Identity Admin API v2.0 (DEPRECATED)

Identity Admin API v2.0 (DEPRECATED)

Tenants

GET
/v2.0/tenants/{tenantId}

Show tenant details, by ID

Shows details for a tenant, by ID.

Normal response codes: 200,203 Error response codes: 413,405,404,403,401,400,503

Request

Name In Type Description
tenantId path string The tenant ID.

Response Parameters

Name In Type Description
tenant body string A tenant object.
enabled body boolean Indicates whether the tenant is enabled or disabled.
description body string The description of the tenant. If not set, this value is null.
name body string Tenant name.
id body string The tenant ID.

Response Example

{
    "tenant": {
        "id": "1234",
        "name": "ACME corp",
        "description": "A description ...",
        "enabled": true
    }
}
GET
/v2.0/tenants/{tenantId}/users

List users on a tenant

Lists all users for a tenant.

Normal response codes: 200, 203 Error response codes: 413, 405, 404, 403, 401, 400, 503

Request

Name In Type Description
tenantId path string The tenant ID.

Response Parameters

Name In Type Description
users body array One or more user objects.
users_link body array The link to the reporesented user collection.
enabled body boolean Indicates whether the user is enabled (true) or disabled(false). The default value is true.
username body string The user name.
email body string The user email.
id body string The user ID.

Response Example

{
    "users": [
        {
            "id": "3c9530e",
            "name": "admin",
            "email": "admin@example.org",
            "username": "admin",
            "enabled": true
        },
        {
            "id": "a0ae37b",
            "name": "demo",
            "email": "demo@example.org",
            "username": "demo",
            "enabled": true
        }
    ],
    "users_links": []
}
GET
/v2.0/tenants/{tenantId}/users/{userId}/roles

List roles for user

Lists roles for a user on a tenant. Excludes global roles.

Normal response codes: 200,203 Error response codes: 413,405,404,403,401,400,503

Request

Name In Type Description
userId path string The user ID.
tenantId path string The tenant ID.

Response Parameters

Name In Type Description
roles body array The collection of roles.
roles_links body array The link to the represented role collection.
description body string The role description.
name body string The role name.
id body string The role ID.

Response Example

{
    "roles": [
        {
            "id": "123",
            "name": "compute:admin",
            "description": "Nova Administrator"
        }
    ],
    "roles_links": []
}
GET
/v2.0/tenants

List tenants (admin endpoint)

Lists all tenants.

Normal response codes: 200,203 Error response codes: 413,405,404,403,401,400,503

Response Parameters

Name In Type Description
tenants body array The collection of tenants.
tenant_links body array The link to the represented tenant collection.
enabled body boolean Indicates whether the tenant is enabled or disabled.
description body string The description of the tenant. If not set, this value is null.
name body string Tenant name.
id body string The tenant ID.

Response Example

{
    "tenants": [
        {
            "id": "1234",
            "name": "ACME Corp",
            "description": "A description ...",
            "enabled": true
        },
        {
            "id": "3456",
            "name": "Iron Works",
            "description": "A description ...",
            "enabled": true
        }
    ],
    "tenants_links": []
}
GET
/v2.0/tenants

Show tenant details, by name

Shows details for a tenant, by name.

Normal response codes: 200,203 Error response codes: 413,405,404,403,401,400,503

Request

Name In Type Description
name (Optional) query string Filters the response by a tenant name.

Response Parameters

Name In Type Description
tenant body string A tenant object.
enabled body boolean Indicates whether the tenant is enabled or disabled.
description body string The description of the tenant. If not set, this value is null.
name body string Tenant name.
id body string The tenant ID.

Response Example

{
    "tenant": {
        "id": "1234",
        "name": "ACME corp",
        "description": "A description ...",
        "enabled": true
    }
}
DELETE
/v2.0/tenants/{tenantId}

Delete tenant

Deletes a tenant.

Normal response codes: 204 Error response codes: 413,415,405,404,403,401,400,503,409

Request

Name In Type Description
tenantId path string The tenant ID.
POST
/v2.0/tenants/{tenantId}

Update tenant

Updates a tenant.

Normal response codes: 200 Error response codes: 413,415,405,404,403,401,400,503,409

Request

Name In Type Description
tenantId path string The tenant ID.
tenant body string A tenant object.
enabled body boolean Indicates whether the tenant is enabled or disabled.
description body string The description of the tenant. If not set, this value is null.
name body string Tenant name.

