openstack/keystone
Code Issues Proposed changes
d03ed967dd
keystone/api-ref/source/v3/parameters.yaml
Samuel de Medeiros Queiroz 9a5395f1b2 Migrate identity /v3 docs from api-ref repo 
Docs at [1] have already been converted from WADL (SGML / XML) to RST
using fairy-slipper [2].

This commit polish the results from the conversion and migrate the docs
to our repository under 'api-ref/source' directory. In addition, it
added missing descriptions for access_token_id and consumer_id to
'parameters.yaml'.

Polishing the generated RST files include:
- Removing unnecessary blank lines;
- Removing empty references.

Polishing the generated RST files do not include:
- Modifying their content;
- Modifying file names;
- Wrapping lines at the maximum of 79 chars.

Updating the documentation will be done after this migration step.

This change also adds a tox environment to build the docs using sphinx
under 'api-ref/build', which in turn is added to '.gitignore'.

Lastly, 'os-api-ref' is added as a test requirement. It provides the
sphinx stanzas rest_method and rest_parameter, used to define OpenStack
APIs in RST docs.

[1] https://github.com/openstack/api-site/tree/master/api-ref/source/identity/v3
[2] https://github.com/russell/fairy-slipper

Change-Id: If1b9a3e1b2e4ea7211c337071254c26b881893a3
2016-05-24 09:58:23 -03:00

1395 lines
32 KiB
YAML
Raw Blame History

# variables in header
X-Auth-Token:
description: |
A valid authentication token for an
administrative user.
in: header
required: true
type: string
X-Subject-Token:
description: |
The authentication token. An authentication
response returns the token ID in this header rather than in the
response body.
in: header
required: true
type: string
X-Subject-Token_1:
description: |
The authentication token for which you want to
perform the operation.
in: header
required: true
type: string
# variables in path
access_token_id:
description: |
The ID of the access token.
in: path
required: true
type: string
consumer_id:
description: |
The ID of the consumer.
in: path
required: false
type: string
credential_id:
description: |
The UUID for the credential.
in: path
required: false
type: string
domain_id:
description: |
Filters the response by a domain ID.
in: path
required: false
type: string
endpoint_id:
description: |
The endpoint ID.
in: path
required: false
type: string
group_1:
description: |
The group name, which is ``ldap`` or
``identity``.
in: path
required: false
type: string
group_id:
description: |
The group ID.
in: path
required: false
type: string
option:
description: |
The option name. For the ``ldap`` group, a valid
value is ``url`` or ``user_tree_dn``. For the ``identity`` group,
a valid value is ``driver``.
in: path
required: false
type: string
policy_id:
description: |
The policy ID.
in: path
required: false
type: string
project_id:
description: |
The project ID.
in: path
required: false
type: string
region_id_2:
description: |
The region ID.
in: path
required: false
type: string
role_id:
description: |
The role ID.
in: path
required: false
type: string
service_id_2:
description: |
The service ID.
in: path
required: false
type: string
user_id:
description: |
The user ID.
in: path
required: false
type: string
# variables in query
domain_id_7:
description: |
Filters the response by a domain ID.
in: query
required: false
type: string
enabled_11:
description: |
Filters the response by either enabled (``true``)
or disabled (``false``) users.
in: query
required: false
type: string
enabled_6:
description: |
Filters the response by either enabled (``true``)
or disabled (``false``) domains. Users can authorize against an
enabled domain and any of its projects. Users that are owned by an
enabled domain can authenticate and receive additional
authorization. Users cannot authorize against a disabled domain
or any of its projects. Users that are owned by a disabled domain
cannot authenticate or receive additional authorization. All
tokens that are authorized for a disabled domain or its projects
become no longer valid. If you reenable the domain, these tokens
are not re- enabled.
in: query
required: false
type: string
enabled_9:
description: |
Filters the response by either enabled (``true``)
or disabled (``false``) projects.
in: query
required: false
type: string
interface_2:
description: |
Filters the response by an interface.
in: query
required: false
type: string
name_10:
description: |
Filters the response by a domain name.
in: query
required: false
type: string
name_13:
description: |
Filters the response by a project name.
in: query
required: false
type: string
name_14:
description: |
Filters the response by a role name.
in: query
required: false
type: string
name_16:
description: |
Filters the response by a user name.
in: query
required: false
type: string
nocatalog:
description: |
(Since v3.1) The authentication response excludes
the service catalog. By default, the response includes the service
catalog.
