509 lines
20 KiB
XML
509 lines
20 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!--*******************************************************-->
|
|
<!-- Import Common XML Entities -->
|
|
<!-- -->
|
|
<!-- You can resolve the entites with xmllint -->
|
|
<!-- -->
|
|
<!-- xmllint -noent identity-admin.wadl -->
|
|
<!--*******************************************************-->
|
|
<!DOCTYPE application [
|
|
<!ENTITY % common SYSTEM "../common/common.ent">
|
|
%common;
|
|
]>
|
|
|
|
<application xmlns="http://wadl.dev.java.net/2009/02"
|
|
xmlns:identity="http://docs.openstack.org/identity/api/v2.0"
|
|
xmlns:capi="http://docs.openstack.org/common/api/v1.0"
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
|
|
xmlns:xsdxt="http://docs.rackspacecloud.com/xsd-ext/v1.0"
|
|
xsi:schemaLocation="http://docs.openstack.org/identity/api/v2.0 ../common/xsd/api.xsd
|
|
http://docs.openstack.org/common/api/v1.0 ../common/xsd/api-common.xsd
|
|
http://wadl.dev.java.net/2009/02 http://www.w3.org/Submission/wadl/wadl.xsd
|
|
">
|
|
|
|
<grammars>
|
|
<include href="../common/xsd/api.xsd"/>
|
|
<include href="../common/xsd/api-common.xsd"/>
|
|
</grammars>
|
|
|
|
<!--*******************************************************-->
|
|
<!-- All Resources -->
|
|
<!--*******************************************************-->
|
|
|
|
<!-- We should use SSL in production -->
|
|
<resources base="http://localhost:35357">
|
|
<resource id="version" path="v2.0">
|
|
<method href="#getVersionInfo"/>
|
|
|
|
<resource id="extensions" path="extensions">
|
|
<method href="#listExtensions"/>
|
|
|
|
<resource id="extension" path="{alias}">
|
|
<param name="alias" style="template" type="xsd:string"/>
|
|
<method href="#getExtension"/>
|
|
</resource>
|
|
</resource>
|
|
|
|
<resource id="tokens" path="tokens">
|
|
<method href="#authenticate"/>
|
|
<resource id="tokenById" path="{tokenId}">
|
|
<param name="X-Auth-Token" style="header" type="xsd:string" required="true">
|
|
<doc>You need a valid admin token for access.</doc>
|
|
</param>
|
|
<param name="tokenId" style="template" type="xsd:string" required="true"/>
|
|
<param name="belongsTo" style="query" type="xsd:string" required="false"/>
|
|
<method href="#validateToken"/>
|
|
<method href="#checkToken"/>
|
|
<resource id="endpointsForToken" path="endpoints">
|
|
<method href="#listEndpointsForToken"/>
|
|
</resource>
|
|
</resource>
|
|
</resource>
|
|
|
|
<resource id="users" path="users">
|
|
<param name="X-Auth-Token" style="header" type="xsd:string" required="true">
|
|
<doc>You need a valid admin token for access.</doc>
|
|
</param>
|
|
<method href="#getUserByName"/>
|
|
<resource id="userid" path="{user_id}">
|
|
<param name="user_id" style="template" type="xsd:string" required="true"/>
|
|
<method href="#getUserById"/>
|
|
|
|
<resource id="userRoles" path="roles">
|
|
<method href="#listUserGlobalRoles"/>
|
|
</resource>
|
|
</resource>
|
|
</resource>
|
|
|
|
<resource id="tenants" path="tenants">
|
|
<param name="X-Auth-Token" style="header" type="xsd:string" required="true">
|
|
<doc>
|
|
<p xmlns="http://www.w3.org/1999/xhtml">
|
|
You need a valid admin token for access.
|
|
</p>
|
|
</doc>
|
|
</param>
|
|
<method href="#listTenants"/>
|
|
<method href="#getTenantByName"/>
|
|
<resource id="tenantById" path="{tenantId}">
|
|
<param name="tenantId" style="template" type="xsd:string" required="true"/>
|
|
<method href="#getTenantById"/>
|
|
|
|
<resource id="usersForTenant" path="users">
|
|
<resource id="getTenantUser" path="{user_id}">
|
|
<param name="user_id" style="template" type="xsd:string" required="true"/>
|
|
|
|
<resource id="userRolesForTenant" path="roles">
|
|
<method href="#listRolesForUserOnTenant"/>
|
|
</resource>
|
|
</resource>
|
|
</resource>
|
|
</resource>
|
|
</resource>
|
|
</resource>
|
|
</resources>
|
|
|
|
<!--*******************************************************-->
|
|
<!-- Resource Types -->
|
|
<!--*******************************************************-->
|
|
|
|
<resource_type id="VersionDetails">
|
|
<method href="#getVersionInfo"/>
|
|
</resource_type>
|
|
|
|
<resource_type id="ExtensionList">
|
|
<doc xml:lang="EN" title="Extension List">
|
|
<p xmlns="http://www.w3.org/1999/xhtml">
|
|
A list of supported extensions.
