+ Check that a token is valid and that it belongs to a supplied tenant + and services and return the permissions relevant to a particular client. +
+
+ Valid tokens will exist in the
+ /tokens/{tokenId} path and invalid
+ tokens will not. In other words, a user should expect an
+ itemNotFound (404) fault for an
+ invalid token.
+
+ If 'HP-IDM-serviceId' is provided, it must be a comma-separated string of + service IDs. If any of the service IDs is invalid or if there are no + roles associated with the service IDs, a user should expect a 401. +
++ Validates a token has the supplied tenant in scope. +
++ If provided, filter the roles to be returned by the given service IDs. +
++ Check that a token is valid and that it belongs to a particular tenant and services + (For performance). +
+
+ Valid tokens will exist in the
+ /tokens/{tokenId} path and invalid
+ tokens will not. In other words, a user should expect an
+ itemNotFound (404) fault for an
+ invalid token.
+
+ If `belongsTo` is provided, validates that a token has a specific tenant in scope. +
++ If 'HP-IDM-serviceId' is provided, it must be a comma-separated string of + service IDs. If any of the service ID is invalid or if there are no + roles associated with the service IDs, a user should expect a 401. +
++ No response body is returned for this method. +
++ Validates a token has the supplied tenant in scope. (for performance). +
++ Check the roles against the given service IDs. +
++ Creates a tenant. +
+This call creates a tenant.
++ Updates a tenant. +
+This call updates a tenant.
++ Deletes a tenant. +
+This call deletes a tenant.
+Lists all the users for a tenant.
+Lists all the users for a tenant.
+ +Adds a specific role to a user for a tenant.
+Deletes a specific role from a user for a tenant.
+List users.
+ +Adds a user.
+Update a user.
+Delete a user.
+Enable user.
+ + +Adds a specific global role to a user.
+Deletes a specific global role from a user.
+Adds a credential to a user.
+List credentials.
+ +List credentials by type.
+ +Update credentials.
+ +Delete User credentials.
+Get user credentials.
+ +List roles.
+ +Add a Role.
+Get a role by Name.
+Get a role.
+Delete a role.
+List services.
+Get a service by name.
+Get a service.
+Add a service.
+Delete a service.
+List Endpoint Templates.
+ +Get Endpoint Template.
+ +Add Endpoint Template.
+ + +Update Endpoint Template.
+Delete a Endpoint Template.
+Add Endpoint to a tenant.
+ + +List Endpoints of a Tenant.
+ +Get Endpoint of a Tenant.
+ +Delete a Endpoint from a Tenant.
+Adds a credential to a user.
+List credentials.
+List credentials by type.
+Update credentials.
+Delete User credentials.
+Get user credentials.
+Adds a credential to a user.
+List credentials.
+List credentials by type.
+Update credentials.
+Delete User credentials.
+Get user credentials.
++ Check that a token is valid and that it belongs to a supplied tenant + and services and return the permissions relevant to a particular client. +
+
+ Behaviour is similar to /tokens/{tokenId}. In
+ other words, a user should expect an
+ itemNotFound (404) fault for an
+ invalid token.
+
+ 'X-Subject-Token' is encrypted, but can still be used for
+ caching. This extension will basically decrypt this header and
+ internally call Keystone's normal validation, passing along all
+ headers and query parameters. It should therefore support
+ all exsting calls on /tokens/{tokenId}, including
+ extensions such as HP-IDM.
+
+ Validates a token has the supplied tenant in scope. +
++ If provided, filter the roles to be returned by the given service IDs. +
++ Check that a token is valid and that it belongs to a particular + tenant and services (For performance). +
+
+ Behaviour is similar to /tokens/{tokenId}. In
+ other words, a user should expect an
+ itemNotFound (404) fault for an
+ invalid token.
+
+ 'X-Subject-Token' is encrypted, but can still be used for
+ caching. This extension will basically decrypt this header and
+ internally call Keystone's normal validation, passing along all
+ headers and query parameters. It should therefore support
+ all exsting calls on /tokens/{tokenId}, including
+ extensions such as HP-IDM.
+
+ No response body is returned for this method. +
++ Validates a token has the supplied tenant in scope. (for performance). +
++ Check the roles against the given service IDs. +
++ Returns a list of endpoints associated with a specific token. +
+List all the groups for a user.