in: query
required: false
type: string
parent_id_2:
description: |
(Since v3.4) Filters the response by a parent ID.
in: query
required: false
type: string
parent_region_id_1:
description: |
Filters the response by a parent region, by ID.
in: query
required: false
type: string
service_id_3:
description: |
Filters the response by a service ID.
in: query
required: false
type: string
type_4:
description: |
Filters the response by a MIME media type for the
serialized policy blob. For example, ``application/json``.
in: query
required: false
type: string
type_5:
description: |
Filters the response by a service type. A valid
value is ``compute``, ``ec2``, ``identity``, ``image``,
``network``, or ``volume``.
in: query
required: false
type: string
user_id_3:
description: |
Filters the response by a user ID.
in: query
required: false
type: string
# variables in body
audit_ids:
description: |
A list of one or two audit IDs. An audit ID is a
unique, randomly generated, URL-safe string that you can use to
track a token. The first audit ID is the current audit ID for the
token. The second audit ID is present for only re-scoped tokens
and is the audit ID from the token before it was re-scoped. A re-
scoped token is one that was exchanged for another token of the
same or different scope. You can use these audit IDs to track the
use of a token or chain of tokens across multiple requests and
endpoints without exposing the token ID to non-privileged users.
in: body
required: true
type: array
auth:
description: |
An ``auth`` object.
in: body
required: true
type: object
blob:
description: |
The credential itself, as a serialized blob.
in: body
required: true
type: string
blob_1:
description: |
The policy rule set itself, as a serialized blob.
in: body
required: true
type: string
blob_2:
description: |
The policy rule itself, as a serialized blob.
in: body
required: true
type: object
blob_3:
description: |
The credential itself, as a serialized blob.
in: body
required: false
type: string
catalog:
description: |
A ``catalog`` object.
in: body
required: true
type: array
config:
description: |
A ``config`` object.
in: body
required: true
type: object
credential:
description: |
A ``credential`` object.
in: body
required: true
type: object
credentials:
description: |
A ``credentials`` object.
in: body
required: true
type: array
default_project_id:
description: |
The ID of the default project for the user.
Setting this attribute does not grant any actual authorization on
the project, and is merely provided for convenience. Therefore,
the referenced project does not need to exist within the user
domain. (Since v3.1) If the user does not have authorization to
their default project, the default project is ignored at token
creation. (Since v3.1) Additionally, if your default project is
not valid, a token is issued without an explicit scope of
authorization.
in: body
required: false
type: string
default_project_id_1:
description: |
The ID of the default project for the user.
in: body
required: true
type: string
description:
description: |
The domain description.
in: body
required: false
type: string
description_1:
description: |
The group description.
in: body
required: false
type: string
description_10:
description: |
The service description.
in: body
required: true
type: string
description_11:
description: |
The user description.
in: body
required: true
type: string
description_2:
description: |
The project description.
in: body
required: false
type: string
description_3:
description: |
The region description.
in: body
required: false
type: string
description_4:
description: |
The service description.
in: body
required: false
type: string
description_5:
description: |
The user description.
in: body
required: false
type: string
description_6:
description: |
The project description.
in: body
required: true
type: string
description_7:
description: |
The domain description.
in: body
required: true
type: string
description_8:
description: |
The group description.
in: body
required: true
type: string
description_9:
description: |
The region description.
in: body
required: true
type: string
domain:
description: |
A ``domain`` object.
in: body
required: true
type: object
domain_1:
description: |
A ``domain`` object. Required if you specify a
user name.
in: body
required: false
type: object
domain_2:
description: |
Specify either ``id`` or ``name`` to uniquely
identify the domain.
in: body
required: false
type: object
domain_id_1:
description: |
The ID of the domain that owns the group. If you
omit the domain ID, defaults to the domain to which the client
token is scoped.
in: body
required: false
type: string
domain_id_2:
description: |
The ID of the domain for the project. If you
omit the domain ID, default is the domain to which your token is
scoped.
in: body
required: false
type: string
domain_id_3:
description: |
The ID of the domain for the user.
in: body
required: false
type: string
domain_id_4:
description: |
The ID of the domain for the project.
in: body
required: true
type: string
domain_id_5:
description: |
The ID of the domain for the group.
in: body
required: true
type: string
domain_id_6:
description: |
The ID of the domain for the user.
in: body
required: true
type: string
domains:
description: |
A ``domains`` object.
in: body
required: true
type: array
driver:
description: |
The Identity back-end driver.