Request Example

{
    "tenant": {
        "id": "1234",
        "name": "ACME corp",
        "description": "A description ...",
        "enabled": true
    }
}

Response Parameters

Name In Type Description
tenant body string A tenant object.
enabled body boolean Indicates whether the tenant is enabled or disabled.
description body string The description of the tenant. If not set, this value is null.
name body string Tenant name.
id body string The tenant ID.

Response Example

{
    "tenant": {
        "id": "1234",
        "name": "ACME corp",
        "description": "A description ...",
        "enabled": true
    }
}
POST
/v2.0/tenants

Create tenant

Creates a tenant.

Normal response codes: 201 Error response codes: 413,415,405,404,403,401,400,503,409

Request Example

{
    "tenant": {
        "name": "ACME corp",
        "description": "A description ...",
        "enabled": true
    }
}

Response Parameters

Name In Type Description
tenant body string A tenant object.
enabled body boolean Indicates whether the tenant is enabled or disabled.
description body string The description of the tenant. If not set, this value is null.
name body string Tenant name.
id body string The tenant ID.

Tokens

GET
/v2.0/tokens/{tokenId}/endpoints

List endoints for token

Lists the endpoints associated with a token.

Normal response codes: 200,203 Error response codes: 413,405,404,403,401,400,503

Request

Name In Type Description
tokenId path string The authentication token for which to perform the operation.

Response Example

{
    "endpoints_links": [],
    "endpoints": [
        {
            "name": "nova",
            "adminURL": "https://nova.region-one.internal.com/v2/be1319401cfa4a0aa590b97cc7b64d8d",
            "region": "RegionOne",
            "internalURL": "https://nova.region-one.internal.com/v2/be1319401cfa4a0aa590b97cc7b64d8d",
            "type": "compute",
            "id": "11b41ee1b00841128b7333d4bf1a6140",
            "publicURL": "https://nova.region-one.public.com/v2/be1319401cfa4a0aa590b97cc7b64d8d"
        },
        {
            "name": "neutron",
            "adminURL": "https://neutron.region-one.internal.com/",
            "region": "RegionOne",
            "internalURL": "https://neutron.region-one.internal.com/",
            "type": "network",
            "id": "cdbfa3c416d741a9b5c968f2dc628acb",
            "publicURL": "https://neutron.region-one.public.com/"
        },
        {
            "name": "cinderv2",
            "adminURL": "https://cinderv2.region-one.internal.com/v2/be1319401cfa4a0aa590b97cc7b64d8d",
            "region": "RegionOne",
            "internalURL": "https://cinderv2.region-one.internal.com/v2/be1319401cfa4a0aa590b97cc7b64d8d",
            "type": "cinderv2v2",
            "id": "6de282e4132747ecb48f6fd8c525c6f6",
            "publicURL": "https://cinderv2.region-one.public.com/v2/be1319401cfa4a0aa590b97cc7b64d8d"
        },
        {
            "name": "trove",
            "adminURL": "https://trove.region-one.internal.com/v1.0/be1319401cfa4a0aa590b97cc7b64d8d",
            "region": "RegionOne",
            "internalURL": "https://trove.region-one.internal.com/v1.0/be1319401cfa4a0aa590b97cc7b64d8d",
            "type": "database",
            "id": "4bfad53a0c684bd981d093099eb7799b",
            "publicURL": "https://trove.region-one.public.com/v1.0/be1319401cfa4a0aa590b97cc7b64d8d"
        },
        {
            "name": "s3",
            "adminURL": "https://s3.region-one.internal.com",
            "region": "RegionOne",
            "internalURL": "https://s3.region-one.internal.com",
            "type": "s3",
            "id": "50fb6b43cde44bb6b0e471a682dc42dd",
            "publicURL": "https://s3.region-one.public.com"
        },
        {
            "name": "glance",
            "adminURL": "https://glance.region-one.internal.com",
            "region": "RegionOne",
            "internalURL": "https://glance.region-one.internal.com",
            "type": "glance",
            "id": "838a338171164c3c8f56e6b5882267ff",
            "publicURL": "https://glance.region-one.public.com"
        },
        {
            "name": "novav3",
            "adminURL": "https://novav3.region-one.internal.com/v3",
            "region": "RegionOne",
            "internalURL": "https://novav3.region-one.internal.com/v3",
            "type": "computev3",
            "id": "b437edd03d244bf4be605b9b8c8689e0",
            "publicURL": "https://novav3.region-one.public.com/v3"
        },
        {
            "name": "heat",
            "adminURL": "https://heat.region-one.internal.comv1",
            "region": "RegionOne",
            "internalURL": "https://heat.region-one.internal.comv1",
            "type": "cloudformation",
            "id": "7a0f6f37344d488fa596a1325e0fcf10",
            "publicURL": "https://heat.region-one.public.comv1"
        },
        {
            "name": "cinder",
            "adminURL": "https://cinder.region-one.internal.com/v1/be1319401cfa4a0aa590b97cc7b64d8d",
            "region": "RegionOne",
            "internalURL": "https://cinder.region-one.internal.com/v1/be1319401cfa4a0aa590b97cc7b64d8d",
            "type": "cinderv2",
            "id": "d4f251065dce4ce3946d3c1b87e167f2",
            "publicURL": "https://cinder.region-one.public.com/v1/be1319401cfa4a0aa590b97cc7b64d8d"
        },
        {
            "name": "ec2",
            "adminURL": "https://ec2.region-one.internal.com/services/Admin",
            "region": "RegionOne",
            "internalURL": "https://ec2.region-one.internal.com/services/Cloud",
            "type": "ec2",
            "id": "44c6bf28d9bd4d63bfb00d66f22439a8",
            "publicURL": "https://ec2.region-one.public.com/services/Cloud"
        },
        {
            "name": "heat",
            "adminURL": "https://heat.region-one.internal.com/v1/be1319401cfa4a0aa590b97cc7b64d8d",
            "region": "RegionOne",
            "internalURL": "https://heat.region-one.internal.com/v1/be1319401cfa4a0aa590b97cc7b64d8d",
            "type": "orchestration",
            "id": "21aaace3f33c46b8aaea2b17d41ffd54",
            "publicURL": "https://heat.region-one.public.com/v1/be1319401cfa4a0aa590b97cc7b64d8d"
        },
        {
            "name": "swift",
            "adminURL": "https://swift.region-one.internal.com",
            "region": "RegionOne",
            "internalURL": "https://swift.region-one.internal.com/v1/AUTH_be1319401cfa4a0aa590b97cc7b64d8d",
            "type": "object-store",
            "id": "35f7aca3be384580a3b1df43a97c2eb2",
            "publicURL": "https://swift.region-one.public.com/v1/AUTH_be1319401cfa4a0aa590b97cc7b64d8d"
        },
        {
            "name": "keystone",
            "adminURL": "https://keystone.region-one.internal.com/v2.0",
            "region": "RegionOne",
            "internalURL": "https://keystone.region-one.internal.com/v2.0",
            "type": "identity",
            "id": "48da758fb58c47dcaf02000a4409a265",
            "publicURL": "https://keystone.region-one.public.com/v2.0"
        }
    ]
}
POST
/v2.0/tokens