|
|
</p>
|
|
</doc>
|
|
<method href="#listExtensions"/>
|
|
</resource_type>
|
|
|
|
<!--*******************************************************-->
|
|
<!-- All Methods -->
|
|
<!--*******************************************************-->
|
|
|
|
<!-- Version -->
|
|
|
|
<method name="GET" id="getVersionInfo">
|
|
<doc xml:lang="EN" title="Version Details">
|
|
<p xmlns="http://www.w3.org/1999/xhtml">
|
|
Returns detailed information about this specific version of the API.
|
|
</p>
|
|
</doc>
|
|
<response status="200 203">
|
|
<representation mediaType="application/xml" element="capi:version">
|
|
<param name="location" style="plain" type="xsd:anyURI" required="true" path="/capi:version/atom:link[@rel='self']/@href">
|
|
<link resource_type="#VersionDetails" rel="self"/>
|
|
</param>
|
|
</representation>
|
|
<representation mediaType="application/json"/>
|
|
</response>
|
|
&commonFaults;
|
|
&getFaults;
|
|
</method>
|
|
|
|
<!-- Extensions -->
|
|
|
|
<method name="GET" id="listExtensions">
|
|
<doc xml:lang="EN" title="List Extensions">
|
|
<p xmlns="http://www.w3.org/1999/xhtml">
|
|
Lists supported extensions.
|
|
</p>
|
|
</doc>
|
|
<response status="200 203">
|
|
<representation mediaType="application/xml" element="capi:extensions">
|
|
<param name="next" style="plain" type="xsd:anyURI" path="/capi:extensions/atom:link[@rel='next']/@href">
|
|
<link resource_type="#ExtensionList" rel="next"/>
|
|
</param>
|
|
<param name="previous" style="plain" type="xsd:anyURI" path="/capi:extensions/atom:link[@rel='previous']/@href">
|
|
<link resource_type="#ExtensionList" rel="previous"/>
|
|
</param>
|
|
</representation>
|
|
<representation mediaType="application/json"/>
|
|
</response>
|
|
&commonFaults;
|
|
</method>
|
|
<method name="GET" id="getExtension">
|
|
<doc xml:lang="EN" title="Get Extension Details">
|
|
<p xmlns="http://www.w3.org/1999/xhtml">
|
|
Gets details about a specific extension.
|
|
</p>
|
|
</doc>
|
|
<response status="200 203">
|
|
<representation mediaType="application/xml" element="capi:extension"/>
|
|
<representation mediaType="application/json"/>
|
|
</response>
|
|
&commonFaults;
|
|
&getFaults;
|
|
</method>
|
|
|
|
<!-- Token Operations -->
|
|
|
|
<method name="POST" id="authenticate">
|
|
<doc xml:lang="EN" title="Authenticate for Service API">
|
|
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
|
|
Authenticate to generate a token.
|
|
</p>
|
|
<p xmlns="http://www.w3.org/1999/xhtml">
|
|
This call will return a token if successful. Each REST request against other services (or other
|
|
calls on Keystone such as the GET /tenants call)
|
|
requires the inclusion of a specific authorization token HTTP x-header, defined as X-Auth-Token.
|
|
Clients obtain
|
|
this token, along with the URL to other service APIs, by first authenticating against the
|
|
Keystone Service and supplying valid credentials.
|
|
</p>
|
|
<p xmlns="http://www.w3.org/1999/xhtml">
|
|
Client authentication is provided via a REST interface using the POST method,
|
|
with v2.0/tokens supplied as the path. A payload of credentials must be included
|
|
in the body.
|
|
</p>
|
|
<p xmlns="http://www.w3.org/1999/xhtml">
|
|
The Keystone Service is a RESTful web service. It is the entry point to all service APIs.
|
|
To access the Keystone Service, you must know URL of the Keystone service.
|
|
</p>
|
|
</doc>
|
|
<request>
|
|
<representation mediaType="application/xml" element="identity:auth">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/auth_credentials.xml"/>
|
|
<xsdxt:code href="../common/samples/auth_with_token.xml"/>
|
|
</doc>
|
|
</representation>
|
|
<representation mediaType="application/json">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/auth_credentials.json"/>
|
|
<xsdxt:code href="../common/samples/auth_with_token.json"/>
|
|
</doc>
|
|
</representation>
|
|
</request>
|
|
<response status="200 203">
|
|
<representation mediaType="application/xml" element="identity:access">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/auth.xml"/>
|
|
</doc>
|
|
</representation>
|
|
<representation mediaType="application/json">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/auth.json"/>
|
|
</doc>
|
|
</representation>
|
|
</response>
|
|
<response status="403">
|
|
<representation mediaType="application/xml" element="identity:userDisabled"/>
|
|
<representation mediaType="application/json"/>
|
|
</response>
|
|
&commonFaults;
|
|
&getFaults;
|
|
</method>
|
|
<method name="GET" id="validateToken">
|
|
<doc xml:lang="EN" title="Validate Token">
|
|
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
|
|
Check that a token is valid and that it belongs to a supplied tenant
|
|
and return the permissions relevant to a particular client.
