| Verb | +URI | +Description | +||||||||
| &POST; | +/tokens | +Authenticate to + generate a token. | +||||||||
| Verb | +URI | +Description | +||||||||
| Header Type | +Name | +Value | +
| HTTP/1.1 Request | +X-Auth-Token | +txfa8426a08eaf | +
| Header Type | +Name | +Value | +
| HTTP/1.1 Request | +X-Auth-Token | +txfa8426a08eaf | +
| Header Type | +Name | +Value | +
| HTTP/1.1 Request | +X-Auth-Token | +txfa8426a08eaf | +
| Header Type | +Name | +Value | +
| HTTP/1.1 Request | +X-Auth-Token | +txfa8426a08eaf | +
| Header Type | +Name | +Value | +
| HTTP/1.1 Request | +X-Auth-Token | +txfa8426a08eaf | +
| Header Type | +Name | +Value | +
| HTTP/1.1 Request | +X-Auth-Token | +txfa8426a08eaf | +
- You need a valid admin token for access. -
-- A list of supported extensions. -
-- Returns detailed information about this specific version of the API. -
-- Lists supported extensions. -
-- Gets details about a specific extension. -
-- Authenticate to generate a token. -
-- This call will return a token if successful. Each ReST request against other services (or other - calls on Keystone such as the GET /tenants call) - requires the inclusion of a specific authorization token HTTP x-header, defined as X-Auth-Token. - Clients obtain - this token, along with the URL to other service APIs, by first authenticating against the - Keystone Service and supplying valid credentials. -
-- Client authentication is provided via a ReST interface using the POST method, - with v2.0/tokens supplied as the path. A payload of credentials must be included - in the body. -
-- The Keystone Service is a ReSTful web service. It is the entry point to all service APIs. - To access the Keystone Service, you must know URL of the Keystone service. -
-- Check that a token is valid and that it belongs to a supplied tenant - and return the permissions relevant to a particular client. -
-
- Valid tokens will exist in the
- /tokens/{tokenId} path and invalid
- tokens will not. In other words, a user should expect an
- itemNotFound (404) fault for an
- invalid token.
-
- Validates a token has the supplied tenant in scope. -
-- Check that a token is valid and that it belongs to a particular tenant - (For performance). -
-- Validates a token has the supplied tenant in scope. (for performance). -
-
- Valid tokens will exist in the
- /tokens/{tokenId} path and invalid
- tokens will not. In other words, a user should expect an
- itemNotFound (404) fault for an
- invalid token.
-
- If `belongsTo` is provided, validates that a token has a specific tenant in scope. -
-- No response body is returned for this method. -
-- Returns detailed information about a specific user, by user name. -
-- Returns detailed information about a specific user, by user id. -
-- Returns global roles for a specific user (excludes tenant roles). -
-Returns a list of global roles associated with a specific - user (excludes tenant roles).
-- Get a list of tenants. -
-- The operation returns a list of tenants which the supplied token provides - access to. This call must be authenticated, so a valid token must - be passed in as a header. -
-- Returns detailed information about a tenant, by name. -
-- Returns detailed information about a tenant, by id. -
-- Returns a list of endpoints associated with a specific token. -
-- Returns roles for a specific user on a specific tenant (excludes global roles). -
-X-Auth-Token header on the request from the
+ client. The Identity Service will verify the token has (or
+ belongs to a user that has) the Admin role. | Header Type | +Name | +Value | +
| HTTP/1.1 Request | +X-Auth-Token | +txfa8426a08eaf | +
- You need a valid admin token for access. -
-- A list of supported extensions. -
-- Returns detailed information about this specific version of the API. -
-- Lists supported extensions. -
-- Gets details about a specific extension. -
-- Authenticate to generate a token. -
-- This call will return a token if successful. Each ReST request against other services (or other - calls on Keystone such as the GET /tenants call) - requires the inclusion of a specific authorization token HTTP x-header, defined as X-Auth-Token. - Clients obtain - this token, along with the URL to other service APIs, by first authenticating against the - Keystone Service and supplying valid credentials. -
-- Client authentication is provided via a ReST interface using the POST method, - with v2.0/tokens supplied as the path. A payload of credentials must be included - in the body. -
-- The Keystone Service is a ReSTful web service. It is the entry point to all service APIs. - To access the Keystone Service, you must know URL of the Keystone service. -
-- Check that a token is valid and that it belongs to a supplied tenant - and return the permissions relevant to a particular client. -
-
- Valid tokens will exist in the
- /tokens/{tokenId} path and invalid
- tokens will not. In other words, a user should expect an
- itemNotFound (404) fault for an
- invalid token.