Authenticate for admin API

Authenticates and generates a token.

A REST interface provides client authentication by using the POST method with v2.0/tokens as the path. Include a payload of credentials in the body.

The Identity API is a RESTful web service. It is the entry point to all service APIs. To access the Identity API, you must know its URL.

Each REST request against the Identity Service requires the X -Auth-Token header. Clients obtain this token and the URL endpoints for other service APIs by supplying their valid credentials to the authentication service.

If the authentication token has expired, this call returns the HTTP unauthorized (401) response code.

If the token has expired, this call returns the itemNotFound (404) response code.

The Identity API treats expired tokens as no longer valid tokens.

The deployment determines how long expired tokens are stored.

To view the trust object, you need to set trust enable on the keystone configuration.

Normal response codes: 200,203 Error response codes: 413,405,404,403,401,400,503

Request Example

{
    "auth": {
        "tenantName": "demo",
        "token": {
            "id": "cbc36478b0bd8e67e89469c7749d4127"
        }
    }
}

Response Parameters

Name In Type Description
token body string A token object.
access body string An access object.
issued_at body string

The date and time when the token was issued.

The date and time stamp format is ISO 8601:

CCYY-MM-DDThh:mm:ss.sssZ

For example, 2015-08-27T09:49:58.000000Z.

expires body string

The date and time when the token expires.

The date and time stamp format is ISO 8601:

CCYY-MM-DDThh:mm:ss.sssZ

For example, 2015-08-27T09:49:58.000000Z.