+Adds a credential to a user.
+List credentials.
+List credentials by type.
+ +Update credentials.
+Delete User credentials.
+Get user credentials.
+Gets a User secret Question and Answer.
+Updates a User secret Question and Answer.
++ Creates a tenant. +
+This call creates a tenant.
++ Updates a tenant. +
+This call updates a tenant.
++ Deletes a tenant. +
+This call deletes a tenant.
+Lists all the users for a tenant.
+Lists all the users for a tenant.
+ +Adds a specific role to a user for a tenant.
+Deletes a specific role from a user for a tenant.
+List users.
+ +Adds a user.
+Update a user.
+Delete a user.
+Enable user.
+ + +Adds a specific global role to a user.
+Deletes a specific global role from a user.
+Adds a credential to a user.
+List credentials.
+ +List credentials by type.
+ +Update credentials.
+ +Delete User credentials.
+Get user credentials.
+ +List roles.
+ +Add a Role.
+Get a role by Name.
+Get a role.
+Delete a role.
+List services.
+Get a service by name.
+Get a service.
+Add a service.
+Delete a service.
+List Endpoint Templates.
+ +Get Endpoint Template.
+ +Add Endpoint Template.
+ + +Delete a Endpoint Template.
+Add Endpoint to a tenant.
+ + +List Endpoints of a Tenant.
+ +Get Endpoint of a Tenant.
+ +Delete a Endpoint from a Tenant.
+Adds a credential to a user.
+List credentials.
+List credentials by type.
+Update credentials.
+Delete User credentials.
+Get user credentials.
+List all the groups for a user.
+ +Adds a credential to a user.
+List credentials.
+List credentials by type.
+ +Update credentials.
+Delete User credentials.
+Get user credentials.
+Gets a User secret Question and Answer.
+Updates a User secret Question and Answer.
++ You need a valid admin token for access. +
++ A list of supported extensions. +
++ Returns detailed information about this specific version of the API. +
++ Lists supported extensions. +
++ Gets details about a specific extension. +
++ Authenticate to generate a token. +
++ This call will return a token if successful. Each ReST request against other services (or other + calls on Keystone such as the GET /tenants call) + requires the inclusion of a specific authorization token HTTP x-header, defined as X-Auth-Token. + Clients obtain + this token, along with the URL to other service APIs, by first authenticating against the + Keystone Service and supplying valid credentials. +
++ Client authentication is provided via a ReST interface using the POST method, + with v2.0/tokens supplied as the path. A payload of credentials must be included + in the body. +
++ The Keystone Service is a ReSTful web service. It is the entry point to all service APIs. + To access the Keystone Service, you must know URL of the Keystone service. +
++ Check that a token is valid and that it belongs to a supplied tenant + and return the permissions relevant to a particular client. +
+
+ Valid tokens will exist in the
+ /tokens/{tokenId} path and invalid
+ tokens will not. In other words, a user should expect an
+ itemNotFound (404) fault for an
+ invalid token.
+
+ Validates a token has the supplied tenant in scope. +
++ Check that a token is valid and that it belongs to a particular tenant + (For performance). +
++ Validates a token has the supplied tenant in scope. (for performance). +
+
+ Valid tokens will exist in the
+ /tokens/{tokenId} path and invalid
+ tokens will not. In other words, a user should expect an
+ itemNotFound (404) fault for an
+ invalid token.
+
+ If `belongsTo` is provided, validates that a token has a specific tenant in scope. +
++ No response body is returned for this method. +
++ Returns detailed information about a specific user, by user name. +
++ Returns detailed information about a specific user, by user id. +
++ Returns global roles for a specific user (excludes tenant roles). +
+Returns a list of global roles associated with a specific + user (excludes tenant roles).