in: body
required: true
type: string
driver_1:
description: |
The Identity back-end driver.
in: body
required: false
type: string
email:
description: |
The email address for the user.
in: body
required: false
type: string
email_1:
description: |
The email address for the user.
in: body
required: true
type: string
enabled:
description: |
Enables or disables the domain. Users can
authorize against an enabled domain and any of its projects. Users
that are owned by an enabled domain can authenticate and receive
additional authorization. Users cannot authorize against a
disabled domain or any of its projects. Users that are owned by a
disabled domain cannot authenticate or receive additional
authorization. All tokens that are authorized for a disabled
domain or its projects become no longer valid. If you reenable the
domain, these tokens are not re- enabled. To enable the domain,
set to ``true``. To disable the domain, set to ``false``. Default
is ``true``.
in: body
required: false
type: boolean
enabled_1:
description: |
Defines whether the endpoint appears in the
service catalog: - ``false``. The endpoint does not appear in the
service catalog. - ``true``. The endpoint appears in the service
catalog. Default is ``true``.
in: body
required: false
type: boolean
enabled_10:
description: |
Defines whether the service and its endpoints
appear in the service catalog: - ``false``. The service and its
endpoints do not appear in the service catalog. - ``true``. The
service and its endpoints appear in the service catalog.
in: body
required: true
type: boolean
enabled_12:
description: |
Indicates whether the domain is enabled or
disabled. If set to ``true``, the domain is enabled. Users can
authorize against an enabled domain and any of its projects. Users
that are owned by an enabled domain can authenticate and receive
additional authorization. If set to ``false``, the domain is
disabled. Users cannot authorize against a disabled domain or any
of its projects. Users that are owned by a disabled domain cannot
authenticate or receive additional authorization. All tokens that
are authorized for a disabled domain or its projects become no
longer valid. If you reenable the domain, these tokens are not re-
enabled.
in: body
required: true
type: boolean
enabled_13:
description: |
If set to ``true``, project is enabled. If set to
``false``, project is disabled.
in: body
required: true
type: boolean
enabled_2:
description: |
Enables or disables the project. Users can
authorize against an enabled project. Users cannot authorize
against a disabled project. All tokens that are authorized for a
disabled project become no longer valid. If you reenable the
project, these tokens are not re-enabled. To enable the project,
set to ``true``. To disable the project, set to ``false``. Default
is ``true``.
in: body
required: false
type: boolean
enabled_3:
description: |
Defines whether the service and its endpoints
appear in the service catalog: - ``false``. The service and its
endpoints do not appear in the service catalog. - ``true``. The
service and its endpoints appear in the service catalog.
Default is ``true``.
in: body
required: false
type: boolean
enabled_4:
description: |
Enables or disables the user. An enabled user
can authenticate and receive authorization. A disabled user
cannot authenticate or receive authorization. Additionally, all
tokens that the user holds become no longer valid. If you reenable
this user, pre-existing tokens do not become valid. To enable the
user, set to ``true``. To disable the user, set to ``false``.
Default is ``true``.
in: body
required: false
type: boolean
enabled_5:
description: |
Enables or disables the project and its subtree.
Users can authorize against an enabled project. Users cannot
authorize against a disabled project. All tokens that are
authorized for a disabled project become no longer valid. If you
reenable the project, these tokens are not re-enabled. To enable
the project and its subtree, set to ``true``. To disable the
project and its subtree, set to ``false``. Default is ``true``.
in: body
required: true
type: boolean
enabled_7:
description: |
Indicates whether the endpoint appears in the
service catalog: - ``false``. The endpoint does not appear in the
service catalog. - ``true``. The endpoint appears in the service
catalog.
in: body
required: true
type: boolean
enabled_8:
description: |
If the user is enabled, this value is ``true``.
If the user is disabled, this value is ``false``.
in: body
required: true
type: boolean
endpoint:
description: |
An ``endpoint`` object.
in: body
required: true
type: object
endpoints:
description: |
An ``endpoints`` object.
in: body
required: true
type: array
expires_at:
description: |
The date and time when the token expires.
The date and time stamp format is `ISO 8601
<https://en.wikipedia.org/wiki/ISO_8601>`_:
::
CCYY-MM-DDThh:mm:ss±hh:mm
For example, ``2015-08-27T09:49:58-05:00``.
The ``±hh:mm`` value, if included, is the time zone as an offset
from UTC. In the previous example, the offset value is ``-05:00``.
