Support PIN#
When a customer calls or chats with Rackspace Support, they must give a 6- digit Support PIN to the Interactive Voice Response (IVR) system or to the Support Racker to verify their identity. When a new user is created, a 6-digit numeric phone PIN is assigned to the user by default. The Support PIN cannot be deleted. However, a user can update their Support PIN by using the Update user information and password operation.
Update your own Support PIN
To update your own Support PIN, use the following operation:
Retrieve your own Support PIN
To retrieve your own Support PIN, see the following operations:
Unlock your own Support PIN
To unlock your Support PIN, use the following operation:
Reset the Support PIN of another user
To reset the Support PIN of another user, use the following operation:
Update user information and password#
POST /v2.0/users/{userId}
This operation updates the user information for the account associated with the
specified user id. Before you submit the update request, use the Get
user by id operation to verify that the user name,
email account, and status associated with userId
match the account you
want to update.
Only include those user data elements that you wish to modify in the request
body. For example, if you only need to update the user’s email, for don’t
include the other body parameters like id
, enabled
, or
rax-auth:domainId
.
Note
Users who hold the admin role can update users who hold the user role (
identity:default
) or the admin role (identity:user-admin
) for the same tenant.Users with the
identity:user-admin
oridentity:user-manage
role can update user information for users within their domain and with theidentity:default
roleAdministrators can change the default region for another user, but the new value must be one of the regions listed for a Cloud Compute endpoint in the service catalog.
Only the
RAX-AUTH:contactId
attribute can be updated for a federated user.The
RAX-AUTH:phonePin
is only returned if the caller is updating their own user account and a Support PIN exists on the account.Users with the
identity:user-manage-limited
can update any sub-users’ email and enabled status within their domain.
This table shows the possible response codes for this operation:
Response code |
Name |
Description |
---|---|---|
200 |
OK |
The request has been fulfilled. The user has been updated. |
400 |
Bad Request |
The request is missing one or more elements, or the values of some elements are invalid. |
401 |
Unauthorized |
You are not authorized to complete this operation. This error can occur if the request is submitted with an invalid authentication token. |
403 |
Forbidden |
The request was valid, but the server is refusing to respond because you do not have permission to access the requested resource. Submit a request to your account administrator to determine how to gain access. |
404 |
Not Found |
The requested resource was not found. |
405 |
Invalid Method |
The method specified in the request is not valid for the resource identified in the request URI. |
406 |
Not Acceptable |
The server cannot send data in a format requested. |
413 |
Over Limit |
The number of items returned is above the allowed limit. |
503 |
Service Fault |
Service is not available. |
Request#
This table shows the header parameters for the request:
Name |
Type |
Description |
---|---|---|
X-Auth-Token |
String (Required) |
A valid authentication token. |
{userId} |
String (Required) |
A user ID assigned by system when a user is added. |
This table shows the URI parameters for the request:
Name |
Type |
Description |
---|---|---|
{userId} |
String (Required) |
A user ID assigned by system when a user is created. |
This table shows the body parameters for the request:
Name |
Type |
Description |
---|---|---|
user |
Object |
A |
user.username |
String (Optional) |
The name to assign to the user. |
user.email |
String (Optional) |
Email address for the user account. |
user.enabled |
String (Optional) |
Indicates whether the user is
enabled (true) or disabled (false). Users cannot update the |
user.RAX-AUTH:defaultRegion |
String (Optional) |
