Authentication validates your user credentials and provides access to Rackspace services and products. You need to authenticate prior to each request you make to the API. This section gives you a quick introduction to Rackspace authentication so that you can access the Rackspace Cloud Monitoring API. For a complete discussion of authentication, see Cloud Identity Client Developer Guide.
When you authenticate, you need to provide:
An identity endpoint
Your Rackspace account username
An API key
The following sections describe how to obtain these items and show an authentication example.
Multiple identity endpoints exist for the Rackspace Cloud Authentication Service. Use the one appropriate for your account location:
| Account location | Rackspace Cloud Identity Service endpoint |
|---|---|
| US-based account | https://identity.api.rackspacecloud.com/v2.0 |
| UK-based account | https://lon.identity.api.rackspacecloud.com/v2.0 |
In response to valid credentials, an authentication request to the Rackspace Cloud Identity Service returns an authentication token and a service catalog that contains a list of all services and endpoints available for this token. Because the authentication token expires after 24 hours, you must generate a new token once a day.
To make an authentication request, you send your Rackspace account username and API access key to the Rackspace Cloud Identity Service. After receiving your request, the Rackspace Cloud Identity Service validates your credentials and returns an authorization token and a list of the services you can access along with your account number. You need to include the authentication token and your account number with each request you make to the API. Section 1.5.3, “Authentication Example” provides an example.
To find your API key
Log into the Control Panel at https://mycloud.rackspace.com.
When the console opens, click your username in the upper-right corner of the window. Your username appears as the menu title. Select API Keys from the drop-down menu. The API Access page appears.
From the API Access page you can generate a new key or Show/Hide an existing key.
When you send your authentication request, include your
username and the apiKey as attributes of the
apiKeyCredentials parameter:
<apiKeyCredentials xmlns="http://docs.rackspace.com/identity/api/ext/RAX-KSKEY/v1.0"
username="MyRackspaceAcct"
apiKey="0000000000000000000"/>
The following example shows how to authenticate.
Remember to insert your Rackspace user name and API key for
username and apiKey.
![[Note]](/cm-v1.0-cm-getting-started/common/images/admon/note.png) | Note |
|---|---|
For JSON commands that return a response, the following code is appended to the command, which calls the json.tool to pretty-print output: | python -m json.tool If you don't want to pretty-print JSON output, omit this code. |
Example 1.1. Authentication Request: XML
curl -i -d '<?xml version="1.0" encoding="UTF-8"?> <auth> <apiKeyCredentials xmlns="http://docs.rackspace.com/identity/api/ext/RAX-KSKEY/v1.0" username="MyRackspaceAcct" apiKey="0000000000000000000"/>
</auth>' \
-H 'Content-Type: application/xml' \
-H 'Accept: application/xml' 'https://identity.api.rackspacecloud.com/v2.0/tokens'Example 1.2. Authentication Response: XML
HTTP/1.1 200 OK Server: nginx/0.8.55 Date: Tue, 18 Sep 2012 14:16:43 GMT Content-Type: application/xml Transfer-Encoding: chunked Connection: keep-alive response-source: cloud-auth vary: Accept, Accept-Encoding, X-Auth-Token Front-End-Https: on
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<access
xmlns:os-ksadm="http://docs.openstack.org/identity/api/ext/OS-KSADM/v1.0"
xmlns="http://docs.openstack.org/identity/api/v2.0">
<token id="5384dae4-e32e-40b1-a8ec-bc84135434c5"
expires="2012-09-18T20:20:55.000-05:00">
<tenant id="010101" name="010101"/>
</token>
<user
xmlns:rax-auth="http://docs.rackspace.com/identity/api/ext/RAX-AUTH/v1.0"
id="172157" name="MyRackspaceAcct"
rax-auth:defaultRegion="DFW">
<roles>
<role id="3" name="identity:user-admin"
description="User Admin Role."/>
</roles>
</user>
<serviceCatalog>
<service type="rax:object-cdn" name="cloudFilesCDN">
<endpoint region="DFW"
tenantId="MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
publicURL="https://cdn1.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"/>
<endpoint region="ORD"
tenantId="MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
publicURL="https://cdn2.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
/>
</service>
<service type="object-store" name="cloudFiles">
<endpoint region="DFW"
tenantId="MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
publicURL="https://storage101.dfw1.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
internalURL="https://snet-storage101.dfw1.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"/>
<endpoint region="ORD"
tenantId="MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
publicURL="https://storage101.ord1.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
internalURL="https://snet-storage101.ord1.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
/>
</service>
<service type="compute" name="cloudServers">
<endpoint tenantId="010101"
publicURL="https://servers.api.rackspacecloud.com/v1.0/010101">
<version id="1.0"
info="https://servers.api.rackspacecloud.com/v1.0"
list="https://servers.api.rackspacecloud.com/"/>
</endpoint>
</service>
<service type="rax:dns" name="cloudDNS">
<endpoint tenantId="010101"
publicURL="https://dns.api.rackspacecloud.com/v1.0/010101"
/>
</service>
<service type="compute" name="cloudServersOpenStack">
<endpoint region="ORD" tenantId="010101"