A null value indicates that the token never expires.

id body string The token ID.
tenant body string A tenant object.
description body string The description of the tenant. If not set, this value is null.
serviceCatalog body string A serviceCatalog object.
type body string The service catalog type.
endpoints_links body string Links for the endpoint.
impersonation (Optional) body string The impersonation flag.
endpoints body array One or more endpoint objects. Each object shows the adminURL, region, internalURL, id, and publicURL for the endpoint.
user body string A user object, which shows the username, roles_links, id, roles, and name.
roles body array The collection of roles.
metadata body string A metadata object.
trust (Optional) body string A trust object.

Response Example

{
    "access": {
        "token": {
            "issued_at": "2014-01-30T17:09:57.647795",
            "expires": "2014-01-31T17:09:57Z",
            "id": "admin_id",
            "tenant": {
                "description": null,
                "enabled": true,
                "id": "73f0aa26640f4971864919d0eb0f0880",
                "name": "admin"
            }
        },
        "serviceCatalog": [
            {
                "endpoints": [
                    {
                        "adminURL": "http://23.253.72.207:8774/v2/73f0aa26640f4971864919d0eb0f0880",
                        "region": "RegionOne",
                        "internalURL": "http://23.253.72.207:8774/v2/73f0aa26640f4971864919d0eb0f0880",
                        "id": "2dad48f09e2a447a9bf852bcd93548ef",
                        "publicURL": "http://23.253.72.207:8774/v2/73f0aa26640f4971864919d0eb0f0880"
                    }
                ],
                "endpoints_links": [],
                "type": "compute",
                "name": "nova"
            },
            {
                "endpoints": [
                    {
                        "adminURL": "http://23.253.72.207:9696/",
                        "region": "RegionOne",
                        "internalURL": "http://23.253.72.207:9696/",
                        "id": "97c526db8d7a4c88bbb8d68db1bdcdb8",
                        "publicURL": "http://23.253.72.207:9696/"
                    }
                ],
                "endpoints_links": [],
                "type": "network",
                "name": "neutron"
            },
            {
                "endpoints": [
                    {
                        "adminURL": "http://23.253.72.207:8776/v2/73f0aa26640f4971864919d0eb0f0880",
                        "region": "RegionOne",
                        "internalURL": "http://23.253.72.207:8776/v2/73f0aa26640f4971864919d0eb0f0880",
                        "id": "93f86dfcbba143a39a33d0c2cd424870",
                        "publicURL": "http://23.253.72.207:8776/v2/73f0aa26640f4971864919d0eb0f0880"
                    }
                ],
                "endpoints_links": [],
                "type": "volumev2",
                "name": "cinder"
            },
            {
                "endpoints": [
                    {
                        "adminURL": "http://23.253.72.207:8774/v3",
                        "region": "RegionOne",
                        "internalURL": "http://23.253.72.207:8774/v3",
                        "id": "3eb274b12b1d47b2abc536038d87339e",
                        "publicURL": "http://23.253.72.207:8774/v3"
                    }
                ],
                "endpoints_links": [],
                "type": "computev3",
                "name": "nova"
            },
            {
                "endpoints": [
                    {
                        "adminURL": "http://23.253.72.207:3333",
                        "region": "RegionOne",
                        "internalURL": "http://23.253.72.207:3333",
                        "id": "957f1e54afc64d33a62099faa5e980a2",
                        "publicURL": "http://23.253.72.207:3333"
                    }
                ],
                "endpoints_links": [],
                "type": "s3",
                "name": "s3"
            },
            {
                "endpoints": [
                    {
                        "adminURL": "http://23.253.72.207:9292",
                        "region": "RegionOne",
                        "internalURL": "http://23.253.72.207:9292",
                        "id": "27d5749f36864c7d96bebf84a5ec9767",
                        "publicURL": "http://23.253.72.207:9292"
                    }
                ],
                "endpoints_links": [],
                "type": "image",
                "name": "glance"
            },
            {
                "endpoints": [
                    {
                        "adminURL": "http://23.253.72.207:8776/v1/73f0aa26640f4971864919d0eb0f0880",
                        "region": "RegionOne",
                        "internalURL": "http://23.253.72.207:8776/v1/73f0aa26640f4971864919d0eb0f0880",
                        "id": "37c83a2157f944f1972e74658aa0b139",
                        "publicURL": "http://23.253.72.207:8776/v1/73f0aa26640f4971864919d0eb0f0880"
                    }
                ],
                "endpoints_links": [],
                "type": "volume",
                "name": "cinder"
            },
            {
                "endpoints": [
                    {
                        "adminURL": "http://23.253.72.207:8773/services/Admin",
                        "region": "RegionOne",
                        "internalURL": "http://23.253.72.207:8773/services/Cloud",
                        "id": "289b59289d6048e2912b327e5d3240ca",
                        "publicURL": "http://23.253.72.207:8773/services/Cloud"
                    }
                ],
                "endpoints_links": [],
                "type": "ec2",
                "name": "ec2"
            },
            {
                "endpoints": [
                    {
                        "adminURL": "http://23.253.72.207:8080",
                        "region": "RegionOne",
                        "internalURL": "http://23.253.72.207:8080/v1/AUTH_73f0aa26640f4971864919d0eb0f0880",
                        "id": "16b76b5e5b7d48039a6e4cc3129545f3",
                        "publicURL": "http://23.253.72.207:8080/v1/AUTH_73f0aa26640f4971864919d0eb0f0880"
                    }
                ],
                "endpoints_links": [],
                "type": "object-store",
                "name": "swift"
            },
            {
                "endpoints": [
                    {
                        "adminURL": "http://example.com/identity_v2_admin",
                        "region": "RegionOne",
                        "internalURL": "http://example.com/identity",
                        "id": "26af053673df4ef3a2340c4239e21ea2",
                        "publicURL": "http://example.com/identity"
                    }
                ],
                "endpoints_links": [],
                "type": "identity",
                "name": "keystone"
            }
        ],
        "user": {
            "username": "admin",
            "roles_links": [],
            "id": "1f568815cb8148688e6ee9b2f7527dcc",
            "roles": [
                {
                    "name": "service"
                },
                {
                    "name": "admin"
                }
            ],
            "name": "admin"
        },
        "metadata": {
            "is_admin": 0,
            "roles": [
                "8341d3603a1d4d5985bff09f10704d4d",
                "2e66d57df76946fdbe034bc4da6fdec0"
            ]
        },
        "trust": {
            "id": "394998fa61f14736b1f0c1f322882949",
            "trustee_user_id": "269348fdd9374b8885da1418e0730af1",
            "trustor_user_id": "3ec3164f750146be97f21559ee4d9c51",
            "impersonation": false
        }
    }
}
GET
/v2.0/tokens/{tokenId}