-
- Validates a token has the supplied tenant in scope. -
-- Check that a token is valid and that it belongs to a particular tenant - (For performance). -
-- Validates a token has the supplied tenant in scope. (for performance). -
-
- Valid tokens will exist in the
- /tokens/{tokenId} path and invalid
- tokens will not. In other words, a user should expect an
- itemNotFound (404) fault for an
- invalid token.
-
- If `belongsTo` is provided, validates that a token has a specific tenant in scope. -
-- No response body is returned for this method. -
-- Returns detailed information about a specific user, by user name. -
-- Returns detailed information about a specific user, by user id. -
-- Returns global roles for a specific user (excludes tenant roles). -
-Returns a list of global roles associated with a specific - user (excludes tenant roles).
-- Get a list of tenants. -
-- The operation returns a list of tenants which the supplied token provides - access to. This call must be authenticated, so a valid token must - be passed in as a header. -
-- Returns detailed information about a tenant, by name. -
-- Returns detailed information about a tenant, by id. -
-- Returns a list of endpoints associated with a specific token. -
-- Returns roles for a specific user on a specific tenant (excludes global roles). -
-Content-Type header and is required for
- operations that have a request body. The response format can be specified in requests using
- either the Accept header or adding an .xml or .json
- extension to the request URI. Note that it is possible for a response to be serialized using
- a format different from the request (see example below). If no response format is specified,
- JSON is the default. If conflicting formats are specified using both an Accept
- header and a query extension, the query extension takes precedence.| Format | -Accept Header | -Query Extension | -Default | -
| JSON | -application/json | -.json | -Yes | -
| XML | -application/xml | -.xml | -No | -
Content-Type
+ header and is required for operations that have a request
+ body. The response format can be specified in requests
+ using either the Accept header or adding an
+ .xml or .json extension to
+ the request URI. Note that it is possible for a response
+ to be serialized using a format different from the request
+ (see example below). If no response format is specified,
+ JSON is the default. If conflicting formats are specified
+ using both an Accept header and a query
+ extension, the query extension takes precedence.| Format | +Accept Header | +Query Extension | +Default | +
| JSON | +application/json | +.json | +Yes | +
| XML | +application/xml | +.xml | +No | +
Accept-Encoding header on the request from the client and indicated by the
- Content-Encoding header in the server response. Unless the header is
- explicitly set, encoding defaults to disabled.| Header Type | -Name | -Value | -
| HTTP/1.1 Request | -Accept-Encoding | -gzip | -
| HTTP/1.1 Response | -Content-Encoding | -gzip | -
Accept-Encoding header on the request
+ from the client and indicated by the
+ Content-Encoding header in the server
+ response. Unless the header is explicitly set, encoding
+ defaults to disabled.| Header Type | +Name | +Value | +
| HTTP/1.1 Request | +Accept-Encoding | +gzip | +
| HTTP/1.1 Response | +Content-Encoding | +gzip | +
Accept
- or Content-Type headers contains a MIME
- type that includes the version ID as a parameter
+ element of the path contains the target version identifier
+ (e.g. https://identity.api.openstack.org/ v2.0/…).
+ The MIME type versioning scheme uses HTTP content
+ negotiation where the Accept or
+ Content-Type headers contains a MIME type
+ that includes the version ID as a parameter
(application/vnd.openstack.identity+xml;version=1.1). A
version MIME type is always linked to a base MIME type
(application/xml or application/json). If conflicting
versions are specified using both an HTTP header and a
- URI, the URI takes precedence.
- DEPRECATED. Providers should work with
- developers and partners to ensure there is adequate
- time to migrate to the new version before deprecated
- versions are discontinued.