|
|
</p>
|
|
<p xmlns="http://www.w3.org/1999/xhtml">
|
|
Valid tokens will exist in the
|
|
<code>/tokens/{tokenId}</code> path and invalid
|
|
tokens will not. In other words, a user should expect an
|
|
itemNotFound (<code>404</code>) fault for an
|
|
invalid token.
|
|
</p>
|
|
</doc>
|
|
<request>
|
|
<param name="belongsTo" style="query" required="false" type="xsd:string">
|
|
<doc xml:lang="EN">
|
|
<p xmlns="http://www.w3.org/1999/xhtml">
|
|
Validates a token has the supplied tenant in scope.
|
|
</p>
|
|
</doc>
|
|
</param>
|
|
</request>
|
|
<response status="200 203">
|
|
<representation mediaType="application/xml" element="identity:access">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/validatetoken.xml"/>
|
|
</doc>
|
|
</representation>
|
|
<representation mediaType="application/json">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/validatetoken.json"/>
|
|
</doc>
|
|
</representation>
|
|
</response>
|
|
&commonFaults;
|
|
&getFaults;
|
|
</method>
|
|
<method name="HEAD" id="checkToken">
|
|
<doc xml:lang="EN" title="Check Token">
|
|
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
|
|
Check that a token is valid and that it belongs to a particular tenant
|
|
(For performance).
|
|
</p>
|
|
</doc>
|
|
<request>
|
|
<param name="belongsTo" style="query" required="false" type="xsd:string">
|
|
<doc xml:lang="EN">
|
|
<p xmlns="http://www.w3.org/1999/xhtml">
|
|
Validates a token has the supplied tenant in scope. (for performance).
|
|
</p>
|
|
<p xmlns="http://www.w3.org/1999/xhtml">
|
|
Valid tokens will exist in the
|
|
<code>/tokens/{tokenId}</code> path and invalid
|
|
tokens will not. In other words, a user should expect an
|
|
itemNotFound (<code>404</code>) fault for an
|
|
invalid token.
|
|
</p>
|
|
<p xmlns="http://www.w3.org/1999/xhtml">
|
|
If `belongsTo` is provided, validates that a token has a specific tenant in scope.
|
|
</p>
|
|
<p xmlns="http://www.w3.org/1999/xhtml">
|
|
No response body is returned for this method.
|
|
</p>
|
|
</doc>
|
|
</param>
|
|
</request>
|
|
<response status="200 203"/>
|
|
&commonFaults;
|
|
&getFaults;
|
|
</method>
|
|
|
|
<!--User Operations-->
|
|
<method name="GET" id="getUserByName">
|
|
<doc xml:lang="EN" title="Get a User by Name">
|
|
<p xmlns="http://www.w3.org/1999/xhtml">
|
|
Returns detailed information about a specific user, by user name.
|
|
</p>
|
|
</doc>
|
|
<request>
|
|
<param name="name" style="query" type="xsd:string" required="true"/>
|
|
</request>
|
|
<response status="200 203">
|
|
<representation mediaType="application/xml" element="identity:user">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/user.xml"/>
|
|
</doc>
|
|
</representation>
|
|
<representation mediaType="application/json">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/user.json"/>
|
|
</doc>
|
|
</representation>
|
|
</response>
|
|
&commonFaults;
|
|
&getFaults;
|
|
</method>
|
|
<method name="GET" id="getUserById">
|
|
<doc xml:lang="EN" title="Get a User by ID">
|
|
<p xmlns="http://www.w3.org/1999/xhtml">
|
|
Returns detailed information about a specific user, by user id.
|
|
</p>
|
|
</doc>
|
|
<response status="200 203">
|
|
<representation mediaType="application/xml" element="identity:user">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/user.xml"/>
|
|
</doc>
|
|
</representation>
|
|
<representation mediaType="application/json">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/user.json"/>
|
|
</doc>
|
|
</representation>
|
|
</response>
|
|
&commonFaults;
|
|
&getFaults;
|
|
</method>
|
|
<method name="GET" id="listUserGlobalRoles">
|
|
<doc xml:lang="EN" title="List User Global Roles">
|
|
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
|
|
Returns global roles for a specific user (excludes tenant roles).