Validate token

Validates a token and confirms that it belongs to a tenant.

Returns the permissions relevant to a particular client. Valid tokens are in the /tokens/{tokenId} path. If the token is not valid, this call returns the itemNotFound (404) response code. This method supports an optional parameter belongsTo to check the token scope against the ID of a project. If the token does not belong to the project specified in the parameter a unauthorized (401) response code will be returned.

Normal response codes: 200,203 Error response codes: 413,405,404,403,401,400,503

Request

Name In Type Description
tokenId path string The authentication token for which to perform the operation.
belongsTo (Optional) query string Project ID to check against token scope.

Response Example

{
    "access": {
        "token": {
            "id": "ab48a9efdfedb23ty3494",
            "expires": "2010-11-01T03:32:15-05:00",
            "tenant": {
                "id": "345",
                "name": "My Project"
            }
        },
        "user": {
            "id": "123",
            "name": "jqsmith",
            "roles": [
                {
                    "id": "234",
                    "name": "compute:admin"
                },
                {
                    "id": "234",
                    "name": "object-store:admin",
                    "tenantId": "1"
                }
            ],
            "roles_links": []
        }
    }
}
HEAD
/v2.0/tokens/{tokenId}

Validate token (admin)

Validates a token and confirms that it belongs to a tenant, for performance. This method supports an optional parameter belongsTo to check the token scope against the ID of a project. If the token does not belong to the project specified in the parameter a unauthorized (401) response code will be returned.

Normal response codes: 200,203,204 Error response codes: 413,405,404,403,401,400,503

Request

Name In Type Description
tokenId path string The authentication token for which to perform the operation.
belongsTo (Optional) query string Project ID to check against token scope.
DELETE
/v2.0/tokens/{tokenId}

Delete token

Deletes a token.

Normal response codes: 204 Error response codes: 413,405,404,403,401,400,503

Request

Name In Type Description
tokenId path string The authentication token for which to perform the operation.