A ``null`` value indicates that the token never expires.
in: body
required: true
type: string
extras:
description: |
A set of metadata key and value pairs, if any.
in: body
required: true
type: object
group:
description: |
A ``group`` object.
in: body
required: true
type: object
groups:
description: |
A ``groups`` object.
in: body
required: true
type: array
id:
description: |
The ID of the user. Required if you do not
specify the user name.
in: body
required: false
type: string
id_1:
description: |
The ID of the domain. If you specify a user
name, you must specify either a domain ID or domain name.
in: body
required: false
type: string
id_10:
description: |
The role ID.
in: body
required: true
type: string
id_11:
description: |
The ID of the service.
in: body
required: true
type: string
id_12:
description: |
The ID for the user.
in: body
required: true
type: string
id_13:
description: |
The ID for the region.
in: body
required: true
type: string
id_14:
description: |
The user ID.
in: body
required: true
type: string
id_2:
description: |
A token ID.
in: body
required: false
type: string
id_3:
description: |
The UUID for the credential.
in: body
required: true
type: string
id_4:
description: |
The domain ID.
in: body
required: true
type: string
id_5:
description: |
The endpoint UUID.
in: body
required: true
type: string
id_6:
description: |
The ID for the group.
in: body
required: true
type: string
id_7:
description: |
The ID of the policy.
in: body
required: true
type: string
id_8:
description: |
The ID for the project.
in: body
required: true
type: string
id_9:
description: |
A user-defined region ID. If you include
characters in the region ID that are not allowed in a URI, you
must URL-encode the ID. If you omit an ID, the API assigns an ID
to the region.
in: body
required: false
type: string
identity:
description: |
An ``identity`` object.
in: body
required: true
type: object
identity_1:
description: |
An ``identity`` object. Required to set the
identity group configuration options.
in: body
required: true
type: object
interface:
description: |
The interface type, which describes the
visibility of the endpoint. Value is: - ``public``. Visible by
end users on a publicly available network interface. -
``internal``. Visible by end users on an unmetered internal
network interface. - ``admin``. Visible by administrative users
on a secure network interface.
in: body
required: true
type: string
interface_1:
description: |
The interface type, which describes the
visibility of the endpoint. A valid value is: - ``public``.
Visible by end users on a publicly available network interface.
- ``internal``. Visible by end users on an unmetered internal
network interface. - ``admin``. Visible by administrative users
on a secure network interface.
in: body
required: true
type: string
is_domain:
description: |
(Since v3.6) Indicates whether the project also
acts as a domain. Set to ``true`` to define this project as both
a project and domain. As a domain, the project provides a name
space in which you can create users, groups, and other projects.
Set to ``false`` to define this project as a regular project that
contains only resources. Default is ``false``. You cannot update
this parameter after you create the project.
in: body
required: false
type: boolean
is_domain_1:
description: |
(Since v3.6) Indicates whether the project also
acts as a domain. If set to ``true``, this project acts as both a
project and domain. As a domain, the project provides a name space
in which you can create users, groups, and other projects.
Otherwise, this field does not appear in the response and this
project behaves as a regular project that contains only resources.
in: body
required: false
type: boolean
issued_at:
description: |
The date and time when the token was issued.
The date and time stamp format is `ISO 8601
<https://en.wikipedia.org/wiki/ISO_8601>`_:
::
CCYY-MM-DDThh:mm:ss±hh:mm
For example, ``2015-08-27T09:49:58-05:00``.
The ``±hh:mm`` value, if included, is the time zone as an offset
from UTC. In the previous example, the offset value is ``-05:00``.
in: body
required: true
type: string
ldap:
description: |
An ``ldap`` object. Required to set the LDAP
group configuration options.
in: body
required: true
type: object
links:
description: |
The links for the ``credential`` resource.
in: body
required: true
type: object
links_1:
description: |
The links for the ``domain`` resource.
in: body
required: true
type: object
links_10:
description: |
The links for the ``credentials`` resource.
in: body
required: true
type: object
links_11:
description: |
The links for the ``domains`` resource.
in: body
required: true
type: object
links_12:
description: |
The links for the ``roles`` resource.
in: body
required: true
type: object
links_13:
description: |
The links for the ``endpoints`` resource.
in: body
required: true
type: object
links_14:
description: |
The links for the ``users`` resource.
in: body
required: true
type: object
links_2:
description: |
The links for the ``endpoint`` resource.
in: body
required: true
type: object
links_3:
description: |
The links for the ``group`` resource.
in: body
required: true
type: object
links_4:
description: |
The links for the ``policy`` resource.
