Identity API v2.0 extensions (DEPRECATED)

Identity API v2.0 extensions (DEPRECATED)

OS-KSEC2 admin extension

Supports Amazon Elastic Compute (EC2) style authentication.

POST
/v2.0/ec2tokens

EC2 Authentication

Authenticate for token.

Request

Example
{
    "credentials": {
        "access": "8cff51dc66594df4a2ae121f796df36c",
        "host": "localhost",
        "params": {
            "Action": "Test",
            "SignatureMethod": "HmacSHA256",
            "SignatureVersion": "2",
            "Timestamp": "2007-01-31T23:59:59Z"
        },
        "path": "/",
        "secret": "df8daeaa981b40cea1217fead123bc64",
        "signature": "Fra2UBKKtqy3GQ0mj+JqzR8GTGsbWQW+yN5Nih9ThfI=",
        "verb": "GET"
    }
}
Parameters

Response

Status Codes
Success
Code Reason
200 - OK Request was successful.
Error
Code Reason
400 - Bad Request Some content in the request was invalid.
401 - Unauthorized User must authenticate before making a request.
Example
{
     "access": {
         "metadata": {
             "is_admin": 0,
             "roles": ["9fe2ff9ee4384b1894a90878d3e92bab"]
         },
         "serviceCatalog": [],
         "token": {
             "audit_ids": ["AVUi_tN8SFWnHYaYpCcMEQ"],
             "expires": "2018-02-02T21:13:19.000000Z",
             "id": "gAAAAABadMZfZa_PZNOSi5iQoqPZ1b-VIo2Gnlf4Z_oJotw8qTh1Yv8_CFysOnoxRIrfFI-EcrErdJM2CrP7o6aDNR5AbfnFtSN_zgzzesEWaOaQkoLpk9X1lLada2KcQpWAeNafjNYSiP7JFjW6N4ngAm9U7egUW6MwUPPxi5e8igR5DtNc0FU",
             "issued_at": "2018-02-02T20:13:19.000000Z",
             "tenant": {
                 "description": "description",
                 "enabled": true,
                 "id": "6b85a6ff4e0b4040a81708d6e063e4e7",
                 "name": "BAR",
                 "tags": []
             }
         },
         "user": {
             "id": "b245550742cf4c2fb9cf37aa1eda866e",
             "name": "foo",
             "roles": [
                 {"name": "_member_"}
             ],
             "roles_links": [],
             "username": "foo"
         }
     }
}
POST
/v2.0/users/{userId}/credentials/OS-EC2

Grant credential to user

Grants a credential to a user.

Request

Name In Type Description
userId path string The user ID.
Example
{
    "OS-KSEC2-ec2Credentials": {
        "username": "test_user",
        "secret": "secretsecret",
        "signature": "bbb"
    }
}

Response

Status Codes
Success
Code Reason
201 - Created Resource was created and is ready to use.
Error
Code Reason
400 - Bad Request Some content in the request was invalid.
401 - Unauthorized User must authenticate before making a request.
403 - Forbidden Policy does not allow current user to do this operation.
404 - Not Found The requested resource could not be found.
405 - Method Not Allowed Method is not valid for this endpoint.
409 - Conflict This operation conflicted with another operation on this resource.
413 - Request Entity Too Large The request is larger than the server is willing or able to process.
415 - Unsupported Media Type The request entity has a media type which the server or resource does not support.
503 - Service Unavailable Service is not available. This is mostly caused by service configuration errors which prevents the service from successful start up.
GET
/v2.0/users/{userId}/credentials/OS-EC2

List credentials (EC2 extension)

Lists credentials.

Request

Name In Type Description
userId path string The user ID.

Response

Status Codes
Success
Code Reason
200 - OK Request was successful.
Error
Code Reason
400 - Bad Request Some content in the request was invalid.
401 - Unauthorized User must authenticate before making a request.
403 - Forbidden Policy does not allow current user to do this operation.
404 - Not Found The requested resource could not be found.
405 - Method Not Allowed Method is not valid for this endpoint.
413 - Request Entity Too Large The request is larger than the server is willing or able to process.
503 - Service Unavailable Service is not available. This is mostly caused by service configuration errors which prevents the service from successful start up.
Example
{
    "credentials": [
        {
            "passwordCredentials": {
                "username": "test_user",
                "password": "secretsecret"
            }
        },
        {
            "OS-KSEC2-ec2Credentials": {
                "username": "test_user",
                "secret": "secretsecret",
                "signature": "bbb"
            }
        }
    ],
    "credentials_links": []
}
DELETE
/v2.0/users/{userId}/credentials/OS-EC2/{credentialId}

Delete user credentials

Deletes user credentials.

Request

Name In Type Description
userId path string The user ID.
credentialId path string The credential id.

Response

Status Codes
Success
Code Reason
204 - No Content The server has fulfilled the request.
Error
Code Reason
400 - Bad Request Some content in the request was invalid.
401 - Unauthorized User must authenticate before making a request.
403 - Forbidden Policy does not allow current user to do this operation.
404 - Not Found The requested resource could not be found.
405 - Method Not Allowed Method is not valid for this endpoint.
409 - Conflict This operation conflicted with another operation on this resource.
413 - Request Entity Too Large The request is larger than the server is willing or able to process.
415 - Unsupported Media Type The request entity has a media type which the server or resource does not support.
503 - Service Unavailable Service is not available. This is mostly caused by service configuration errors which prevents the service from successful start up.
GET
/v2.0/users/{userId}/credentials/OS-EC2/{credentialId}

Get user credentials

Gets user credentials.

Request

Name In Type Description
userId path string The user ID.
credentialId path string The credential id.

Response

Status Codes
Success
Code Reason
200 - OK Request was successful.
Error
Code Reason
400 - Bad Request Some content in the request was invalid.
401 - Unauthorized User must authenticate before making a request.
403 - Forbidden Policy does not allow current user to do this operation.
404 - Not Found The requested resource could not be found.
405 - Method Not Allowed Method is not valid for this endpoint.
413 - Request Entity Too Large The request is larger than the server is willing or able to process.
503 - Service Unavailable Service is not available. This is mostly caused by service configuration errors which prevents the service from successful start up.
Example
{
    "OS-KSEC2-ec2Credentials": {
        "username": "test_user",
        "secret": "secretsecret",
        "signature": "bbb"
    }
}
Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.