- Accept
- header containing application/atom+xml or by adding a
- .atom to the request URI. This allows standard Atom
- clients to track version changes.
- DEPRECATED.
+ Providers should work with developers and partners to
+ ensure there is adequate time to migrate to the new
+ version before deprecated versions are discontinued. Accept header containing
+ application/atom+xml or by adding a .atom to the request
+ URI. This allows standard Atom clients to track version
+ changes. RS-META namespace. Extended
headers are always prefixed with X- followed
by the alias and a dash: (X-RS-META-HEADER1).
Parameters must be prefixed with the extension alias
- followed by a colon.
- | Fault Element | -Associated Error Code | -Expected in All Requests | -
| identityFault | -500, 400 | -✓ | -
| serviceUnavailable | -503 | -✓ | -
| badRequest | -400 | -✓ | -
| unauthorized | -401 | -✓ | -
| overLimit | -413 | -- |
| userDisabled | -403 | -- |
| forbidden | -403 | -- |
| itemNotFound | -404 | -- |
| tenantConflict | -409 | -- |
| Fault Element | +Associated Error Code | +Expected in All Requests | +
| identityFault | +500, 400 | +✓ | +
| serviceUnavailable | +503 | +✓ | +
| badRequest | +400 | +✓ | +
| unauthorized | +401 | +✓ | +
| overLimit | +413 | ++ |
| userDisabled | +403 | ++ |
| forbidden | +403 | ++ |
| itemNotFound | +404 | ++ |
| tenantConflict | +409 | ++ |
X-Auth-Token header on the request from the
- client. Keystone verifies the token belongs to a user with the
+ client. The Identity Service verifies the token belongs to a user with the
Admin role. - An Endpoint. -
-- A list of Endpoints. -
-- Version details. -
-- An ID uniquely identifying the Endpoint. -
-- The OpenStack-registered type (e.g. 'compute', 'object-store', etc). -
-- The commercial service name (e.g. 'My Nova Cloud Servers'). -
-- The region of Endpoint Template. -
-- The public URL to access represented service. -
-- The internal version of the public URL. -
-- The admin URL. -
-- Tenant id to which the endpoints belong. -
-- This schema file defines types related to API - extensions. -
-- A list of supported extensions. -
-- Detials about a specific extension. -
-- A list of extensions. -
-- Detials about a specific extension. -
-- A short description of what the extension - does. -
-- A human reabable extension name. -
-- Extension namespace used for XML representations. -
-- A vendor prefix alieas used for non-XML - representations. -
-- The time that the extension was added or - modifided. -
-- There should be at least one atom link with a - describedby relation. This relation provides - developer info for the extension. -
-
- Vendor aliases are used to differentiate
- extensions in non-XML representations as well as
- in HTTP headers and in the URL path. An alias is
- made of a vendor prefix, followed be a a dash (-)
- followed be a short extension ID. For example:
- RAX-PIE.
-
- A token is an arbitrary bit of text that is used to access - resources. Each token has a scope which describes which - resources are accessible with it. A token may be - revoked at anytime and is valid for a finite duration. -
-- While Keystone supports token-based authentication in this release, - the intention is for it to support additional protocols in the - future. The desire is for it to be an integration service, and not - a full-fledged identity store and management solution. -
-- The service catalog lists the services you have access to -
-- We optimized for future flexibility around the hierarchy. So we - left the design as a flat list of endpoints with attributes and the - consumer can categorize as they need. - This results in potential duplication (such as with the version/@list) - but we acceopt that normalization cost in order to not force an - artificial hierarchy (suchas on region, which can be optional). -
-- A list of services. -
-- A list of endpoints. -
-- The OpenStack-registered type (e.g. 'compute', 'object-store', etc). -
-- The commercial service name (e.g. 'My Nova Cloud Servers'). -
-- Version details. -
-- The name of the region where the endpoint - lives. Example: airport codes; LHR (UK), - STL (Saint Louis) -
-- Tenant id to which the endpoints belong. -
-- Public accessible service URL. -
-- A service URL, accessible only locally within that - cloud (generally over a high bandwidth, low latency, - free of charge link). -
-- An Admin URL (used for administration using privileged - calls). This may expose - additional functionality not found in the public and - internal URL. -
-- Id of the version. -
-- URI to get the information specific to this version. -
-- URI to get the information about all versions. -
-| Header Type | -Name | -Value | -
| HTTP/1.1 Request | -X-Auth-Token | -txfa8426a08eaf | -
| Header Type | -Name | -Value | -
| HTTP/1.1 Request | -X-Auth-Token | -txfa8426a08eaf | -
- Check that a token is valid and that it belongs to a supplied tenant - and services and return the permissions relevant to a particular client. -
-
- Behaviour is similar to /tokens/{tokenId}. In
- other words, a user should expect an
- itemNotFound (404) fault for an
- invalid token.