publicURL="https://ord.servers.api.rackspacecloud.com/v2/010101">
<version id="2"
info="https://ord.servers.api.rackspacecloud.com/v2"
list="https://ord.servers.api.rackspacecloud.com/"
/>
</endpoint>
<endpoint region="DFW" tenantId="010101"
publicURL="https://dfw.servers.api.rackspacecloud.com/v2/010101">
<version id="2"
info="https://dfw.servers.api.rackspacecloud.com/v2"
list="https://dfw.servers.api.rackspacecloud.com/"
/>
</endpoint>
</service>
<service type="rax:database" name="cloudDatabases">
<endpoint region="DFW" tenantId="010101"
publicURL="https://dfw.databases.api.rackspacecloud.com/v1.0/010101"/>
<endpoint region="ORD" tenantId="010101"
publicURL="https://ord.databases.api.rackspacecloud.com/v1.0/010101"
/>
</service>
<service type="rax:load-balancer" name="cloudLoadBalancers">
<endpoint region="ORD" tenantId="010101"
publicURL="https://ord.loadbalancers.api.rackspacecloud.com/v1.0/010101"/>
<endpoint region="DFW" tenantId="010101"
publicURL="https://dfw.loadbalancers.api.rackspacecloud.com/v1.0/010101"
/>
</service>
<service type="rax:monitor" name="cloudMonitoring">
<endpoint tenantId="010101"
publicURL="https://monitoring.api.rackspacecloud.com/v1.0/010101"
/>
</service>
</serviceCatalog>
</access>
Example 1.3. Authentication Request: JSON
curl -s https://identity.api.rackspacecloud.com/v2.0/tokens -X 'POST' \
-d '{"auth":{"RAX-KSKEY:apiKeyCredentials":{"username":"MyRackspaceAcct", "apiKey":"0000000000000000000"}}}' \
-H "Content-Type: application/json" | python -m json.toolExample 1.4. Authentication Response: JSON
{
"access": {
"serviceCatalog": [
{
"endpoints": [
{
"publicURL": "https://servers.api.rackspacecloud.com/v1.0/010101",
"tenantId": "010101",
"versionId": "1.0",
"versionInfo": "https://servers.api.rackspacecloud.com/v1.0",
"versionList": "https://servers.api.rackspacecloud.com/"
}
],
"name": "cloudServers",
"type": "compute"
},
{
"endpoints": [
{
"internalURL": "https://snet-storage101.dfw1.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f",
"publicURL": "https://storage101.dfw1.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f",
"region": "DFW",
"tenantId": "MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
},
{
"internalURL": "https://snet-storage101.ord1.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f",
"publicURL": "https://storage101.ord1.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f",
"region": "ORD",
"tenantId": "MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
}
],
"name": "cloudFiles",
"type": "object-store"
},
{
"endpoints": [
{
"publicURL": "https://cdn1.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f",
"region": "DFW",
"tenantId": "MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
},
{
"publicURL": "https://cdn2.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f",
"region": "ORD",
"tenantId": "MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
}
],
"name": "cloudFilesCDN",
"type": "rax:object-cdn"
},
{
"endpoints": [
{
"publicURL": "https://ord.servers.api.rackspacecloud.com/v2/010101",
"region": "ORD",
"tenantId": "010101",
"versionId": "2",
"versionInfo": "https://ord.servers.api.rackspacecloud.com/v2",
"versionList": "https://ord.servers.api.rackspacecloud.com/"
},
{
"publicURL": "https://dfw.servers.api.rackspacecloud.com/v2/010101",
"region": "DFW",
"tenantId": "010101",
"versionId": "2",
"versionInfo": "https://dfw.servers.api.rackspacecloud.com/v2",
"versionList": "https://dfw.servers.api.rackspacecloud.com/"
}
],
"name": "cloudServersOpenStack",
"type": "compute"
},
{
"endpoints": [
{
"publicURL": "https://ord.loadbalancers.api.rackspacecloud.com/v1.0/010101",
"region": "ORD",
"tenantId": "010101"
},
{
"publicURL": "https://dfw.loadbalancers.api.rackspacecloud.com/v1.0/010101",
"region": "DFW",
"tenantId": "010101"
}
],
"name": "cloudLoadBalancers",
"type": "rax:load-balancer"
},
{
"endpoints": [
{
"publicURL": "https://ord.databases.api.rackspacecloud.com/v1.0/010101",
"region": "ORD",
"tenantId": "010101"
},
{
"publicURL": "https://dfw.databases.api.rackspacecloud.com/v1.0/010101",
"region": "DFW",
"tenantId": "010101"
}
],
"name": "cloudDatabases",
"type": "rax:database"
},
{
"endpoints": [
{
"publicURL": "https://monitoring.api.rackspacecloud.com/v1.0/010101",
"tenantId": "010101"
}
],
"name": "cloudMonitoring",
"type": "rax:monitor"
},
{
"endpoints": [
{
"publicURL": "https://dns.api.rackspacecloud.com/v1.0/010101",
"tenantId": "010101"
}
],
"name": "cloudDNS",
"type": "rax:dns"
}
],
"token": {
"expires": "2012-09-18T20:20:55.000-05:00",
"id": "5384dae4-e32e-40b1-a8ec-bc84135434c5",
"tenant": {
"id": "010101",
"name": "010101"
}
},
"user": {
"RAX-AUTH:defaultRegion": "DFW",
"id": "172157",
"name": "MyRackspaceAcct",
"roles": [
{
"description": "User Admin Role.",
"id": "3",
"name": "identity:user-admin"
}
]
}
}
}
The authentication response contains the following information:
token idSpecifies the authentication token. Tokens are valid for a finite duration; a token's default lifespan is twenty-four hours.
expiresDenotes the time after which the token will automatically become invalid. A token may be manually revoked before the time identified by the
expiresattribute; this attribute predicts a token's maximum possible lifespan but does not guarantee that it will reach that lifespan. Clients are encouraged to cache a token until it expires.serviceCatalogLists the regions and public and private URLs for each of the Rackspace products and services you have access to.
publicURLLists the public URL for each product and service.
Note Your account number appears after the final '/' in the
publicURLfield. In this example, the account number is 010101.
