Identity API v2.0 extensions (DEPRECATED)¶
OS-KSEC2 admin extension¶
Supports Amazon Elastic Compute (EC2) style authentication.
Authenticate for token.
Request¶
Example¶
{
"credentials": {
"access": "8cff51dc66594df4a2ae121f796df36c",
"host": "localhost",
"params": {
"Action": "Test",
"SignatureMethod": "HmacSHA256",
"SignatureVersion": "2",
"Timestamp": "2007-01-31T23:59:59Z"
},
"path": "/",
"secret": "df8daeaa981b40cea1217fead123bc64",
"signature": "Fra2UBKKtqy3GQ0mj+JqzR8GTGsbWQW+yN5Nih9ThfI=",
"verb": "GET"
}
}
Parameters¶
Response¶
Status Codes¶
Success¶
Code |
Reason |
|---|---|
200 - OK |
Request was successful. |
Error¶
Code |
Reason |
|---|---|
400 - Bad Request |
Some content in the request was invalid. |
401 - Unauthorized |
User must authenticate before making a request. |
Example¶
{
"access": {
"metadata": {
"is_admin": 0,
"roles": ["9fe2ff9ee4384b1894a90878d3e92bab"]
},
"serviceCatalog": [],
"token": {
"audit_ids": ["AVUi_tN8SFWnHYaYpCcMEQ"],
"expires": "2018-02-02T21:13:19.000000Z",
"id": "gAAAAABadMZfZa_PZNOSi5iQoqPZ1b-VIo2Gnlf4Z_oJotw8qTh1Yv8_CFysOnoxRIrfFI-EcrErdJM2CrP7o6aDNR5AbfnFtSN_zgzzesEWaOaQkoLpk9X1lLada2KcQpWAeNafjNYSiP7JFjW6N4ngAm9U7egUW6MwUPPxi5e8igR5DtNc0FU",
"issued_at": "2018-02-02T20:13:19.000000Z",
"tenant": {
"description": "description",
"enabled": true,
"id": "6b85a6ff4e0b4040a81708d6e063e4e7",
"name": "BAR",
"tags": []
}
},
"user": {
"id": "b245550742cf4c2fb9cf37aa1eda866e",
"name": "foo",
"roles": [
{"name": "_member_"}
],
"roles_links": [],
"username": "foo"
}
}
}
Grants a credential to a user.
Request¶
Name |
In |
Type |
Description |
|---|---|---|---|
userId |
path |
string |
The user ID. |
Example¶
{
"OS-KSEC2-ec2Credentials": {
"username": "test_user",
"secret": "secretsecret",
"signature": "bbb"
}
}
Response¶
Status Codes¶
Success¶
Code |
Reason |
|---|---|
201 - Created |
Resource was created and is ready to use. |
Error¶
Code |
Reason |
|---|---|
400 - Bad Request |
Some content in the request was invalid. |
401 - Unauthorized |
User must authenticate before making a request. |
403 - Forbidden |
Policy does not allow current user to do this operation. |
404 - Not Found |
The requested resource could not be found. |
405 - Method Not Allowed |
Method is not valid for this endpoint. |
409 - Conflict |
This operation conflicted with another operation on this resource. |
413 - Request Entity Too Large |
The request is larger than the server is willing or able to process. |
415 - Unsupported Media Type |
The request entity has a media type which the server or resource does not support. |
503 - Service Unavailable |
Service is not available. This is mostly caused by service configuration errors which prevents the service from successful start up. |
Lists credentials.
Request¶
Name |
In |
Type |
Description |
|---|---|---|---|
userId |
path |
string |
The user ID. |
Response¶
Status Codes¶
Success¶
Code |
Reason |
|---|---|
200 - OK |
Request was successful. |
Error¶
Code |
Reason |
|---|---|
400 - Bad Request |
Some content in the request was invalid. |
401 - Unauthorized |
User must authenticate before making a request. |
403 - Forbidden |
Policy does not allow current user to do this operation. |
404 - Not Found |
The requested resource could not be found. |
405 - Method Not Allowed |
Method is not valid for this endpoint. |
413 - Request Entity Too Large |
The request is larger than the server is willing or able to process. |
503 - Service Unavailable |
Service is not available. This is mostly caused by service configuration errors which prevents the service from successful start up. |
Example¶
{
"credentials": [
{
"passwordCredentials": {
"username": "test_user",
"password": "secretsecret"
}
},
{
"OS-KSEC2-ec2Credentials": {
"username": "test_user",
"secret": "secretsecret",
"signature": "bbb"
}
}
],
"credentials_links": []
}
Deletes user credentials.
Request¶
Name |
In |
Type |
Description |
|---|---|---|---|
userId |
path |
string |
The user ID. |
credentialId |
path |
string |
The credential id. |
Response¶
Status Codes¶
Success¶
Code |
Reason |
|---|---|
204 - No Content |
The server has fulfilled the request. |
Error¶
Code |
Reason |
|---|---|
400 - Bad Request |
Some content in the request was invalid. |
401 - Unauthorized |
User must authenticate before making a request. |
403 - Forbidden |
Policy does not allow current user to do this operation. |
404 - Not Found |
The requested resource could not be found. |
405 - Method Not Allowed |
Method is not valid for this endpoint. |
409 - Conflict |
This operation conflicted with another operation on this resource. |
413 - Request Entity Too Large |
The request is larger than the server is willing or able to process. |
415 - Unsupported Media Type |
The request entity has a media type which the server or resource does not support. |
503 - Service Unavailable |
Service is not available. This is mostly caused by service configuration errors which prevents the service from successful start up. |
Gets user credentials.
Request¶
Name |
In |
Type |
Description |
|---|---|---|---|
userId |
path |
string |
The user ID. |
credentialId |
path |
string |
The credential id. |
Response¶
Status Codes¶
Success¶
Code |
Reason |
|---|---|
200 - OK |
Request was successful. |
Error¶
Code |
Reason |
|---|---|
400 - Bad Request |
Some content in the request was invalid. |
401 - Unauthorized |
User must authenticate before making a request. |
403 - Forbidden |
Policy does not allow current user to do this operation. |
404 - Not Found |
The requested resource could not be found. |
405 - Method Not Allowed |
Method is not valid for this endpoint. |
413 - Request Entity Too Large |
The request is larger than the server is willing or able to process. |
503 - Service Unavailable |
Service is not available. This is mostly caused by service configuration errors which prevents the service from successful start up. |
Example¶
{
"OS-KSEC2-ec2Credentials": {
"username": "test_user",
"secret": "secretsecret",
"signature": "bbb"
}
}