-
- 'X-Subject-Token' may be encrypted, but can still be used for
- caching. This extension may decrypt this header and
- internally call Keystone's normal validation, passing along all
- headers and query parameters. It should therefore support
- all exsting calls on /tokens/{tokenId}, including
- extensions such as HP-IDM.
-
- Validates a token has the supplied tenant in scope. -
-- If provided, filter the roles to be returned by the given service IDs. -
-- Check that a token is valid and that it belongs to a particular - tenant and services (For performance). -
-
- Behaviour is similar to /tokens/{tokenId}. In
- other words, a user should expect an
- itemNotFound (404) fault for an
- invalid token.
-
- 'X-Subject-Token' may be encrypted, but can still be used for
- caching. This extension may decrypt this header and
- internally call Keystone's normal validation, passing along all
- headers and query parameters. It should therefore support
- all exsting calls on /tokens/{tokenId}, including
- extensions such as HP-IDM.
-
- No response body is returned for this method. -
-- Validates a token has the supplied tenant in scope. (for performance). -
-- Check the roles against the given service IDs. -
-- Returns a list of endpoints associated with a specific token. -
-| Header Type | -Name | -Value | -
| HTTP/1.1 Request | -X-Auth-Token | -txfa8426a08eaf | -
| Header Type | -Name | -Value | -
| HTTP/1.1 Request | -X-Auth-Token | -txfa8426a08eaf | -
| Header Type | -Name | -Value | -
| HTTP/1.1 Request | -X-Auth-Token | -txfa8426a08eaf | -
| Header Type | -Name | -Value | -
| HTTP/1.1 Request | -X-Auth-Token | -txfa8426a08eaf | -
- Check that a token is valid and that it belongs to a supplied tenant + Checks that a token is valid and that it belongs to a supplied tenant and services and return the permissions relevant to a particular client.
@@ -89,12 +89,12 @@
- Check that a token is valid and that it belongs to a particular tenant and services
+ Checks that a token is valid and that it belongs to a particular tenant and services
(For performance).
@@ -137,7 +137,7 @@
- Check the roles against the given service IDs.
+ Checks the roles against the given service IDs.
- Creates a tenant.
- This call creates a tenant. Creates
+ a tenant.
- Updates a tenant. -
-This call updates a tenant.
+ Updates a tenant. +Updates + a tenant.
- Deletes a tenant. -
-This call deletes a tenant.
+ Deletes a tenant. +Deletes + a tenant.
Lists all the users for a tenant.
-Lists all the users for a tenant.
- +Lists all the users for a tenant.
+Lists all the + users for a tenant.
Adds a specific role to a user for a tenant.
+Adds a specific + role to a user for a tenant.
Deletes a specific role from a user for a tenant.
+Deletes a specified + role from a user for a tenant.
List users.
+Lists users.
Adds a user.
Update a user.
+Updates a user.
Delete a user.
+Deletes a user.
Enable user.
+Enables user.
List global roles for a user.
+Lists global roles + for a user.
Adds a specific global role to a user.
+Adds a specific + global role to a user.
Deletes a specific global role from a user.
+Deletes a specific + global role from a user.
Adds a credential to a user.
+Adds a credential + to a user.
List credentials.
+Lists + credentials.
Update credentials.
+Updates + credentials.
Delete User credentials.
+Deletes user + credentials.
Get user credentials.
+Gets user + credentials.
List roles.
+Lists roles.
Add a Role.
+Adds a role.
Get a role by name.
+Gets a role by + name.
