
"type": "volumev2",
"id": "413a44234e1a4c3781d4a3c7a7e4c895",
"name": "cinderv2"
},
{
"endpoints": [
{
"region_id": "RegionOne",
"url": "http://localhost/image",
"region": "RegionOne",
"interface": "public",
"id": "33237fdd1a744d0fb40f9127f21ddad4"
}
],
"type": "image",
"id": "4d473252145546d2aa589605f1e177c7",
"name": "glance"
},
{
"endpoints": [
{
"region_id": "RegionOne",
"url": "http://localhost/placement",
"region": "RegionOne",
"interface": "public",
"id": "1a421e2f97684d3f86ab4d2cc9c86362"
}
],
"type": "placement",
"id": "5dcecbdd4a1d44d0855c560301b27bb5",
"name": "placement"
},
{
"endpoints": [
{
"region_id": "RegionOne",
"url": "http://localhost/compute/v2.1",
"region": "RegionOne",
"interface": "public",
"id": "8e7ea663cc41477c9629cc710bbb1c7d"
}
],
"type": "compute",
"id": "87d49efa8fb64006bdb123d223ddcae2",
"name": "nova"
},
{
"endpoints": [],
"type": "volume",
"id": "9408080f1970482aa0e38bc2d4ea34b7",
"name": "cinder"
},
{
"endpoints": [
{
"region_id": "RegionOne",
"url": "http://localhost:8080",
"region": "RegionOne",
"interface": "admin",
"id": "e4cb86d9232349f091e0a02390deeb79"
}
],
"type": "object-store",
"id": "957ba1fe8b0443f0afe64bfd0858ba5e",
"name": "swift"
},
{
"endpoints": [
{
"region_id": "RegionOne",
"url": "http://localhost:9696/",
"region": "RegionOne",
"interface": "public",
"id": "aa4a0e61cdc54372967ee9e2298f1d53"
}
],
"type": "network",
"id": "960fbc66bfcb4fa7900023f647fdc3a5",
"name": "neutron"
},
{
"endpoints": [],
"type": "volumev3",
"id": "98adb083914f423d9cb74ad5527e37cb",
"name": "cinderv3"
},
{
"endpoints": [],
"type": "compute_legacy",
"id": "a31e688016614430b28cddddf12d7b88",
"name": "nova_legacy"
}
],
"user": {
"password_expires_at": null,
"domain": {
"id": "default",
"name": "Default"
},
"id": "9a7e43333cc44ef4b988f05fc3d3a49d",
"name": "admin"
},
"audit_ids": [
"Sfc8_kywQx-tWNkEVqA1Iw"
],
"issued_at": "2018-05-11T03:37:09.000000Z"
}
}Getting a token from a token
Get a token from a token:
curl -i \
-H "Content-Type: application/json" \
-d '
{ "auth": {
"identity": {
"methods": ["token"],
"token": {
"id": "'$OS_TOKEN'"
}
}
}
}' \
"http://localhost:5000/v3/auth/tokens" ; echoExample response:
HTTP/1.1 201 Created
X-Subject-Token: MIIFxw...
Vary: X-Auth-Token
Content-Type: application/json
Content-Length: 347
Date: Fri, 11 May 2018 03:41:29 GMT
{
"token": {
"issued_at": "2018-05-11T03:41:29.000000Z",
"audit_ids": [
"zS_C_KROTFeZm-VlG1LjbA",
"RAjE82q8Rz-Cd50ogCpx3Q"
],
"methods": [
"token",
"password"
],
"expires_at": "2018-05-11T04:40:00.000000Z",
"user": {
"password_expires_at": null,
"domain": {
"id": "default",
"name": "Default"
},
"id": "9a7e43333cc44ef4b988f05fc3d3a49d",
"name": "admin"
}
}
}Note
If a scope was included in the request body then this would get a token with the new scope.
DELETE /v3/auth/tokens
Revoke a token:
curl -i -X DELETE \
-H "X-Auth-Token: $OS_TOKEN" \
-H "X-Subject-Token: $OS_TOKEN" \
"http://localhost:5000/v3/auth/tokens"If there's no error then the response is empty.