The default region that the user is assigned to. Must be one of the regions available in the service catalog. |
user.RAX-AUTH:phonePin |
String (Optional) |
Specify a new Support PIN for the user account. Ensure that the value specified meets the following criteria:
|
user.OS-KSADM:password |
String (Optional) |
Specify a new password for the user account. Ensure that the value specified meets the following criteria:
|
user.RAX-AUTH:contactId |
String (Optional) |
The core contact ID. |
Example: Update user HTTP request header: XML
POST /v2.0/users/123456 HTTP/1.1
Host: identity.api.rackspacecloud.com
Accept: application/xml
Content-type: application/xml
X-Auth-Token: eaf8345057414cd397d0543123456789
Example: Update user HTTP request header: JSON
POST /v2.0/users/123456 HTTP/1.1
Host: identity.api.rackspacecloud.com
Accept: application/json
Content-type: application/json
X-Auth-Token: eaf8345057414cd397d0543123456789
Example: Update user request: XML
<?xml version="1.0" encoding="UTF-8"?>
<user xmlns="http://docs.openstack.org/identity/api/v2.0"
xmlns:ns2="http://docs.openstack.org/identity/api/ext/OS-KSADM/v1.0"
xmlns:rax-auth="http://docs.rackspace.com/identity/api/ext/RAX-AUTH/v1.0"
username="jqsmith"
enabled="true"
email="john.smith@example.org"
RAX-AUTH:contactId="12345">
</user>
Example: Update user request: JSON
{
"user": {
"username": "jqsmith",
"email": "john.smith@example.org",
"enabled": true,
"RAX-AUTH:contactId": "1234"
}
}
Example: Update user password HTTP request header: XML
POST /v2.0/users/123456 HTTP/1.1
Host: identity.api.rackspacecloud.com
Accept: application/xml
Content-type: application/xml
X-Auth-Token: eaf8345057414cd397d0543123456789
Example: Update user password HTTP request header: JSON
POST /v2.0/users/123456 HTTP/1.1
Host: identity.api.rackspacecloud.com
Accept: application/xml
Content-type: application/json
X-Auth-Token: eaf8345057414cd397d0543123456789
Example: Update user password request: XML
<user username="abc123"
ns1:password="ungu355ab13"
xmlns:ns1="http://docs.openstack.org/identity/api/ext/OS-KSADM/v1.0"
xmlns:ns2="http://docs.openstack.org/identity/api/v2.0" />
Example: Update user password request: JSON
{
"user": {
"username": "abc123",
"OS-KSADM:password":"ungu355ab13"
}
}
Response#
Example: Update user information and password: XML response
<?xml version="1.0" encoding="UTF-8"?>
<user xmlns="http://docs.openstack.org/identity/api/v2.0"
xmlns:ns2="http://docs.openstack.org/identity/api/ext/OS-KSADM/v1.0"
xmlns:rax-auth="http://docs.rackspace.com/identity/api/ext/RAX-AUTH/v1.0"
id="123456" username="jqsmith"
enabled="true"
email="john.smith@example.org"
RAX-AUTH:defaultRegion="DFW"
RAX-AUTH:domainId="5830280"
RAX-AUTH:phonePin="125897"
RAX-AUTH:contactId="1234"
RAX-AUTH:multiFactorEnabled="true" >
</user>
Example: Update user information and password: JSON response
{
"user": {
"id": "123456",
"username": "jqsmith",
"email": "john.smith@example.org",
"enabled": true,
"RAX-AUTH:defaultRegion":"DFW",
"RAX-AUTH:domainId":"5830280",
"RAX-AUTH:phonePin":"136983",
"RAX-AUTH:multiFactorEnabled": true,
"RAX-AUTH:contactId":"1234"
}
}
Validate token#
GET /v2.0/tokens/{tokenId}
Use the Validate token operation to verify that the specified token is valid and owned by the specified tenant.
In the /tokens/{tokenId}
path, valid tokens exist and invalid tokens do
not. For application development, use the Validate token operation to make
sure that the client submitting the Validate token request can handle an
ItemNotFound (404
) error for an invalid token.
If the operation is successful, rerun the tenant credentials to return the permissions relevant to a particular client.
Any user can validate their own token. Identity user account administrators and Rackspace administrators can validate the token for any account user.
The validation response includes information about the user associated with
the token being validated. The RAX-AUTH:phonePin
attribute is only returned
if the provided X-Auth-Token matches the token to validate, and the associated
user has a Support PIN. The RAX-AUTH:phonePinState
is returned for all
valid requests.