Get a role.
+Gets a role.
Delete a role.
+Deletes a role.
List services.
+Lists services.
Get a service by name.
+Gets a service by + name.
Get a service.
+Gets a service.
Add a service.
+Adds a service.
Delete a service.
+Deletes a + service.
List credentials.
+Lists credentials.
List credentials by type.
+Lists credentials by type.
Update credentials.
+Updates credentials.
Delete User credentials.
+Deletes user credentials.
Get user credentials.
+Gets user credentials.
List credentials.
+Lists credentials.
List credentials by type.
+Lists credentials by type.
Update credentials.
+Updates credentials.
Delete User credentials.
+Deletes user credentials.
Get user credentials.
+Gets user credentials.
+ Check that a token is valid and that it belongs to a + supplied tenant and services and return the + permissions relevant to a particular client.
+ Behavior is
+ similar to /tokens/{tokenId}. In other
+ words, a user should expect an itemNotFound
+ (404) fault for an invalid token.
'X-Subject-Token'
+ may be encrypted, but can still be used for caching.
+ This extension may decrypt this header and internally
+ call the Identity Service's normal validation, passing
+ along all headers and query parameters. It should
+ therefore support all existing calls on
+ /tokens/{tokenId}, including
+ extensions such as HP-IDM.
Validates + a token has the supplied tenant in scope.
+If + provided, filters the roles to be returned by + the given service IDs.
++ Checks that a token is valid and that it belongs to a + particular tenant and services (For performance).
+ Behavior is
+ similar to /tokens/{tokenId}. A user
+ should expect an itemNotFound (404) fault
+ for an invalid token.
'X-Subject-Token'
+ may be encrypted, but can still be used for caching.
+ This extension may decrypt this header and internally
+ call the Identity Service's normal validation, passing
+ along all headers and query parameters. It should
+ therefore support all existing calls on
+ /tokens/{tokenId}, including
+ extensions such as HP-IDM.
No response body + is returned for this method.
+Validates + a token has the supplied tenant in scope. (for + performance).
+Checks + the roles against the given service IDs.
+Returns a list of + endpoints associated with a specific token.
+A valid authentication token. -
A unique identifier for the group. -
A unique identifier for the user. -
A list of users. -
A list of groups. -
List of groups. -
Displays a list of available groups. You can use the
-
+ Adds a group. +
The full URL to the newly created group is
- returned via the Loctaton
header.
-
Get group by id. -
+ Updates a group. +
+ Deletes a group. +
+ Lists users for group. +
++ A list of users that belong to a specified group. +
+ Adds a user to a group. +
+ Removes a user from a group. +
List credentials.
+Lists credentials.
Update credentials.
+Updates credentials.
Delete User credentials.
+Deletes user credentials.
Get user credentials.
+Gets user credentials.
You + need a valid admin token for access.
+A list of + supported extensions.
+Returns detailed + information about a specified version of the API.
+Lists supported + extensions.
+Gets details + about a specific extension.
++ Authenticate to generate a token.
+This call will + return a token if successful. Each REST request + against other services (or other calls on the Identity + Service such as the GET /tenants call) requires the + inclusion of a specific authorization token HTTP + x-header, defined as X-Auth-Token. Clients obtain this + token, along with the URL to other service APIs, by + first authenticating against the Identity Service and + supplying valid credentials.
+Client + authentication is provided via a REST interface using + the POST method, with v2.0/tokens supplied as the + path. A payload of credentials must be included in the + body.
+The Identity + Service is a RESTful web service. It is the entry + point to all service APIs. To access the Identity + Service, you must know the URL of the Identity + Service.
++ Check that a token is valid and that it belongs to a + supplied tenant and return the permissions relevant to + a particular client.
+ Valid tokens will
+ exist in the /tokens/{tokenId} path and
+ invalid tokens will not. In other words, a user should
+ expect an itemNotFound (404) fault for an
+ invalid token.
Validates + a token has the supplied tenant in scope.
++ Check that a token is valid and that it belongs to a + particular tenant (For performance).
+Validates + a token has the supplied tenant in scope. (for + performance).