in: body
required: true
type: object
links_5:
description: |
The links for the ``project`` resource.
in: body
required: true
type: object
links_6:
description: |
The links for the ``region`` resource.
in: body
required: true
type: object
links_7:
description: |
The links for the ``role`` resource.
in: body
required: true
type: object
links_8:
description: |
The links for the ``service`` resource.
in: body
required: true
type: object
links_9:
description: |
The links for the ``user`` resource.
in: body
required: true
type: object
methods:
description: |
The authentication method. For password
authentication, specify ``password``.
in: body
required: true
type: array
methods_1:
description: |
The authentication method. For token
authentication, specify ``token``.
in: body
required: true
type: array
methods_2:
description: |
The authentication method, which is ``password``,
``token``, or both methods. Indicates the accumulated set of
authentication methods that were used to obtain the token. For
example, if the token was obtained by password authentication, it
contains ``password``. Later, if the token is exchanged by using
the token authentication method one or more times, the
subsequently created tokens contain both ``password`` and
``token`` in their ``methods`` attribute. Unlike multi-factor
authentication, the ``methods`` attribute merely indicates the
methods that were used to authenticate the user in exchange for a
token. The client is responsible for determining the total number
of authentication factors.
in: body
required: true
type: array
name:
description: |
The user name. Required if you do not specify
the ID of the user. If you specify the user name, you must also
specify the domain, by ID or name.
in: body
required: false
type: string
name_1:
description: |
The name of the domain. If you specify a user
name, you must specify either a domain ID or domain name.
in: body
required: false
type: string
name_11:
description: |
The name of the group.
in: body
required: true
type: string
name_12:
description: |
The user name. Must be unique within the domain.
in: body
required: true
type: string
name_15:
description: |
The service name.
in: body
required: true
type: string
name_17:
description: |
The domain name.
in: body
required: false
type: string
name_18:
description: |
The group name.
in: body
required: false
type: string
name_19:
description: |
The user name.
in: body
required: true
type: string
name_2:
description: |
The domain name.
in: body
required: true
type: string
name_3:
description: |
The endpoint name.
in: body
required: true
type: string
name_4:
description: |
The group name.
in: body
required: true
type: string
name_5:
description: |
The project name, which must be unique within the
owning domain. The project can have the same name as its domain.
in: body
required: true
type: string
name_6:
description: |
The role name.
in: body
required: true
type: string
name_7:
description: |
The service name.
in: body
required: false
type: string
name_8:
description: |
The user name, which must be unique within the
owning domain.
in: body
required: true
type: string
name_9:
description: |
The project name. The project can have the same
name as its domain.
in: body
required: true
type: string
original_password:
description: |
The original password for the user.
in: body
required: true
type: string
parent_id:
description: |
(Since v3.4) The ID of the parent project. If
you omit the parent project ID, the project is a top-level
project.
in: body
required: false
type: string
parent_id_1:
description: |
(Since v3.4) The ID of the parent project. If
``null``, the project is a top-level project.
in: body
required: true
type: string
parent_region_id:
description: |
To make this region a child of another region,
set this parameter to the ID of the parent region.
in: body
required: false
type: string
parent_region_id_2:
description: |
If the region is a child of another region, the
ID for the parent region. Otherwise, this value is ``null``.
in: body
required: true
type: string
password:
description: |
The user password.
in: body
required: true
type: string
password_1:
description: |
The password for the user.
in: body
required: true
type: string
password_2:
description: |
The new password for the user.
in: body
required: true
type: string
policies:
description: |
A ``policies`` object.
in: body
required: true
type: array
policy:
description: |
A ``policy`` object.
in: body
required: true
type: object
project:
description: |
A ``project`` object.
in: body
required: true
type: object
project_id_1:
description: |
The UUID for the associated project.
in: body
required: true
type: string
project_id_2:
description: |
The UUID for the associated project.
in: body
required: false
type: string
projects:
description: |
A ``projects`` object.
in: body
required: true
type: array
region:
description: |
(Deprecated in v3.2) The geographic location of
the service endpoint.
in: body
required: true
type: string
region_1:
description: |
A ``region`` object.
in: body
required: true
type: object
region_2:
description: |
(Deprecated in v3.2) The geographic location of
the service endpoint. Use the ``region_id`` parameter instead.
in: body
required: false
type: string
region_id:
description: |
(Since v3.2) The ID of the region that contains
the service endpoint.