Domains
GET /v3/domains
List domains:
curl -s \
-H "X-Auth-Token: $OS_TOKEN" \
"http://localhost:5000/v3/domains" | python -mjson.toolExample response:
{
"domains": [
{
"description": "Owns users and tenants (i.e. projects) available on Identity API v2.",
"enabled": true,
"id": "default",
"links": {
"self": "http://identity-server:5000/v3/domains/default"
},
"name": "Default"
}
],
"links": {
"next": null,
"previous": null,
"self": "http://identity-server:5000/v3/domains"
}
}POST /v3/domains
Create a domain:
curl -s \
-H "X-Auth-Token: $OS_TOKEN" \
-H "Content-Type: application/json" \
-d '{ "domain": { "name": "newdomain"}}' \
"http://localhost:5000/v3/domains" | python -mjson.toolExample response:
{
"domain": {
"enabled": true,
"id": "3a5140aecd974bf08041328b53a62458",
"links": {
"self": "http://identity-server:5000/v3/domains/3a5140aecd974bf08041328b53a62458"
},
"name": "newdomain"
}
}Projects
GET /v3/projects
List projects:
curl -s \
-H "X-Auth-Token: $OS_TOKEN" \
"http://localhost:5000/v3/projects" | python -mjson.toolExample response:
{
"links": {
"next": null,
"previous": null,
"self": "http://localhost:5000/v3/projects"
},
"projects": [
{
"description": null,
"domain_id": "default",
"enabled": true,
"id": "3d4c2c82bd5948f0bcab0cf3a7c9b48c",
"links": {
"self": "http://localhost:5000/v3/projects/3d4c2c82bd5948f0bcab0cf3a7c9b48c"
},
"name": "demo"
}
]
}PATCH /v3/projects/{id}
Disable a project:
curl -s -X PATCH \
-H "X-Auth-Token: $OS_TOKEN" \
-H "Content-Type: application/json" \
-d '
{
"project": {
"enabled": false
}
}'\
"http://localhost:5000/v3/projects/$PROJECT_ID" | python -mjson.toolExample response:
{
"project": {
"description": null,
"domain_id": "default",
"enabled": false,
"extra": {},
"id": "3d4c2c82bd5948f0bcab0cf3a7c9b48c",
"links": {
"self": "http://localhost:5000/v3/projects/3d4c2c82bd5948f0bcab0cf3a7c9b48c"
},
"name": "demo"
}
}GET /v3/services
List the services:
curl -s \
-H "X-Auth-Token: $OS_TOKEN" \
"http://localhost:5000/v3/services" | python -mjson.toolExample response:
{
"links": {
"next": null,
"previous": null,
"self": "http://localhost:5000/v3/services"
},
"services": [
{
"description": "Keystone Identity Service",
"enabled": true,
"id": "bd7397d2c0e14fb69bae8ff76e112a90",
"links": {
"self": "http://localhost:5000/v3/services/bd7397d2c0e14fb69bae8ff76e112a90"
},
"name": "keystone",
"type": "identity"
}
]
}GET /v3/endpoints
List the endpoints:
curl -s \
-H "X-Auth-Token: $OS_TOKEN" \
"http://localhost:5000/v3/endpoints" | python -mjson.toolExample response:
{
"endpoints": [
{
"enabled": true,
"id": "29beb2f1567642eb810b042b6719ea88",
"interface": "admin",
"links": {
"self": "http://localhost:5000/v3/endpoints/29beb2f1567642eb810b042b6719ea88"
},
"region": "RegionOne",
"service_id": "bd7397d2c0e14fb69bae8ff76e112a90",
"url": "http://localhost:5000/v3"
}
],
"links": {
"next": null,
"previous": null,
"self": "http://localhost:5000/v3/endpoints"
}
}Users
GET /v3/users
List users:
curl -s \
-H "X-Auth-Token: $OS_TOKEN" \
"http://localhost:5000/v3/users" | python -mjson.toolPOST /v3/users
Create a user:
curl -s \
-H "X-Auth-Token: $OS_TOKEN" \
-H "Content-Type: application/json" \
-d '{"user": {"name": "newuser", "password": "changeme"}}' \
"http://localhost:5000/v3/users" | python -mjson.toolExample response:
{
"user": {
"domain_id": "default",
"enabled": true,
"id": "ec8fc20605354edd91873f2d66bf4fc4",
"links": {
"self": "http://identity-server:5000/v3/users/ec8fc20605354edd91873f2d66bf4fc4"
},
"name": "newuser"
}
}GET /v3/users/{user_id}
Show details for a user:
USER_ID=ec8fc20605354edd91873f2d66bf4fc4
curl -s \
-H "X-Auth-Token: $OS_TOKEN" \
"http://localhost:5000/v3/users/$USER_ID" | python -mjson.toolExample response:
{
"user": {
"domain_id": "default",
"enabled": true,
"id": "ec8fc20605354edd91873f2d66bf4fc4",
"links": {
"self": "http://localhost:5000/v3/users/ec8fc20605354edd91873f2d66bf4fc4"
},
"name": "newuser"
}
}POST /v3/users/{user_id}/password
Change password (using the default policy, this can be done as the user):
USER_ID=b7793000f8d84c79af4e215e9da78654
ORIG_PASS=userpwd
NEW_PASS=newuserpwd
curl \
-H "X-Auth-Token: $OS_TOKEN" \
-H "Content-Type: application/json" \
-d '{ "user": {"password": "'$NEW_PASS'", "original_password": "'$ORIG_PASS'"} }' \
"http://localhost:5000/v3/users/$USER_ID/password"Note
This command doesn't print anything if the request was successful.
PATCH /v3/users/{user_id}
Reset password (using the default policy, this requires admin):
USER_ID=b7793000f8d84c79af4e215e9da78654
NEW_PASS=newuserpwd
curl -s -X PATCH \
-H "X-Auth-Token: $OS_TOKEN" \
-H "Content-Type: application/json" \
-d '{ "user": {"password": "'$NEW_PASS'"} }' \
"http://localhost:5000/v3/users/$USER_ID" | python -mjson.toolExample response:
{
"user": {
"default_project_id": "3d4c2c82bd5948f0bcab0cf3a7c9b48c",
"domain_id": "default",
"email": "demo@example.com",
"enabled": true,
"extra": {
"email": "demo@example.com"
},
"id": "269348fdd9374b8885da1418e0730af1",
"links": {
"self": "http://localhost:5000/v3/users/269348fdd9374b8885da1418e0730af1"
},
"name": "demo"
}
}PUT /v3/projects/{project_id}/groups/{group_id}/roles/{role_id}
Create group role assignment on project:
curl -s -X PUT \
-H "X-Auth-Token: $OS_TOKEN" \
"http://localhost:5000/v3/projects/$PROJECT_ID/groups/$GROUP_ID/roles/$ROLE_ID" |
python -mjson.toolThere's no data in the response if the operation is successful.
POST /v3/OS-TRUST/trusts
Create a trust:
curl -s \
-H "X-Auth-Token: $OS_TOKEN" \
-H "Content-Type: application/json" \
-d '
{ "trust": {
"expires_at": "2014-12-30T23:59:59.999999Z",
"impersonation": false,
"project_id": "'$PROJECT_ID'",
"roles": [
{ "name": "admin" }
],
"trustee_user_id": "'$DEMO_USER_ID'",
"trustor_user_id": "'$ADMIN_USER_ID'"
}}'\
"http://localhost:5000/v3/OS-TRUST/trusts" | python -mjson.toolExample response:
{
"trust": {
"expires_at": "2014-12-30T23:59:59.999999Z",
"id": "394998fa61f14736b1f0c1f322882949",
"impersonation": false,
"links": {
"self": "http://localhost:5000/v3/OS-TRUST/trusts/394998fa61f14736b1f0c1f322882949"
},
"project_id": "3d4c2c82bd5948f0bcab0cf3a7c9b48c",
"remaining_uses": null,
"roles": [
{
"id": "c703057be878458588961ce9a0ce686b",
"links": {
"self": "http://localhost:5000/v3/roles/c703057be878458588961ce9a0ce686b"
},
"name": "admin"
}
],
"roles_links": {
"next": null,
"previous": null,
"self": "http://localhost:5000/v3/OS-TRUST/trusts/394998fa61f14736b1f0c1f322882949/roles"
},
"trustee_user_id": "269348fdd9374b8885da1418e0730af1",
"trustor_user_id": "3ec3164f750146be97f21559ee4d9c51"
}
}