+ Valid
+ tokens will exist in the
+ /tokens/{tokenId} path and
+ invalid tokens will not. In other words, a
+ user should expect an itemNotFound
+ (404) fault for an invalid
+ token.
If + `belongsTo` is provided, validates that a + token has a specific tenant in scope.
+No + response body is returned for this method. +
+Returns detailed + information about a specific user, by user name.
+Returns detailed + information about a specific user, by user id.
++ Returns global roles for a specific user (excludes + tenant roles).
+Returns a list of + global roles associated with a specific user (excludes + tenant roles).
++ Gets a list of tenants.
+Returns a list of + tenants to which the specified token has access. This + call must be authenticated, so a valid token must be + passed in as a header.
++ Returns detailed information about a tenant, by name. +
++ Returns detailed information about a tenant, by ID. +
+Returns a list of + endpoints associated with a specific token.
+Returns roles for + a specific user on a specific tenant (excludes global + roles).
+- A list of supported extensions. -
+A list of + supported extensions.
- Returns detailed information about this specific version of the API. +
Returns detailed + information about this specific version of the API.
List all available extensions.
+Lists + available extensions.
Get details about a specific extension.
+Gets details about + a specified extension.
- Client authentication is provided via a ReST interface using the POST method, - with v2.0/tokens supplied as the path. A payload of credentials must be included - in the body. See supported credentials -
-- Each ReST request against the Keystone system requires the inclusion of a - specific authorization token HTTP x-header, defined as X-Auth-Token. Clients obtain - this token, along with the URL to other service APIs, by first authenticating against the - Keystone Service and supplying valid credentials. -
-- The Keystone Service is a ReSTful web service. It is the entry point to all service APIs. - To access the Keystone Service, you must know URL of the Keystone service. + xmlns="http://www.w3.org/1999/xhtml"> +
Client authentication is provided + through a ReST interface by using the POST method, + with v2.0/tokens supplied as the path. A payload of + credentials must be included in the body. See supported + credentials.
+Each ReST request against the Identity Service + requires the inclusion of a specific authorization + token HTTP x-header, defined as X-Auth-Token. Clients + obtain this token, along with the URL to other service + APIs, by first authenticating against the Identity + Service and supplying valid credentials.
+The Identity Service is a ReSTful web service. It is + the entry point to all service APIs. To access the + Identity Service, you must know the URL of the + Identity Service.
- Returns a list of tenants. -
+Returns a list of tenants.
- A list of Endpoint Templates. + A list of endpoint templates.
- An Endpoint Template. + An endpoint template.
@@ -69,7 +69,7 @@ xml:lang="EN" xmlns="http://www.w3.org/1999/xhtml">- An ID uniquely identifying the Endpoint Template. + An ID uniquely identifying the endpoint template.
diff --git a/openstack-identity-api/src/docbkx/extensions/OS-KSEC2/xsd/OS-KSEC2-credentials.xsd b/openstack-identity-api/src/docbkx/xsd/OS-KSEC2-credentials.xsd similarity index 95% rename from openstack-identity-api/src/docbkx/extensions/OS-KSEC2/xsd/OS-KSEC2-credentials.xsd rename to openstack-identity-api/src/docbkx/xsd/OS-KSEC2-credentials.xsd index cd1c4dc9..af3a3e64 100644 --- a/openstack-identity-api/src/docbkx/extensions/OS-KSEC2/xsd/OS-KSEC2-credentials.xsd +++ b/openstack-identity-api/src/docbkx/xsd/OS-KSEC2-credentials.xsd @@ -15,7 +15,7 @@ >- Base type for credential in Keystone. +
Base type for credential in the Identity Service.
- Both the tenantId and tenantName are optional, but should not be specified together. If both attributes are specified, the server SHOULD respond with a 400 Bad Request. -
+Both the tenantId and tenantName are optional, but + should not be specified together. If both + attributes are specified, the server SHOULD + respond with a 400 Bad Request.
An Endpoint.
+A list of endpoints.
+Version details.
+An ID uniquely identifying the Endpoint.
+The OpenStack-registered type (such as, 'compute', + 'object-store', and so on).
+The commercial service name (such as, 'My Nova + Cloud Servers').
+The region of endpoint template.