++ Get a list of tenants. +
++ The operation returns a list of tenants which the supplied token provides + access to. This call must be authenticated, so a valid token must + be passed in as a header. +
++ Returns detailed information about a tenant, by name. +
++ Returns detailed information about a tenant, by id. +
++ Returns a list of endpoints associated with a specific token. +
++ Returns roles for a specific user on a specific tenant (excludes global roles). +
++ You need a valid admin token for access. +
++ A list of supported extensions. +
++ Returns detailed information about this specific version of the API. +
++ Lists supported extensions. +
++ Gets details about a specific extension. +
++ Authenticate to generate a token. +
++ This call will return a token if successful. Each ReST request against other services (or other + calls on Keystone such as the GET /tenants call) + requires the inclusion of a specific authorization token HTTP x-header, defined as X-Auth-Token. + Clients obtain + this token, along with the URL to other service APIs, by first authenticating against the + Keystone Service and supplying valid credentials. +
++ Client authentication is provided via a ReST interface using the POST method, + with v2.0/tokens supplied as the path. A payload of credentials must be included + in the body. +
++ The Keystone Service is a ReSTful web service. It is the entry point to all service APIs. + To access the Keystone Service, you must know URL of the Keystone service. +
++ Check that a token is valid and that it belongs to a supplied tenant + and return the permissions relevant to a particular client. +
+
+ Valid tokens will exist in the
+ /tokens/{tokenId} path and invalid
+ tokens will not. In other words, a user should expect an
+ itemNotFound (404) fault for an
+ invalid token.
+
+ Validates a token has the supplied tenant in scope. +
++ Check that a token is valid and that it belongs to a particular tenant + (For performance). +
++ Validates a token has the supplied tenant in scope. (for performance). +
+
+ Valid tokens will exist in the
+ /tokens/{tokenId} path and invalid
+ tokens will not. In other words, a user should expect an
+ itemNotFound (404) fault for an
+ invalid token.
+
+ If `belongsTo` is provided, validates that a token has a specific tenant in scope. +
++ No response body is returned for this method. +
++ Returns detailed information about a specific user, by user name. +
++ Returns detailed information about a specific user, by user id. +
++ Returns global roles for a specific user (excludes tenant roles). +
+Returns a list of global roles associated with a specific + user (excludes tenant roles).
++ Get a list of tenants. +
++ The operation returns a list of tenants which the supplied token provides + access to. This call must be authenticated, so a valid token must + be passed in as a header. +
++ Returns detailed information about a tenant, by name. +
++ Returns detailed information about a tenant, by id. +
++ Returns a list of endpoints associated with a specific token. +
++ Returns roles for a specific user on a specific tenant (excludes global roles). +
++ A list of supported extensions. +
++ Returns detailed information about this specific version of the API. +
+List all available extensions.
+Get details about a specific extension.
++ Client authentication is provided via a ReST interface using the POST method, + with v2.0/tokens supplied as the path. A payload of credentials must be included + in the body. See supported credentials +
++ Each ReST request against the Keystone system requires the inclusion of a + specific authorization token HTTP x-header, defined as X-Auth-Token. Clients obtain + this token, along with the URL to other service APIs, by first authenticating against the + Keystone Service and supplying valid credentials. +
++ The Keystone Service is a ReSTful web service. It is the entry point to all service APIs. + To access the Keystone Service, you must know URL of the Keystone service. +
++ Returns a list of tenants. +
++ A list of services. +
++ A service. +
++ An extensible credentials type. +
++ A list of Endpoint Templates. +
++ An Endpoint Template. +
++ Version details. +
++ An ID uniquely identifying the Endpoint Template. +
++ The OpenStack-registered type (e.g. 'compute', 'object-store', etc). +
++ The commercial service name (e.g. 'My Nova Cloud Servers'). +
++ The region of Endpoint Template. +
++ The public URL to access represented service. +
++ The internal version of the public URL. +
++ The admin URL. +
++ If true the Endpoint Template is automatically part of every account. +
++ True if the Endpoint Template is enabled (active). + A Endpoint Template cannot be added if it's disabled or inactive (false). +
++ The user's API Key. +
++ A Secret Question and Answer. The answer shall serve to prove + the user's identity as it should only be able to be answered + by the user who proposed the question. +
++ This is the main index XML Schema document + for Common API Schema Types Version 1.0. +
++ Types related to extensions. +
++ Types related to API version details. +
++ This schema document describes the XML namespace, in a form + suitable for import by other schema documents. +
++ See + http://www.w3.org/XML/1998/namespace.html and + + http://www.w3.org/TR/REC-xml for information + about this namespace. +
++ Note that local names in this namespace are intended to be + defined only by the World Wide Web Consortium or its subgroups. + The names currently defined in this namespace are listed below. + They should not be used with conflicting semantics by any Working + Group, specification, or document instance. +
++ See further below in this document for more information about how to refer to this schema document from your own + XSD schema documents and about the + namespace-versioning policy governing this schema document. +
++ denotes an attribute whose value + is a language code for the natural language of the content of + any element; its value is inherited. This name is reserved + by virtue of its definition in the XML specification.