Users

GET
/v2.0/users/{userId}/roles

List user global roles

Lists global roles for a user. Excludes tenant roles.

Normal response codes: 200,203 Error response codes: 413,405,404,403,401,400,503

Request

Name In Type Description
userId path string The user ID.

Response Parameters

Name In Type Description
roles body array The collection of roles.
roles_links body array The link to the represented role collection.
description body string The role description.
name body string The role name.
id body string The role ID.

Response Example

{
    "roles": [
        {
            "id": "123",
            "name": "compute:admin",
            "description": "Nova Administrator"
        }
    ],
    "roles_links": []
}
POST
/v2.0/users

Create user (admin endpoint)

Creates a user.

Normal response codes: 201 Error response codes: 413,415,405,404,403,401,400,503,409

Request

Name In Type Description
user body string A user object, which shows the username, roles_links, id, roles, and name.
tenantId path string The tenant ID.
password (Optional) body string The user password.
enabled body boolean Indicates whether the user is enabled (true) or disabled(false). The default value is true.
email body string The user email.
name body string The user name.
username (Optional) body string The username of user.

Request Example

{
    "user": {
        "email": "new-user@example.com",
        "password": null,
        "enabled": true,
        "name": "new-user",
        "tenantId": "40429f980fac419bbfec372a5607c154"
    }
}

Response Parameters

Name In Type Description
user body string A user object, which shows the username, roles_links, id, roles, and name.
enabled body boolean Indicates whether the user is enabled (true) or disabled(false). The default value is true.
email body string The user email.
name body string The user name.
username body string The username of user.
id body string The user ID.
GET
/v2.0/users

List users (admin endpoint)

Lists all users.

To show detailed information about a user by name, include the name query parameter in the request.

Normal response codes: 200,203 Error response codes: 413,405,404,403,401,400,503

Response Parameters

Name In Type Description
users body array One or more user objects.
enabled body boolean Indicates whether the user is enabled (true) or disabled(false). The default value is true.
id body string The user ID.
email body string The user email.
name body string The user name.
username body string The username of user.

Response Example

{
    "users": [
        {
            "id": "3c9530e",
            "name": "admin",
            "email": "admin@example.org",
            "username": "admin",
            "enabled": true
        },
        {
            "id": "a0ae37b",
            "name": "demo",
            "email": "demo@example.org",
            "username": "demo",
            "enabled": true
        }
    ],
    "users_links": []
}
PUT
/v2.0/users/{userId}

Update user (admin endpoint)

Updates a user.

Normal response codes: 201 Error response codes: 413,415,405,404,403,401,400,503,409

Request

Name In Type Description
userId path string The user ID.
user body string A user object, which shows the username, roles_links, id, roles, and name.
enabled body boolean Indicates whether the user is enabled (true) or disabled(false). The default value is true.
email body string The user email.
name body string The user name.

Request Example

{
    "user": {
        "email": "updated_email@example.org",
        "tenantId": "1ca8e0"
    }
}

Response Parameters

Name In Type Description
user body string A user object, which shows the username, roles_links, id, roles, and name.
enabled body boolean Indicates whether the user is enabled (true) or disabled(false). The default value is true.
email body string The user email.
name body string The user name.
username body string The username of user.
id body string The user ID.

Response Example

{
    "user": {
        "id": "a0ae37b",
        "name": "demo",
        "email": "updated_email@example.org",
        "username": "demo",
        "enabled": true,
        "tenantId": "1ca8e0"
    }
}
DELETE
/v2.0/users/{userId}

Delete user (admin endpoint)

Deletes a user.

Normal response codes: 204 Error response codes: 413,405,404,403,401,400,503

Request

Name In Type Description
userId path string The user ID.
GET
/v2.0/users/{userId}

Show user details (admin endpoint)

Shows details for a user, by ID.

The openstack user show command supports showing user details by name or ID. However, the command actually looks up the user ID for a user name and queries the user by ID.

As a workaround, complete these steps to show details for a user by name:

Normal response codes: 200,203 Error response codes: 413,405,404,403,401,400,503

Request

Name In Type Description
userId body string The user ID.

Response Parameters

Name In Type Description
user body string A user object, which shows the username, roles_links, id, roles, and name.
enabled body boolean Indicates whether the user is enabled (true) or disabled(false). The default value is true.
email body string The user email.
name body string The user name.
username body string The username of user.
id body string The user ID.