|
|
</p>
|
|
<p xmlns="http://www.w3.org/1999/xhtml">Returns a list of global roles associated with a specific
|
|
user (excludes tenant roles).</p>
|
|
</doc>
|
|
<response status="200 203">
|
|
<representation mediaType="application/xml" element="identity:roles">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/roles.xml"/>
|
|
</doc>
|
|
</representation>
|
|
<representation mediaType="application/json">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/roles.json"/>
|
|
</doc>
|
|
</representation>
|
|
</response>
|
|
&commonFaults;
|
|
&getFaults;
|
|
</method>
|
|
|
|
<!-- Tenant Operations -->
|
|
|
|
<method name="GET" id="listTenants">
|
|
<doc xml:lang="EN" title="Get Tenants">
|
|
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
|
|
Get a list of tenants.
|
|
</p>
|
|
<p xmlns="http://www.w3.org/1999/xhtml">
|
|
The operation returns a list of tenants which the supplied token provides
|
|
access to. This call must be authenticated, so a valid token must
|
|
be passed in as a header.
|
|
</p>
|
|
<xsdxt:samples>
|
|
<xsdxt:sample xmlns="http://docs.rackspace.com/api" title="Tenants Request with Auth Token">
|
|
<xsdxt:code href="../common/samples/tenants-request.txt" language="text"/>
|
|
</xsdxt:sample>
|
|
</xsdxt:samples>
|
|
</doc>
|
|
<request>
|
|
<param name="marker" style="query" required="false" type="xsd:string"/>
|
|
<param name="limit" style="query" required="false" type="xsd:int"/>
|
|
</request>
|
|
<response status="200 203">
|
|
<representation mediaType="application/xml" element="identity:tenants">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/tenants.xml"/>
|
|
</doc>
|
|
</representation>
|
|
<representation mediaType="application/json">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/tenants.json"/>
|
|
</doc>
|
|
</representation>
|
|
</response>
|
|
&commonFaults;
|
|
&getFaults;
|
|
</method>
|
|
<method name="GET" id="getTenantByName">
|
|
<doc xml:lang="EN" title="Get tenants by name">
|
|
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
|
|
Returns detailed information about a tenant, by name.
|
|
</p>
|
|
</doc>
|
|
<request>
|
|
<param name="name" style="query" type="xsd:string" required="true"/>
|
|
</request>
|
|
<response status="200 203">
|
|
<representation mediaType="application/xml" element="identity:tenant">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/tenant.xml"/>
|
|
</doc>
|
|
</representation>
|
|
<representation mediaType="application/json">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/tenant.json"/>
|
|
</doc>
|
|
</representation>
|
|
</response>
|
|
&commonFaults;
|
|
&getFaults;
|
|
</method>
|
|
<method name="GET" id="getTenantById">
|
|
<doc xml:lang="EN" title="Get Tenants by ID">
|
|
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
|
|
Returns detailed information about a tenant, by id.
|
|
</p>
|
|
</doc>
|
|
<response status="200 203">
|
|
<representation mediaType="application/xml" element="identity:tenant">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/tenant.xml"/>
|
|
</doc>
|
|
</representation>
|
|
<representation mediaType="application/json">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/tenant.json"/>
|
|
</doc>
|
|
</representation>
|
|
</response>
|
|
&commonFaults;
|
|
&getFaults;
|
|
</method>
|
|
<method name="GET" id="listEndpointsForToken">
|
|
<doc xml:lang="EN" title="List Endoints for a Token">
|
|
<p xmlns="http://www.w3.org/1999/xhtml">
|
|
Returns a list of endpoints associated with a specific token.
|
|
</p>
|
|
</doc>
|
|
<response status="200 203">
|
|
<representation mediaType="application/xml" element="identity:endpoints">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/endpoints.xml"/>
|
|
</doc>
|
|
</representation>
|
|
<representation mediaType="application/json">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/endpoints.json"/>
|
|
</doc>
|
|
</representation>
|
|
</response>
|
|
&commonFaults;
|
|
&getFaults;
|
|
</method>
|
|
|
|
<method name="GET" id="listRolesForUserOnTenant">
|
|
<doc xml:lang="EN" title="List Roles for User on Tenant">
|
|
<p xmlns="http://www.w3.org/1999/xhtml">
|
|
Returns roles for a specific user on a specific tenant (excludes global roles).
|
|
</p>
|
|
</doc>
|
|
<response status="200 203">
|
|
<representation mediaType="application/xml" element="identity:roles">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/roles.xml"/>
|
|
</doc>
|
|
</representation>
|
|
<representation mediaType="application/json">
|
|
<doc>
|
|
<xsdxt:code href="../common/samples/roles.json"/>
|
|
</doc>
|
|
</representation>
|
|
</response>
|
|
&commonFaults;
|
|
&getFaults;
|
|
</method>
|
|
</application>
|