+ ++ Attempting to install the relevant ISO 2- and 3-letter + codes as the enumerated possible values is probably never + going to be a realistic possibility. +
++ See BCP 47 at + http://www.rfc-editor.org/rfc/bcp/bcp47.txt + and the IANA language subtag registry at + + http://www.iana.org/assignments/language-subtag-registry + for further information. +
++ The union allows for the 'un-declaration' of xml:lang with + the empty string. +
++ denotes an attribute whose + value is a keyword indicating what whitespace processing + discipline is intended for the content of the element; its + value is inherited. This name is reserved by virtue of its + definition in the XML specification.
+ ++ denotes an attribute whose value + provides a URI to be used as the base for interpreting any + relative URIs in the scope of the element on which it + appears; its value is inherited. This name is reserved + by virtue of its definition in the XML Base specification.
+ ++ See http://www.w3.org/TR/xmlbase/ + for information about this attribute. +
++ denotes an attribute whose value + should be interpreted as if declared to be of type ID. + This name is reserved by virtue of its definition in the + xml:id specification.
+ ++ See http://www.w3.org/TR/xml-id/ + for information about this attribute. +
++ denotes Jon Bosak, the chair of + the original XML Working Group. This name is reserved by + the following decision of the W3C XML Plenary and + XML Coordination groups: +
++++ In appreciation for his vision, leadership and + dedication the W3C XML Plenary on this 10th day of + February, 2000, reserves for Jon Bosak in perpetuity + the XML name "xml:Father". +
+
+ This schema defines attributes and an attribute group suitable
+ for use by schemas wishing to allow xml:base,
+ xml:lang, xml:space or
+ xml:id attributes on elements they define.
+
+ To enable this, such a schema must import this schema for + the XML namespace, e.g. as follows: +
++ <schema . . .> + . . . + <import namespace="http://www.w3.org/XML/1998/namespace" + schemaLocation="http://www.w3.org/2001/xml.xsd"/> ++
+ or +
++ <import namespace="http://www.w3.org/XML/1998/namespace" + schemaLocation="http://www.w3.org/2009/01/xml.xsd"/> ++
+ Subsequently, qualified reference to any of the attributes or the + group defined below will have the desired effect, e.g. +
++ <type . . .> + . . . + <attributeGroup ref="xml:specialAttrs"/> ++
+ will define a type which will schema-validate an instance element + with any of those attributes. +
++ In keeping with the XML Schema WG's standard versioning + policy, this schema document will persist at + + http://www.w3.org/2009/01/xml.xsd. +
++ At the date of issue it can also be found at + + http://www.w3.org/2001/xml.xsd. +
++ The schema document at that URI may however change in the future, + in order to remain compatible with the latest version of XML + Schema itself, or with the XML namespace itself. In other words, + if the XML Schema or XML namespaces change, the version of this + document at + http://www.w3.org/2001/xml.xsd + + will change accordingly; the version at + + http://www.w3.org/2009/01/xml.xsd + + will not change. +
++ Previous dated (and unchanging) versions of this schema + document are at: +
+ ++ Base type for credential in Keystone. +
++ Both the tenantId and tenantName are optional, but should not be specified together. If both attributes are specified, the server SHOULD respond with a 400 Bad Request. +
++ An Endpoint. +
++ A list of Endpoints. +
++ Version details. +
++ An ID uniquely identifying the Endpoint. +
++ The OpenStack-registered type (e.g. 'compute', 'object-store', etc). +
++ The commercial service name (e.g. 'My Nova Cloud Servers'). +
++ The region of Endpoint Template. +
++ The public URL to access represented service. +
++ The internal version of the public URL. +
++ The admin URL. +
++ Tenant id to which the endpoints belong. +
++ A human readable message that is appropriate for display + to the end user. +
++ The optional <details> element may contain useful + information for tracking down errors (e.g a stack + trace). This information may or may not be appropriate + for display to an end user. +
++ The HTTP status code associated with the current fault. +
++ An optional dateTime denoting when an operation should + be retried. +
++ A list of roles. +
++ A role. +
++ An extensible service type allows all of the + strings defined in ServiceType or an + alias prefixed status. +