Response Example

{
    "user": {
        "id": "3c9530e",
        "name": "admin",
        "email": "admin@example.org",
        "username": "admin",
        "enabled": true
    }
}

Endpoints

GET
/v2.0/endpoints

List endpoint templates

Normal response codes: 200

Response Parameters

Name In Type Description
endpoints body array One or more endpoint objects. Each object shows the adminURL, region, internalURL, id, and publicURL for the endpoint.

Response Example

{
    "endpoints": [
        {
            "adminurl": "http://host-1:8774/v1.1/$(tenant_id)s",
            "id": "8f9531231e044e218824b0e58688d262",
            "internalurl": "http://host-1:8774/v1.1/$(tenant_id)s",
            "publicurl": "http://host-1:8774/v1.1/$(tenant_id)s",
            "region": "RegionOne"
        },
        {
            "adminurl": "http://host-1:8774/v1.1/$(tenant_id)s",
            "id": "8f9531231e044e218824b0e58688d263",
            "internalurl": "http://host-1:8774/v1.1/$(tenant_id)s",
            "publicurl": "http://host-1:8774/v1.1/$(tenant_id)s",
            "region": "RegionOne"
        }
    ]
}
POST
/v2.0/endpoints

Create endpoint template

Normal response codes: 201

Request

Name In Type Description
endpoint body object Endpoint object. Contains publicURL, adminURL, internalURL, id and region for the endpoint.
region (Optional) body string Region of the endpoint
service_id body string Service ID
publicurl body string Public URL
adminurl (Optional) body string Admin URL
internalurl (Optional) body string Internal URL

Request Example

{
    "endpoint": {
        "adminurl": null,
        "internalurl": null,
        "publicurl": "http://host-3:8774/v1.1/$(tenant_id)s",
        "region": "RegionOne",
        "service_id": "aea0aa3723e34ee3a5ac49ce86d4cc6e"
    }
}

Response Parameters

Name In Type Description
endpoint body object Endpoint object. Contains publicURL, adminURL, internalURL, id and region for the endpoint.
id body string Endpoint ID
internalurl body string Internal URL
publicurl body string Public URL
region body string Region of the endpoint
DELETE
/v2.0/endpoints/{endpointId}

Delete endpoint template

Normal response codes: 204

Request

Name In Type Description
endpointId path string Endpoint ID

Versions

GET
/v2.0

Get version details

Gets detailed information about a version of the Identity API.

Normal response codes: 200,203 Error response codes: 413,405,404,403,401,400,503

Response Parameters

Name In Type Description
location body string  

Response Example

{
    "version": {
        "status": "stable",
        "updated": "2014-04-17T00:00:00Z",
        "media-types": [
            {
                "base": "application/json",
                "type": "application/vnd.openstack.identity-v2.0+json"
            }
        ],
        "id": "v2.0",
        "links": [
            {
                "href": "http://example.com/identity/v2.0/",
                "rel": "self"
            },
            {
                "href": "http://docs.openstack.org/",
                "rel": "describedby",
                "type": "text/html"
            }
        ]
    }
}

Certificates

Allows the retrieval of information for Certificate Authorities and certificates.

GET
/v2.0/certificates/ca

Show CA Certificate (v2)

Show the available CA certificate.