+The public URL to access represented service. +
+The internal version of the public URL.
+The admin URL.
+Tenant ID to which the endpoints belong.
+This schema file defines types related to API + extensions.
+A list of supported extensions.
+Details about a specific extension.
+A list of extensions.
+Details about a specific extension.
+A short description of what the extension + does.
+A human readable extension name.
+Extension namespace used for XML + representations.
+A vendor prefix alias used for non-XML + representations.
+The time that the extension was added or + modified.
+There should be at least one atom link with a + describedby relation. This relation provides + developer info for the extension.
+ Vendor aliases are used to differentiate
+ extensions in non-XML representations as well as
+ in HTTP headers and in the URL path. An alias is
+ made of a vendor prefix, followed be a dash (-)
+ followed be a short extension ID. For example:
+ RAX-PIE.
- An extensible service type allows all of the +
An extensible service type allows all of the strings defined in ServiceType or an - alias prefixed status. + ServiceType" + >ServiceType or an alias prefixed status.
- The type for an OpenStack Compute API 1.1 compatible service. -
+The type for an OpenStack Compute API 1.1 + compatible service.
- The type for a Swift-compatible service. +
The type for a Swift-compatible service.
- The type for a Glance-compatible service +
The type for a Glance-compatible service
- The type for a Keystone-compatible service. -
+The type for an Identity + Service-compatible service.
- The type for a Block-Storage-compatible service. -
+The type for a Block-Storage-compatible + service.
- The type for Amazon's EC2-compatible service. -
+The type for an Amazon EC2-compatible + service.
- A non-core service type which must contain an extension prefix. -
+A non-core service type, which must contain an + extension prefix.
A token is an arbitrary bit of text that is used + to access resources. Each token has a scope which + describes which resources are accessible with it. + A token may be revoked at anytime and is valid for + a finite duration.
+While the Identity Service supports token-based + authentication in this release, the intention is + for it to support additional protocols in the + future. The desire is for it to be an integration + service, and not a full-fledged identity store and + management solution.
+The service catalog lists the services you have + access to
+We optimized for future flexibility around the + hierarchy. So we left the design as a flat + list of endpoints with attributes and the + consumer can categorize as they need. This + results in potential duplication (such as with + the version/@list) but we acceopt that + normalization cost in order to not force an + artificial hierarchy (suchas on region, which + can be optional).
+A list of services.
+A list of endpoints.
+The OpenStack-registered type (e.g. 'compute', + 'object-store', etc).
+The commercial service name (e.g. 'My Nova + Cloud Servers').
+Version details.
+The name of the region where the endpoint + lives. Example: airport codes; LHR (UK), STL + (Saint Louis)
+Tenant id to which the endpoints belong.
+Public accessible service URL.
+A service URL, accessible only locally within + that cloud (generally over a high bandwidth, + low latency, free of charge link).
+An Admin URL (used for administration using + privileged calls). This may expose additional + functionality not found in the public and + internal URL.
+Id of the version.
+URI to get the information specific to this + version.
+URI to get the information about all versions. +
+- A list of Users. -
+A list of Users.
- A Keystone User. -
+An Identity Service user.
- An automatically generated, unique, immutable (it will never change) identifier - for the user. This is generated by the backend this user is stored in. -
+An automatically generated, unique, immutable + (it will never change) identifier for the + user. This is generated by the backend this + user is stored in.
- A unique, mutable (it can change) user name that may be used by the user - an identifier when presenting credentials. -
+A unique, mutable (it can change) user name + that may be used by the user an identifier + when presenting credentials.
- A true/false value that determines if the user may authenticate or not. - If enabled is false, the user will not be able to authenticate. - How this value is stored or generated is dependent on the backend in use. -
+A true/false value that determines if the user + may authenticate or not. If enabled is false, + the user will not be able to authenticate. How + this value is stored or generated is dependent + on the backend in use.
- A human-readable, friendly name for use in user interfaces. -
+A human-readable, friendly name for use in + user interfaces.
- A time-stamp identifying the modification time of the - user. -
+A time-stamp identifying the modification time + of the user.
- A creation time-stamp for the user. -
+A creation time-stamp for the user.