Hi Everyone, Here's a quick Keystone API update. We had aimed to lock down the API last Sunday but have been running behind. However, we now have an updated spec. We've updated the documentation, WADL, XSD, and sample files in Keystone to reflect the core Keystone API we are aiming to implement for Diablo. The specs are available here (and in simple text below):
Service (Public) API: https://github.com/openstack/keystone/raw/master/keystone/content/service/identitydevguide.pdf<https://github.com/openstack/keystone/blob/master/keystone/content/service/identitydevguide.pdf> Admin (Private/Privileged) API: https://github.com/openstack/keystone/raw/master/keystone/content/admin/identityadminguide.pdf WADLs/XSD all available in the keystone/content folders in the source code The latest changes include: · Minimizing the core API to handle authentication functionality only. To do this, we narrowed down the API calls to the list at the bottom of this email (also listed on the whiteboard for https://blueprints.launchpad.net/keystone/+spec/identity-api). · We've split the API into Service and Admin APIs (where the Service API is generally what is exposed on the internet while the Admin API is on a controlled network). · We've moved the majority of the CRUD logic to extensions (this allows the Keystone API to be implemented on top of any back-end system; ex. LDAP). · Extension support for multiple credentials (as defined inhttps://blueprints.launchpad.net/keystone/+spec/support-multiple-credentials) · Extension support for service registration (https://blueprints.launchpad.net/keystone/+spec/keystone-service-registration) · Removing the default tenant id (https://blueprints.launchpad.net/keystone/+spec/remove-default-tenant) · Refactoring calls to support POST instead of PUT (https://github.com/rackspace/keystone/issues/134) · Support in the model for roles for a user without a tenant (https://blueprints.launchpad.net/keystone/+spec/roles-for-none-tenant) Updates: * We're now using the Gerrit workflow to integrate with Launchpad: http://wiki.openstack.org/GerritWorkflow * We're in the process of moving issues to Launchpad (waiting on Launchpad to complete the import). We'll be turning off the github.com/rackspace repo as soon as that is done. * I'd like to introduce Joe Savak, who has joined the Rackspace team and will be dedicated to Identity (and therefore working closely with the Keystone project) A big thank you to everyone who has contributed to the code and setting up the environment so far: THANK YOU! We look forward to your continued input and help as we continue to work toward completing the Diablo release. Let us know what you think! Thanks, Ziad & Joe Keystone v2.0 API Service API: POST /tokens Returns a token in exchange for valid credentials. GET /tenants Returns a list of tenants for the token provided in the X-Auth-Token header. This implies that a token without a specific tenant returns a list of all tenants associated with the user, and that a token that has a tenant returns the single tenant the token is associated with. Admin API (Superset of Service API): POST /tokens Returns a token in exchange for valid credentials. GET /tokens/{token_id} Validates a token. Returns token expiration, user info, and the user's roles for the given token. HEAD /tokens/{token_id} Validates a token (for performance). GET /tokens/{token_id}?belongsTo={tenant_id} Validates that a token belongs to a specific tenant. Returns token expiration, user info, and the user's roles for the given token. HEAD /tokens/{token_id}?belongsTo={tenant_id} Validates that a token belongs to a specific tenant (for performance). GET /users/?username={user_name} Returns detailed information about a specific user, by user name. GET /users/{user_id} Returns detailed information about a specific user, by user id. GET /users/{user_id}/roles Returns global roles for a specific user (excludes tenant roles). GET /tenants Returns a list of all tenants. GET /tenants/?name={tenant_name} Returns detailed information about a tenant, by name. GET /tenants/{tenant_id} Returns detailed information about a tenant, by id. GET /tenants/{tenant_id}/endpoints Returns a list of endpoints associated with a specific tenant. GET /tenants/{tenant_id}/users/{user_id}/roles Returns a list of roles for a user on a specific tenant. This email may include confidential information. If you received it in error, please delete it.
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
