keystone/api-ref/source/v3/index.rst
Clenimar Filemon ab252d58dc Move OS-INHERIT api-ref from extensions to core
Move inheritance API-ref to main Identity API-ref [1]. The docs need to
be updated, though. I think it's better to move them first, then update to
match keystone-specs docs.

[1] Ia838dff1863b1b77472079b32783ae31557b1ef5

Change-Id: I6a6a59bba9c15ac7678e0b20d248dfb4c03881c7
2016-07-14 14:27:49 -03:00

1.6 KiB

tocdepth

2

Identity API v3 (CURRENT)

The Identity service generates authentication tokens that permit access to the OpenStack services REST APIs. Clients obtain this token and the URL endpoints for other service APIs by supplying their valid credentials to the authentication service.

Each time you make a REST API request to an OpenStack service, you supply your authentication token in the X-Auth-Token request header.

Like most OpenStack projects, OpenStack Identity protects its APIs by defining policy rules based on a role-based access control (RBAC) approach.

The Identity service configuration file sets the name and location of a JSON policy file that stores these rules.

For information about Identity API protection, see Identity API protection with role-based access control (RBAC) in the OpenStack Cloud Administrator Guide.

This page lists the Identity API operations in the following order:

  • Authentication and token management
  • Credentials
  • Domains
  • Domain configuration
  • Groups
  • Policies
  • Projects
  • Regions
  • Roles
  • Service catalog and endpoints
  • Users
  • OS-INHERIT API