Chapter 4. API Operations for Client Developers

Some of these operations require only the core authentication service API v2.0 and some require extensions to the API. If an extension is required, it is included in The Rackspace implementation of the OpenStack Identity (keystone) service; issuing the calls as described here uses the API extensions as needed.

MethodURIDescription
API Contract Version
GET/

Lists information about all Identity API versions.

GET/v2.0

Shows details for the Identity API v2.0.

Extensions
GET/v2.0/extensions

Lists available extensions.

GET/v2.0/extensions/{alias}

Gets detailed information for a specified extension.

Users
POST/v2.0/users

Adds a user.

GET/v2.0/users​{?name,​email}

Lists users.

GET/v2.0/users/{userId}

Get detailed account information for a specific user, by user id.

POST/v2.0/users/{userId}

Update user information and password.

DELETE/v2.0/users/{userId}

Deletes a user.

GET/v2.0/users/{userId}/RAX-AUTH/admins

Get the user administrator or point of contact for an account

POST/v2.0/users/{userId}/OS-KSADM/credentials

Adds a credential to a user.

GET/v2.0/users/{userId}/OS-KSADM/credentials/

Gets user credentials.

POST/v2.0/users/{userId}/OS-KSADM/credentials/RAX-KSKEY:apiKeyCredentials/RAX-AUTH/reset

Reset user API key.

Roles
GET/v2.0/OS-KSADM/roles​{?limit,​marker}

Lists available roles for managing access to Rackspace Cloud services.

GET/v2.0/OS-KSADM/roles/{roleId}

Gets a role by role ID.

GET/v2.0/users/{userId}/roles

Returns global roles associated with a user account.

PUT/v2.0/users/{userId}/roles/OS-KSADM/{roleid}

Adds a specific multi-product or custom (product-specific) role to a user.

DELETE/v2.0/users/{userId}/roles/OS-KSADM/{roleid}

Deletes a multi-product or custom (product-specific) role from a user.

Tokens
POST/v2.0/tokens

Authenticates using either a password or API key and generates an authentication token.

POST/v2.0/tokens

Allows administrators to authenticate by using a tenant id or name and a valid token.

POST/v2.0/tokens/

Authenticate with multi-factor passcode credentials.

GET/v2.0/tokens/{tokenId}

Verify that the specified token is valid.

DELETE/v2.0/tokens/

Revoke token.

Tenants
GET/v2.0/tenants​{?name}

Get a list of tenants, or look up a tenant by name.

Domains
GET/v2.0/RAX-AUTH/domains

Lists domains that a customer or process can access with the specified authentication token.

GET/v2.0/RAX-AUTH/domains/{domainId}

Retrieves a domain.

Secret questions and answers
POST/v2.0/users/{userId}/RAX-AUTH/secretqas

Adds a secret question and answer to a user account.

GET/v2.0/RAX-AUTH/secretqa/questions

Returns a list of secret questions that can be added to user accounts.

Multi-factor operations
POST/v2.0/users/{userId}/RAX-AUTH/multi-factor/mobile-phones

Adds a mobile phone number to the specified user account to support multi-factor authentication.

POST/v2.0/users/{userId}/RAX-AUTH/multi-factor/mobile-phones/{phoneId}/verificationcode

Sends an SMS message with a PIN code to a phone added to an account for multi-factor authentication.

POST/v2.0/users/{userId}/RAX-AUTH/multi-factor/mobile-phones/{phoneId}/verify

Submits the PIN code issued by Rackspace to confirm user possession of a mobile phone.

PUT/v2.0/users/{userId}/RAX-AUTH/multi-factor

Updates the multi-factor authentication settings for the specified account.

DELETE/v2.0/users/{userId}/RAX-AUTH/multi-factor

Removes the multi-factor authentication setting and all associated mobile phones from your user account.

GET/v2.0/users/{userId}/RAX-AUTH/multi-factor/mobile-phones

Lists the mobile phones associated with the specified user account.

POST/v2.0/users/{userId}/RAX-AUTH/multi-factor/bypass-codes

Generates a bypass code that can be substituted for a multi-factor authentication passcode.

PUT/v2.0/RAX-AUTH/domains/{domainId}/multi-factor

Updates the domain-level enforcement level for multi-factor authentication.



Contents Search
loading table of contents...