Normal response codes: 200

Error response codes: 401, 500

Response Example

MIIDgTCCAmmgAwIBAgIJAIr3n9+0RSC7MA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNV
BAYTAlVTMQ4wDAYDVQQIDAVVbnNldDEOMAwGA1UEBwwFVW5zZXQxDjAMBgNVBAoM
BVVuc2V0MRgwFgYDVQQDDA93d3cuZXhhbXBsZS5jb20wHhcNMTYxMDIwMTMwMjE4
WhcNMjYxMDE4MTMwMjE4WjBXMQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVW5zZXQx
DjAMBgNVBAcMBVVuc2V0MQ4wDAYDVQQKDAVVbnNldDEYMBYGA1UEAwwPd3d3LmV4
YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoJkYpfJ
Bvqfq0eAuqTIziiunNQdnSUX/aMS5UuI6tjzSkYnR5FCdf9UP8OrpA37gthvz3KK
XhNLqnnV8MLzEo3+lN5IAr+TE1foXnqGs6vNvj5Jn1lViXXpIeaHxMwkJpJjPwxJ
nFLtxL1m9hIx5anV5ZyJWV8RIaMqnzOJ7QYiX07aouRvmtT5O1LQzr2ht2l4EzPY
YDt9UV/daSikrmroBnwgWMecaFJOC1pxSyvO2PAnw+yhX6NHgGPJmOu0TSN2IK1p
o07ZVM3QJLLbEZFjcUK7FXNRk5ZfzjkCrJA1l0Ys3ByHTb2offffIyTYPuatQtfF
0XvTIwMN5eIAswIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTZ4Nls
7DRmUBcrYhYDLSsDM0BCWzAfBgNVHSMEGDAWgBTZ4Nls7DRmUBcrYhYDLSsDM0BC
WzANBgkqhkiG9w0BAQsFAAOCAQEALil6WvVii6yNVwu0zgt2iDYqHvnnHWnSVhEJ
eKeBFRxpuwiH+UOeygFB0/6lD2r11cD0SdgaMfLAKkKspQucJIsp3BYLwBJ25oxn
NL2yB3HLZeEebAQzXQwnRbWUbIpcp/XPlKjybiA3unqE+X/qdQZgxJ2Xgtp7bHhN
yzDCSOUZlHrkKNXtFNvqRtoCeMBs2+jfqx2ap64ORSnLihEi57lOcUn2DbAR45OI
+wppD5CcUTDsE0r+XbBK3Cm3dn6pVyVcawv5qDidRB7JdsDbx6VC7gcBbdgdbLWz
Xf4KS8N77jeGjqKJ7QY5jkHdXhY+gGbeponch4y2VqLgMI0VGQ==
GET
/v2.0/certificates/signing

Show Signing Certificate (v2)

Show the available signing certificate.

Normal response codes: 200

Error response codes: 401, 500

Response Example

MIIDZjCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQsFADBXMQswCQYDVQQGEwJVUzEO
MAwGA1UECAwFVW5zZXQxDjAMBgNVBAcMBVVuc2V0MQ4wDAYDVQQKDAVVbnNldDEY
MBYGA1UEAwwPd3d3LmV4YW1wbGUuY29tMB4XDTE2MTAyMDEzMDIxOFoXDTI2MTAx
ODEzMDIxOFowRzELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVVuc2V0MQ4wDAYDVQQK
DAVVbnNldDEYMBYGA1UEAwwPd3d3LmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAua3cVYSD9KY31+wNXZv3HBS5MyzTfoY+nh4nJ2x8
Ram6liu4gkHYRonTUriIrgDLyo+2fuXrmyFcq1+8ke4KD3n24i8pzcrt6BOGAVYP
KdPyXU0EkZECNmH/tKjvVqMLHcq2apsZdZ5ujBtE5G4zbTjVIEzz90AbAmRVJy7S
seluCxBKtg3IGa1WwqgU4B5pgog+VDpT8XPKFvHi1cVaX76qS6MOUxXA7kuOQUct
JxcyITS26Mxym7wOTI+7JV5A9Ow/dUN6CrGMrfHB59Psx3os/BfoopFmIbbnHdOO
ETOeifelkhwLWLfmmOHxWgYYX/aEyW3L/xCU5QDCz9B0wQIDAQABo00wSzAJBgNV
HRMEAjAAMB0GA1UdDgQWBBQeoHzsYSUSfGymk6kem/lpGVJS9DAfBgNVHSMEGDAW
gBTZ4Nls7DRmUBcrYhYDLSsDM0BCWzANBgkqhkiG9w0BAQsFAAOCAQEAfsH6AN7p
XWBg062LUtpfDsRyXqOLYofR4Y0Mzo1rH0jaozJsnOxsj42BdP+hBGjtZB9eUwgP
gx+MJQC4pz+Wuc/xMysDT6f0hyjZmsakXM92lsztlW7+Y7u9ATa2lDTER1Fv7X6D
I+kN+dhphq0lrIRWZvAf3TlZpEUG38cTxLD8OsdOlq4BxSzmvKFQf4mcbu39OX7i
0fGih0SxSa03idx9NWEOEp9IaGLo/mfL84nb4YjgV9yJj+3CkxYvqPlpiM2rHD/C
hMgz/UB52OxbjYjbWoyStZwvlSwKWY75C9iYA04TZrhs5UWvAT+I2Y2UY/krrZ2a
Rke2Bj7NAvXPHw==
Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.