Identity API v2.0 extensions (DEPRECATED)

OS-KSEC2 admin extension

Supports Amazon Elastic Compute (EC2) style authentication.

POST
/v2.0/ec2tokens

EC2 Authentication

Authenticate for token.

Request

Example
{
    "credentials": {
        "access": "8cff51dc66594df4a2ae121f796df36c",
        "host": "localhost",
        "params": {
            "Action": "Test",
            "SignatureMethod": "HmacSHA256",
            "SignatureVersion": "2",
            "Timestamp": "2007-01-31T23:59:59Z"
        },
        "path": "/",
        "secret": "df8daeaa981b40cea1217fead123bc64",
        "signature": "Fra2UBKKtqy3GQ0mj+JqzR8GTGsbWQW+yN5Nih9ThfI=",
        "verb": "GET"
    }
}
Parameters

Response

Status Codes
Success

Code

Reason

200 - OK

Request was successful.

Error

Code

Reason

400 - Bad Request

Some content in the request was invalid.

401 - Unauthorized

User must authenticate before making a request.

Example
{
     "access": {
         "metadata": {
             "is_admin": 0,
             "roles": ["9fe2ff9ee4384b1894a90878d3e92bab"]
         },
         "serviceCatalog": [],
         "token": {
             "audit_ids": ["AVUi_tN8SFWnHYaYpCcMEQ"],
             "expires": "2018-02-02T21:13:19.000000Z",
             "id": "gAAAAABadMZfZa_PZNOSi5iQoqPZ1b-VIo2Gnlf4Z_oJotw8qTh1Yv8_CFysOnoxRIrfFI-EcrErdJM2CrP7o6aDNR5AbfnFtSN_zgzzesEWaOaQkoLpk9X1lLada2KcQpWAeNafjNYSiP7JFjW6N4ngAm9U7egUW6MwUPPxi5e8igR5DtNc0FU",
             "issued_at": "2018-02-02T20:13:19.000000Z",
             "tenant": {
                 "description": "description",
                 "enabled": true,
                 "id": "6b85a6ff4e0b4040a81708d6e063e4e7",
                 "name": "BAR",
                 "tags": []
             }
         },
         "user": {
             "id": "b245550742cf4c2fb9cf37aa1eda866e",
             "name": "foo",
             "roles": [
                 {"name": "_member_"}
             ],
             "roles_links": [],
             "username": "foo"
         }
     }
}
POST
/v2.0/users/{userId}/credentials/OS-EC2

Grant credential to user

Grants a credential to a user.

Request

Name

In

Type

Description

userId

path

string

The user ID.

Example
{
    "OS-KSEC2-ec2Credentials": {
        "username": "test_user",
        "secret": "secretsecret",
        "signature": "bbb"
    }
}

Response

Status Codes
Success

Code

Reason

201 - Created

Resource was created and is ready to use.

Error

Code

Reason

400 - Bad Request

Some content in the request was invalid.

401 - Unauthorized

User must authenticate before making a request.

403 - Forbidden

Policy does not allow current user to do this operation.

404 - Not Found

The requested resource could not be found.

405 - Method Not Allowed

Method is not valid for this endpoint.

409 - Conflict

This operation conflicted with another operation on this resource.

413 - Request Entity Too Large

The request is larger than the server is willing or able to process.

415 - Unsupported Media Type

The request entity has a media type which the server or resource does not support.

503 - Service Unavailable

Service is not available. This is mostly caused by service configuration errors which prevents the service from successful start up.

GET
/v2.0/users/{userId}/credentials/OS-EC2

List credentials (EC2 extension)

Lists credentials.

Request

Name

In

Type

Description

userId

path

string

The user ID.

Response

Status Codes
Success

Code

Reason

200 - OK

Request was successful.

Error

Code

Reason

400 - Bad Request

Some content in the request was invalid.

401 - Unauthorized

User must authenticate before making a request.

403 - Forbidden

Policy does not allow current user to do this operation.

404 - Not Found

The requested resource could not be found.

405 - Method Not Allowed

Method is not valid for this endpoint.

413 - Request Entity Too Large

The request is larger than the server is willing or able to process.

503 - Service Unavailable

Service is not available. This is mostly caused by service configuration errors which prevents the service from successful start up.

Example
{
    "credentials": [
        {
            "passwordCredentials": {
                "username": "test_user",
                "password": "secretsecret"
            }
        },
        {
            "OS-KSEC2-ec2Credentials": {
                "username": "test_user",
                "secret": "secretsecret",
                "signature": "bbb"
            }
        }
    ],
    "credentials_links": []
}
DELETE
/v2.0/users/{userId}/credentials/OS-EC2/{credentialId}

Delete user credentials

Deletes user credentials.

Request

Name

In

Type

Description

userId

path

string

The user ID.

credentialId

path

string

The credential id.

Response

Status Codes
Success

Code

Reason

204 - No Content

The server has fulfilled the request.

Error

Code

Reason

400 - Bad Request

Some content in the request was invalid.

401 - Unauthorized

User must authenticate before making a request.

403 - Forbidden

Policy does not allow current user to do this operation.

404 - Not Found

The requested resource could not be found.

405 - Method Not Allowed

Method is not valid for this endpoint.

409 - Conflict

This operation conflicted with another operation on this resource.

413 - Request Entity Too Large

The request is larger than the server is willing or able to process.

415 - Unsupported Media Type

The request entity has a media type which the server or resource does not support.

503 - Service Unavailable

Service is not available. This is mostly caused by service configuration errors which prevents the service from successful start up.

GET
/v2.0/users/{userId}/credentials/OS-EC2/{credentialId}

Get user credentials

Gets user credentials.

Request

Name

In

Type

Description

userId

path

string

The user ID.

credentialId

path

string

The credential id.

Response

Status Codes
Success

Code

Reason

200 - OK

Request was successful.

Error

Code

Reason

400 - Bad Request

Some content in the request was invalid.

401 - Unauthorized

User must authenticate before making a request.

403 - Forbidden

Policy does not allow current user to do this operation.

404 - Not Found

The requested resource could not be found.

405 - Method Not Allowed

Method is not valid for this endpoint.

413 - Request Entity Too Large

The request is larger than the server is willing or able to process.

503 - Service Unavailable

Service is not available. This is mostly caused by service configuration errors which prevents the service from successful start up.

Example
{
    "OS-KSEC2-ec2Credentials": {
        "username": "test_user",
        "secret": "secretsecret",
        "signature": "bbb"
    }
}