Identity/Auth API
Spec for identity API. This continues support for the Rackspace Auth protocol version (1.x) and moves it to the OpenStack namespace at version 2.0.
Blueprint information
- Status:
- Complete
- Approver:
- Ziad Sawalha
- Priority:
- High
- Drafter:
- Rackspace Architecture
- Direction:
- Approved
- Assignee:
- Ziad Sawalha
- Definition:
- Approved
- Series goal:
- Accepted for diablo
- Implementation:
- Implemented
- Milestone target:
- diablo-2
- Started by
- Ziad Sawalha
- Completed by
- Ziad Sawalha
Related branches
Related bugs
Sprints
Whiteboard
Service API:
POST /tokens
Returns a token in exchange for valid credentials.
GET /tenants
Returns a list of tenants for my X-Auth-Token.
This implies that an unscoped token returns a list of all tenants
associated with the user, and that a scoped token returns the single
tenant the token is associated with.
Admin API (Superset of Service API):
POST /tokens
Returns a token in exchange for valid credentials.
GET /tokens/{token_id}
Validates a token.
Returns token expiration, user info, and the user's roles for the given
token.
HEAD /tokens/{token_id}
Validates a token (for performance).
GET /tokens/
Validates that a token belongs to a specific tenant.
Returns token expiration, user info, and the user's roles for the given
token.
HEAD /tokens/
Validates that a token belongs to a specific tenant (for performance).
GET /tokens/
Returns a list of endpoints associated with a specific token.
GET /users/
Returns detailed information about a specific user, by user name.
GET /users/{user_id}
Returns detailed information about a specific user, by user id.
GET /users/
Returns global roles for a specific user (excludes tenant roles).
GET /tenants
Returns a list of all tenants.
GET /tenants/
Returns detailed information about a tenant, by name.
GET /tenants/
Returns detailed information about a tenant, by id.
GET /tenants/
Returns a list of roles for a user on a specific tenant.
Work Items
Dependency tree
* Blueprints in grey have been implemented.