++ The type for an OpenStack Compute API 1.1 compatible service. +
++ The type for a Swift-compatible service. +
++ The type for a Glance-compatible service +
++ The type for a Keystone-compatible service. +
++ A non-core service type which must contain an extension prefix. +
++ A container used to group or isolate resources and/or identity + objects. Depending on the service operator, a tenant may map to a customer, + account, organization, or project. +
++ A list of tenants. +
++ An free text description of the tenant. +
++ An ID uniquely identifying the tenant. This usually comes from the back-end store. + This value is guaranteed to be unique and immutable (it will never change). +
++ The name of the tenant. This is guaranteed to be unique, but may change. +
++ An boolean signifying if a tenant is enabled or not. A disabled tenant + cannot be authenticated against. +
++ A human-readable, friendly name for use in user interfaces. +
++ A time-stamp identifying the modification time of the + tenant. +
++ A creation time-stamp for the tenant. +
++ A token is an arbitrary bit of text that is used to access + resources. Each token has a scope which describes which + resources are accessible with it. A token may be + revoked at anytime and is valid for a finite duration. +
++ While Keystone supports token-based authentication in this release, + the intention is for it to support additional protocols in the + future. The desire is for it to be an integration service, and not + a full-fledged identity store and management solution. +
++ The service catalog lists the services you have access to +
++ We optimized for future flexibility around the hierarchy. So we + left the design as a flat list of endpoints with attributes and the + consumer can categorize as they need. + This results in potential duplication (such as with the version/@list) + but we acceopt that normalization cost in order to not force an + artificial hierarchy (suchas on region, which can be optional). +
++ A list of services. +
++ A list of endpoints. +
++ The OpenStack-registered type (e.g. 'compute', 'object-store', etc). +
++ The commercial service name (e.g. 'My Nova Cloud Servers'). +
++ Version details. +
++ The name of the region where the endpoint + lives. Example: airport codes; LHR (UK), + STL (Saint Louis) +
++ Tenant id to which the endpoints belong. +
++ Public accessible service URL. +
++ A service URL, accessible only locally within that + cloud (generally over a high bandwidth, low latency, + free of charge link). +
++ An Admin URL (used for administration using privileged + calls). This may expose + additional functionality not found in the public and + internal URL. +
++ Id of the version. +
++ URI to get the information specific to this version. +
++ URI to get the information about all versions. +
++ A list of Users. +
++ A Keystone User. +
++ An automatically generated, unique, immutable (it will never change) identifier + for the user. This is generated by the backend this user is stored in. +
++ A unique, mutable (it can change) user name that may be used by the user + an identifier when presenting credentials. +
++ A true/false value that determines if the user may authenticate or not. + If enabled is false, the user will not be able to authenticate. + How this value is stored or generated is dependent on the backend in use. +
++ A human-readable, friendly name for use in user interfaces. +
++ A time-stamp identifying the modification time of the + user. +
++ A creation time-stamp for the user. +
++ This schema file defines all types related to versioning. +
++ This element is returned when the version of the + resource cannot be determined. The element + provides a list of choices for the resource. +
++ Provides a list of supported versions. +
++ This element provides detailed meta information + regarding the status of the current API version. + This is the XSD 1.0 compatible element definition. +
++ This element provides detailed meta information + regarding the status of the current API + version. The description should include a pointer + to both a human readable and a machine processable + description of the API service. +
+Loading...+
+ Your browser does not seem to have support for + namespace nodes in XPath. If you're a Firefox + user, please consider voting to get this issue + resolved: + + https://bugzilla.mozilla.org/show_bug.cgi?id=94270 + +
+|
+ |
+
+
+
+
+
+
+
+ |
+
|
+
+
+
+
+
+
+ |
+
| enum values | +|
| + |