The
apikeyCredentials extended attribute supports Rackspace style
authentication.
| Verb | URI | Description |
|---|---|---|
| POST | /tokens | Authenticates and generates a token. |
Normal Response Code(s):200, 203
Error Response Code(s): unauthorized (401), userDisabled (403), badRequest (400), identityFault (500), serviceUnavailable(503)
This call returns a token if successful. Clients obtain this token, along with the URL to other service APIs, by first authenticating against OpenStack Identity and supplying valid credentials. This extension provides support for Rackspace style API Key credentials.
Client authentication is provided through a ReST interface using the POST method, with v2.0/tokens supplied as the path. A payload of credentials must be included in the body. See Chapter 2, Client API Operations.
The Identity API is a ReSTful web service. It is the entry point to all service APIs. To access the Identity API, you must know its URL.
Example 6.29. Auth with apikeyCredentials: JSON Request
{
"RAX-KSKEY:apiKeyCredentials":{
"username": "test_user",
"apiKey": "aaaaa-bbbbb-ccccc-12345678"
}
}
Example 6.30. Auth with apikeyCredentials: XML Request
<?xml version="1.0" encoding="UTF-8"?>
<apiKeyCredentials
xmlns="http://docs.rackspace.com/identity/api/ext/RAX-KSKEY/v1.0"
username="testuser"
apiKey="aaaaa-bbbbb-ccccc-12345678"/>
Example 6.31. Auth with apikeyCredentials: JSON Response
{
"access":{
"token":{
"id": "ab48a9efdfedb23ty3494",
"expires": "2010-11-01T03:32:15-05:00",
"tenant":{
"id": "t1000",
"name": "My Project"
}
},
"user":{
"id": "u123",
"name": "jqsmith",
"roles":[{
"id": "100",
"name": "compute:admin"
},
{
"id": "101",
"name": "object-store:admin",
"tenantId": "t1000"
}
],
"roles_links":[]
},
"serviceCatalog":[{
"name": "Cloud Servers",
"type": "compute",
"endpoints":[{
"tenantId": "t1000",
"publicURL": "https://compute.north.host.com/v1/t1000",
"internalURL": "https://compute.north.internal/v1/t1000",
"region": "North",
"versionId": "1",
"versionInfo": "https://compute.north.host.com/v1/",
"versionList": "https://compute.north.host.com/"
},
{
"tenantId": "t1000",
"publicURL": "https://compute.north.host.com/v1.1/t1000",
"internalURL": "https://compute.north.internal/v1.1/t1000",
"region": "North",
"versionId": "1.1",
"versionInfo": "https://compute.north.host.com/v1.1/",
"versionList": "https://compute.north.host.com/"
}
],
"endpoints_links":[]
},
{
"name": "Cloud Files",
"type": "object-store",
"endpoints":[{
"tenantId": "t1000",
"publicURL": "https://storage.north.host.com/v1/t1000",
"internalURL": "https://storage.north.internal/v1/t1000",
"region": "North",
"versionId": "1",
"versionInfo": "https://storage.north.host.com/v1/",
"versionList": "https://storage.north.host.com/"
},
{
"tenantId": "t1000",
"publicURL": "https://storage.south.host.com/v1/t1000",
"internalURL": "https://storage.south.internal/v1/t1000",
"region": "South",
"versionId": "1",
"versionInfo": "https://storage.south.host.com/v1/",
"versionList": "https://storage.south.host.com/"
}
]
},
{
"name": "DNS-as-a-Service",
"type": "dnsextension:dns",
"endpoints":[{
"tenantId": "t1000",
"publicURL": "https://dns.host.com/v2.0/t1000",
"versionId": "2.0",
"versionInfo": "https://dns.host.com/v2.0/",
"versionList": "https://dns.host.com/"
}
]
}
]
}
}
Example 6.32. Auth with apikeyCredentials: XML Response
<?xml version="1.0" encoding="UTF-8"?>
<access xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://docs.openstack.org/identity/api/v2.0">
<token id="ab48a9efdfedb23ty3494" expires="2010-11-01T03:32:15-05:00">
<tenant id="t1000" name="My Project" />
</token>
<user id="u123" name="jqsmith">
<roles>
<role id="100" name="compute:admin"/>
<role id="101" name="object-store:admin" tenantId="t1000"/>
</roles>
</user>
<serviceCatalog>
<service type="compute" name="Cloud Servers">
<endpoint
tenantId="t1000"
region="North"
publicURL="https://compute.north.host.com/v1/t1000"
internalURL="https://compute.north.host.internal/v1/t1000">
<version
id="1"
info="https://compute.north.host.com/v1/"
list="https://compute.north.host.com/"
/>
</endpoint>
<endpoint
tenantId="t1000"
region="North"
publicURL="https://compute.north.host.com/v1.1/t1000"
internalURL="https://compute.north.host.internal/v1.1/t1000">
<version
id="1.1"
info="https://compute.north.host.com/v1.1/"
list="https://compute.north.host.com/" />
</endpoint>
</service>
<service type="object-store" name="Cloud Files">
<endpoint
tenantId="t1000"
region="North"
publicURL="https://storage.north.host.com/v1/t1000"
internalURL="https://storage.north.host.internal/v1/t1000">
<version
id="1"
info="https://storage.north.host.com/v1/"
list="https://storage.north.host.com/" />
</endpoint>
<endpoint
tenantId="t1000"
region="South"
publicURL="https://storage.south.host.com/v1/t1000"
internalURL="https://storage.south.host.internal/v1/t1000">
<version
id="1"
info="https://storage.south.host.com/v1/"
list="https://storage.south.host.com/" />
</endpoint>
</service>
<service type="dnsextension:dns" name="DNS-as-a-Service">
<endpoint
tenantId="t1000"
publicURL="https://dns.host.com/v2.0/t1000">
<version
id="2.0"
info="https://dns.host.com/v2.0/"
list="https://dns.host.com/" />
</endpoint>
</service>
</serviceCatalog>
</access>
