Identity API v2.0 extensions (DEPRECATED)¶
OS-KSEC2 admin extension¶
Supports Amazon Elastic Compute (EC2) style authentication.
Authenticate for token.
Request¶
Example¶
{ "credentials": { "access": "8cff51dc66594df4a2ae121f796df36c", "host": "localhost", "params": { "Action": "Test", "SignatureMethod": "HmacSHA256", "SignatureVersion": "2", "Timestamp": "2007-01-31T23:59:59Z" }, "path": "/", "secret": "df8daeaa981b40cea1217fead123bc64", "signature": "Fra2UBKKtqy3GQ0mj+JqzR8GTGsbWQW+yN5Nih9ThfI=", "verb": "GET" } } Parameters¶
Response¶
Status Codes¶
Success¶
Code | Reason |
|---|---|
200 - OK | Request was successful. |
Error¶
Code | Reason |
|---|---|
400 - Bad Request | Some content in the request was invalid. |
401 - Unauthorized | User must authenticate before making a request. |
Example¶
{ "access": { "metadata": { "is_admin": 0, "roles": ["9fe2ff9ee4384b1894a90878d3e92bab"] }, "serviceCatalog": [], "token": { "audit_ids": ["AVUi_tN8SFWnHYaYpCcMEQ"], "expires": "2018-02-02T21:13:19.000000Z", "id": "gAAAAABadMZfZa_PZNOSi5iQoqPZ1b-VIo2Gnlf4Z_oJotw8qTh1Yv8_CFysOnoxRIrfFI-EcrErdJM2CrP7o6aDNR5AbfnFtSN_zgzzesEWaOaQkoLpk9X1lLada2KcQpWAeNafjNYSiP7JFjW6N4ngAm9U7egUW6MwUPPxi5e8igR5DtNc0FU", "issued_at": "2018-02-02T20:13:19.000000Z", "tenant": { "description": "description", "enabled": true, "id": "6b85a6ff4e0b4040a81708d6e063e4e7", "name": "BAR", "tags": [] } }, "user": { "id": "b245550742cf4c2fb9cf37aa1eda866e", "name": "foo", "roles": [ {"name": "_member_"} ], "roles_links": [], "username": "foo" } } } Grants a credential to a user.
Request¶
Name | In | Type | Description |
|---|---|---|---|
userId | path | string | The user ID. |
Example¶
{ "OS-KSEC2-ec2Credentials": { "username": "test_user", "secret": "secretsecret", "signature": "bbb" } } Response¶
Status Codes¶
Success¶
Code | Reason |
|---|---|
201 - Created | Resource was created and is ready to use. |
Error¶
Code | Reason |
|---|---|
400 - Bad Request | Some content in the request was invalid. |
401 - Unauthorized | User must authenticate before making a request. |
403 - Forbidden | Policy does not allow current user to do this operation. |
404 - Not Found | The requested resource could not be found. |
405 - Method Not Allowed | Method is not valid for this endpoint. |
409 - Conflict | This operation conflicted with another operation on this resource. |
413 - Request Entity Too Large | The request is larger than the server is willing or able to process. |
415 - Unsupported Media Type | The request entity has a media type which the server or resource does not support. |
503 - Service Unavailable | Service is not available. This is mostly caused by service configuration errors which prevents the service from successful start up. |
Lists credentials.
Request¶
Name | In | Type | Description |
|---|---|---|---|
userId | path | string | The user ID. |
Response¶
Status Codes¶
Success¶
Code | Reason |
|---|---|
200 - OK | Request was successful. |
Error¶
Code | Reason |
|---|---|
400 - Bad Request | Some content in the request was invalid. |
401 - Unauthorized | User must authenticate before making a request. |
403 - Forbidden | Policy does not allow current user to do this operation. |
404 - Not Found | The requested resource could not be found. |
405 - Method Not Allowed | Method is not valid for this endpoint. |
413 - Request Entity Too Large | The request is larger than the server is willing or able to process. |
503 - Service Unavailable | Service is not available. This is mostly caused by service configuration errors which prevents the service from successful start up. |
Example¶
{ "credentials": [ { "passwordCredentials": { "username": "test_user", "password": "secretsecret" } }, { "OS-KSEC2-ec2Credentials": { "username": "test_user", "secret": "secretsecret", "signature": "bbb" } } ], "credentials_links": [] } Deletes user credentials.
Request¶
Name | In | Type | Description |
|---|---|---|---|
userId | path | string | The user ID. |
credentialId | path | string | The credential id. |
Response¶
Status Codes¶
Success¶
Code | Reason |
|---|---|
204 - No Content | The server has fulfilled the request. |
Error¶
Code | Reason |
|---|---|
400 - Bad Request | Some content in the request was invalid. |
401 - Unauthorized | User must authenticate before making a request. |
403 - Forbidden | Policy does not allow current user to do this operation. |
404 - Not Found | The requested resource could not be found. |
405 - Method Not Allowed | Method is not valid for this endpoint. |
409 - Conflict | This operation conflicted with another operation on this resource. |
413 - Request Entity Too Large | The request is larger than the server is willing or able to process. |
415 - Unsupported Media Type | The request entity has a media type which the server or resource does not support. |
503 - Service Unavailable | Service is not available. This is mostly caused by service configuration errors which prevents the service from successful start up. |
Gets user credentials.
Request¶
Name | In | Type | Description |
|---|---|---|---|
userId | path | string | The user ID. |
credentialId | path | string | The credential id. |
Response¶
Status Codes¶
Success¶
Code | Reason |
|---|---|
200 - OK | Request was successful. |
Error¶
Code | Reason |
|---|---|
400 - Bad Request | Some content in the request was invalid. |
401 - Unauthorized | User must authenticate before making a request. |
403 - Forbidden | Policy does not allow current user to do this operation. |
404 - Not Found | The requested resource could not be found. |
405 - Method Not Allowed | Method is not valid for this endpoint. |
413 - Request Entity Too Large | The request is larger than the server is willing or able to process. |
503 - Service Unavailable | Service is not available. This is mostly caused by service configuration errors which prevents the service from successful start up. |
Example¶
{ "OS-KSEC2-ec2Credentials": { "username": "test_user", "secret": "secretsecret", "signature": "bbb" } } 