in: body
required: true
type: string
region_id_1:
description: |
(Since v3.2) The ID of the region that contains
the service endpoint.
in: body
required: false
type: string
regions:
description: |
A ``regions`` object.
in: body
required: true
type: array
requested_project_id:
description: |
The ID of the requested project.
in: body
required: true
type: string
role:
description: |
A ``role`` object.
in: body
required: true
type: object
role_assignments:
description: |
A ``role_assignments`` object.
in: body
required: true
type: array
roles:
description: |
A ``roles`` object.
in: body
required: true
type: array
scope:
description: |
The authorization scope. (Since v3.4) Specify
``unscoped`` to make an explicit unscoped token request, which
returns an unscoped response without any authorization. This
request behaves the same as a token request with no scope where
the user has no default project defined. If you do not make an
explicit ``unscoped`` token request and your role has a default
project, the response might return a project- scoped token. If a
default project is not defined, a token is issued without an
explicit scope of authorization, which is the same as asking for
an explicit unscoped token.
in: body
required: false
type: string
scope_1:
description: |
The authorization scope. - Specify ``project``
to scope to a project, by ID or name. If you specify the project
by name, you must also specify the project domain to uniquely
identify the project. Because a project can have the same name
as its owning domain, the scope is determined, as follows: -
If the project name is truly unique, the token is scoped to the
project. - If a name clash exists between a project acting as a
domain and a regular project within that domain, the token is
scoped to the regular project. - In a name-clash situation,
if the user wants the token scoped to the project acting as
the domain, you must either specify use the project ID to
specify the scope or rename either the project acting as a
domain or the regular project. Alternatively, you can use a
domain name to uniquely identify the project. - Specify
``domain`` to scope to a domain, by ID or name with equivalent
results to project scoping. The catalog returned from a domain-
scoped request contains all endpoints of a project- scoped
catalog, excluding ones that require a project ID as part of
their URL. You cannot simultaneously scope a token to a project
and domain.
in: body
required: false
type: object
service:
description: |
A ``service`` object.
in: body
required: true
type: object
service_id:
description: |
The UUID of the service to which the endpoint
belongs.
in: body
required: true
type: string
service_id_1:
description: |
The service ID.
in: body
required: false
type: string
services:
description: |
A ``services`` object.
in: body
required: true
type: array
token:
description: |
A ``token`` object.
in: body
required: true
type: object
token_1:
description: |
A ``token`` object. The token authentication
method is used. This method is typically used in combination with
a request to change authorization scope.
in: body
required: true
type: object
type:
description: |
The endpoint type.
in: body
required: true
type: string
type_1:
description: |
The credential type, such as ``ec2`` or ``cert``.
The implementation determines the list of supported types.
in: body
required: true
type: string
type_2:
description: |
The MIME media type of the serialized policy
blob.
in: body
required: true
type: string
type_3:
description: |
The service type, which describes the API
implemented by the service. A valid value is ``compute``,
``ec2``, ``identity``, ``image``, ``network``, or ``volume``.
in: body
required: true
type: string
type_6:
description: |
The service type, which describes the API
implemented by the service. Value is ``compute``, ``ec2``,
``identity``, ``image``, ``network``, or ``volume``.
in: body
required: true
type: string
type_7:
description: |
The credential type, such as ``ec2`` or ``cert``.
The implementation determines the list of supported types.
in: body
required: false
type: string
url:
description: |
The endpoint URL.
in: body
required: true
type: string
url_1:
description: |
The LDAP URL.
in: body
required: true
type: string
url_2:
description: |
The LDAP URL.
in: body
required: false
type: string
user:
description: |
A ``user`` object.
in: body
required: true
type: object
user_id_1:
description: |
The ID of the user who owns the credential.
in: body
required: true
type: string
user_id_2:
description: |
The ID of the user who owns the policy.
in: body
required: false
type: string
user_id_4:
description: |
The ID of the user who owns the policy.
in: body
required: true
type: string
user_id_5:
description: |
The ID of the user who owns the credential.
in: body
required: false
type: string
user_tree_dn:
description: |
The base distinguished name (DN) of LDAP, from
where all users can be reached. For example,
``ou=Users,dc=root,dc=org``.
in: body
required: true
type: string
user_tree_dn_1:
description: |
The base distinguished name (DN) of LDAP, from
where all users can be reached. For example,
``ou=Users,dc=root,dc=org``.
in: body
required: false
type: string
users:
description: |
A ``users`` object.
in: body
required: true
type: array
View Git Blame Copy Permalink