API Operations for Client Developers

Some of these operations require only the core authentication service API v2.0 and some require extensions to the API. If an extension is required, it is included in The Rackspace implementation of the Keystone Identity Service; issuing the calls as described here uses the API extensions as needed.

MethodURIDescription
API Contract Version
GET/

Lists information about all Identity API versions.

GET/v2.0

Shows details for the Identity API v2.0.

Extensions
GET/v2.0/extensions

Lists available extensions.

GET/v2.0/extensions/{alias}

Gets detailed information for a specified extension.

Users
POST/users

Add a user.

GET/users/{name}

Get detailed account information for a specified user, by user name.

GET/users/{userId}

Get detailed account information for a specific user, by userid.

GET/users/{userId}

List users.

POST/users/{userId}

Update user information and password.

DELETE/users/{userId}

Delete a user.

GET/2.0/users/OS-KSADM/credentials

List credentials, other than passwords, for all authentication methods.

GET/v2.0/users/{userId}/OS-KSADM/credentials/RAX-KSKEY:apiKeyCredentials

Get user credentials.

POST/users/users/{userId}/OS-KSADM/credentials/RAX-KSKEY:apiKeyCredentials/RAX-AUTH/reset

Reset a user's API Key.

Roles
GET/2.0/roles/OS-KSADM​{?serviceId,​marker,​limit}

List roles.

GET/2.0/roles/OS-KSADM/{roleId}

Get a role.

PUT/2.0/users/roles/OS-KSADM/{roleId}

Add a specific multiproduct or custom (product-specific) role to a user.

DELETE/2.0/users/roles/OS-KSADM/{roleId}

Delete a multiproduct or custom (product-specific) role from a user.

GET/users/{userId}/roles

Return global roles for a specific user.

Authentication tokens
POST/v2.0/tokens

Authenticates using either a password or API key and generates an authentication token.

POST/v2.0/tokens

Allows Administrator users to authenticate by using a tenant id or name and a valid token.

POST/v2.0/tokens

Authenticate with multifactor passcode credentials.

GET/v2.0/tokens/{tokenId}​{?belongsTo}

Verify that the specified token is valid, and owned by the specified tenant.

HEAD/v2.0/tokens/{tokenId}

Check that a token is valid and that it belongs to a particular tenant (abbreviated response).

DELETE/v2.0/tokens/{tokenId}

Revoke token.

Multifactor
POST/v2.0/users/{userId}/RAX-AUTH/multi-factor/mobile-phones

Adds a mobile phone number to the specified user account to support multi-factor authentication.

POST/v2.0/users/{userId}/RAX-AUTH/multi-factor/mobile-phones/phoneId/verificationcode

Sends a verification code to a mobile phone associated with a user account to verify that the user has the phone.

POST/v2.0/users/{userId}/RAX-AUTH/multi-factor/mobile-phones/{phoneId}/verify

Submits a PIN code issued by Rackspace verification services to confirm user possession of a device.

PUT/v2.0/users/{userId}/RAX-AUTH/multi-factor/mobile-phones

Enables or disables the multi-factor authentication setting for the specified account.

DELETE/v2.0/users/{userId}/RAX-AUTH/multi-factor/mobile-phones

Removes the multi-factor authentication setting and all associated mobile phones from your user account.

GET/v2.0/users/{userId}/RAX-AUTH/multi-factor/mobile-phones

Lists phones associated with the specified user account.

POST/v2.0/users/{userId}/RAX-AUTH/multi-factor/{bypass}

Generates a bypass code that can be substituted for a multi-factor authentication passcode.



loading table of contents...