Atom feed of this document
 

 1.3.3. Authentication Response

In response to valid credentials, your request returns an authentication token and a service catalog with the endpoints that you use to request services.

Do not include explicit API endpoints in your scripts and applications. Instead, find the endpoint for your service and region.

The following output shows a partial authentication response in JSON format:

 

Example 1.7. Authenticate: JSON Response

{
    "access": {
        "serviceCatalog": [
            {
                "endpoints": [
                    {
                        "internalURL": "https://snet-storage101.dfw1.clouddrive.com/v1/MossoCloudFS_530f8649-324c-499c-a075-2195854d52a7", 
                        "publicURL": "https://storage101.dfw1.clouddrive.com/v1/MossoCloudFS_530f8649-324c-499c-a075-2195854d52a7", 
                        "region": "DFW", 
                        "tenantId": "MossoCloudFS_530f8649-324c-499c-a075-2195854d52a7"
                    }, 
                    {
                        "internalURL": "https://snet-storage101.ord1.clouddrive.com/v1/MossoCloudFS_530f8649-324c-499c-a075-2195854d52a7", 
                        "publicURL": "https://storage101.ord1.clouddrive.com/v1/MossoCloudFS_530f8649-324c-499c-a075-2195854d52a7", 
                        "region": "ORD", 
                        "tenantId": "MossoCloudFS_530f8649-324c-499c-a075-2195854d52a7"
                    }
                ], 
                "name": "cloudFiles", 
                "type": "object-store"
            }, 
            {
                "endpoints": [
                    {
                        "publicURL": "https://servers.api.rackspacecloud.com/v1.0/010101", 
                        "tenantId": "010101", 
                        "versionId": "1.0", 
                        "versionInfo": "https://servers.api.rackspacecloud.com/v1.0", 
                        "versionList": "https://servers.api.rackspacecloud.com/"
                    }
                ], 
                "name": "cloudServers", 
                "type": "compute"
            }, 
           ...
            {
                "endpoints": [ (1)
                    {
                        "publicURL": "https://dfw.servers.api.rackspacecloud.com/v2/010101", 
                        "region": "DFW", 
                        "tenantId": "010101", (2)
                        "versionId": "2", 
                        "versionInfo": "https://dfw.servers.api.rackspacecloud.com/v2", 
                        "versionList": "https://dfw.servers.api.rackspacecloud.com/"
                    }, 
                    {
                        "publicURL": "https://ord.servers.api.rackspacecloud.com/v2/010101", 
                        "region": "ORD", 
                        "tenantId": "010101", 
                        "versionId": "2", 
                        "versionInfo": "https://ord.servers.api.rackspacecloud.com/v2", 
                        "versionList": "https://ord.servers.api.rackspacecloud.com/"
                    }
                ], 
                "name": "cloudServersOpenStack", (3)
                "type": "compute"
            }, 
          ...
        ], 
        "token": {
            "expires": "2012-09-14T15:11:57.585-05:00", (4)
            "id": "858fb4c2-bf15-4dac-917d-8ec750ae9baa", (5)
            "tenant": {
                "id": "010101", 
                "name": "010101"
            }
        }, 
        "user": {
            "RAX-AUTH:defaultRegion": "DFW", 
            "id": "170454", 
            "name": "MyRackspaceAcct", 
            "roles": [
                {
                    "description": "User Admin Role.", 
                    "id": "3", 
                    "name": "identity:user-admin"
                }
            ]
        }
    }
}


Successful authentication returns the following information:

1

Endpoints to request Rackspace Cloud services. Appears in the endpoints element in the serviceCatalog element.

Endpoint information includes the public URL, which is the endpoint that you use to access the service, as well as region, tenant ID, and version information.

To access the Cloud Networks or next generation Cloud Servers service, use the endpoint for the cloudServersOpenStack service.

2

Tenant ID. Appears in the tenantId field in the endpoints element. The tenant ID is also known as the account number.

You include the tenant ID in the endpoint URL when you call a cloud service.

In the following example, you export the tenant ID, 010101, to the account environment variable and the authentication token to the token environment variable. Then, you issue a cURL command to send a request to a service as follows:

$ export account="010101"
$ export token="00000000-0000-0000-000000000000"
$ curl -s https://dfw.servers.api.rackspacecloud.com/v2/$account/images/detail \
     -H "X-Auth-Token: $token" | python -m json.tool

3

The name of the service. Appears in the name field.

Locate the correct service name in the service catalog, as follows:

  • First generation Cloud Servers. Named cloudServers in the catalog.

    If you use the authentication token to access this service, you can view and perform first generation Cloud Servers API operations against your first generation Cloud Servers.

  • Cloud Networks or next generation Cloud Servers. Named cloudServersOpenStack in the catalog.

    To access the Cloud Networks or next generation Cloud Servers service, use the publicURL value for the cloudServersOpenStack service.

    The service might show multiple endpoints to enable regional choice. Select the appropriate endpoint for the region that you want to interact with by examining the region field.

    If you use the authentication token to access this service, you can view and perform Cloud Networks or next generation Cloud Servers API operations against your next generation Cloud Servers.

4

Expiration date and time for authentication token. Appears in the expires field in the token element.

After this date and time, the token is no longer valid.

This field predicts the maximum lifespan for a token, but does not guarantee that the token reaches that lifespan.

Clients are encouraged to cache a token until it expires.

Because the authentication token expires after 24 hours, you must generate a token once a day.

5

Authentication token. Appears in the id field in the token element.

You pass the authentication token in the X-Auth-Token header each time that you send a request to a service.

In the following example, you export the tenant ID, 010101, to the account environment variable. You also export the authentication token, 00000000-0000-0000-000000000000, to the token environment variable. Then, you issue a cURL command to send a request to a service as follows:

$ export account="010101"
$ export token="00000000-0000-0000-000000000000"
$ curl -s https://dfw.servers.api.rackspacecloud.com/v2/$account/images/detail \
     -H "X-Auth-Token: $token" | python -m json.tool


loading table of contents...