This table shows the possible response codes for this operation:
Response Code |
Name |
Description |
---|---|---|
200 |
OK |
The operation completed successfully. |
400 |
Bad Request |
The request is missing one or more elements, or the values of some elements are invalid. |
401 |
Unauthorized |
You are not authorized to complete this operation. This error can occur if the request is submitted with an invalid authentication token. |
403 |
Forbidden |
The request was valid, but the server is refusing to respond because you do not have permission to access the requested resource. Submit a request to your account administrator to determine how to gain access. |
404 |
Not Found |
The requested resource was not found. |
405 |
Invalid Method |
The method specified in the request is not valid for the resource identified in the request URI. |
413 |
Over Limit |
The number of items returned is above the allowed limit. |
503 |
Service Fault |
Service is not available. |
Request#
This table shows the header parameters for the request:
Name |
Type |
Description |
---|---|---|
X-Auth-Token |
Header String (Required) |
A valid admin authentication token. |
This table shows the URI parameters for the request:
Name |
Type |
Description |
---|---|---|
{tokenId} |
String |
The authentication token to validate. |
This table shows the query parameters for the request:
Name |
Type |
Description |
---|---|---|
belongsTo |
String (Optional) |
Validate that a token has the specified tenant in scope. |
apply_rcn_roles |
Boolean (Optional) |
“When true, include any roles to which the user has access due to RCN roles. Defaults to false.” |
include_accessible_domains |
Boolean (Optional) |
When true, returns a list of domains that a user has access to. The list is returned on the user object of the authentication response. Defaults to false. |
This operation does not accept a request body.
Response#
Example: Validate token: XML response
<?xml version="1.0" encoding="UTF-8"?>
<access
xmlns:os-ksadm="http://docs.openstack.org/identity/api/ext/OS-KSADM/v1.0"
xmlns="http://docs.openstack.org/identity/api/v2.0">
<token id="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx "
expires="2010-11-01T03:32:15-05:00">
<tenant id="345" name="My Project" />
</token>
<user
xmlns:rax-auth="http://docs.rackspace.com/identity/api/ext/RAX-AUTH/v1.0"
id="123" username="testuser" rax-auth:defaultRegion="DFW">
<roles xmlns="http://docs.openstack.org/identity/api/v2.0">
<role id="123" name="compute:admin" />
<role id="234" name="object-store:admin" />
</roles>
</user>
</access>
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<access
xmlns="http://docs.openstack.org/identity/api/v2.0"
xmlns:rax-auth="http://docs.rackspace.com/identity/api/ext/RAX-AUTH/v1.0"
xmlns:rax-kskey="http://docs.rackspace.com/identity/api/ext/RAX-KSKEY/v1.0"
xmlns:os-ksec2="http://docs.openstack.org/identity/api/ext/OS-KSEC2/v1.0"
xmlns:rax-ksqa="http://docs.rackspace.com/identity/api/ext/RAX-KSQA/v1.0"
xmlns:atom="http://www.w3.org/2005/Atom"
xmlns:ns7="http://docs.rackspace.com/identity/api/ext/RAX-KSGRP/v1.0"
xmlns:os-ksadm="http://docs.openstack.org/identity/api/ext/OS-KSADM/v1.0">
<token expires="2015-06-28T01:34:29.300Z" id="cd45ad90d8034a1b8d75aa0efa89060b">
<tenant name="5830280" id="5830280"/>
<rax-auth:authenticatedBy>
<rax-auth:credential>APIKEY</rax-auth:credential>
</rax-auth:authenticatedBy>
</token>
<user rax-auth:phonePin="914737" rax-auth:defaultRegion="SYD" name="maeker12" id="92bb036af5b0467198cded345597f6b4">
<roles>
<role rax-auth:propagate="false" serviceId="bde1268ebabeeabb70a0e702a4626977c331d5c4" description="Cloud Networks" name="CloudNetworks-Security-Groups" id="88"/>
<role rax-auth:propagate="true" tenantId="5830280" serviceId="a45b14e394a57e3fd4e45d59ff3693ead204998b" description="A Role that allows a user access to keystone Service methods" name="compute:default" id="684"/>
<role rax-auth:propagate="false" serviceId="bde1268ebabeeabb70a0e702a4626977c331d5c4" description="Default Role." name="identity:default" id="2"/>
<role rax-auth:propagate="false" serviceId="bde1268ebabeeabb70a0e702a4626977c331d5c4" description="Admin role for access to all capabilities for all products" name="admin" id="10015034"/>
</roles>
</user>
</access>
Example: Validate token: JSON response
{
"access": {
"token": {
"id": "cd45ad90d8034a1b8d75aa0efa123456",
"expires": "2015-06-28T01:34:29.300Z",
"tenant": {
"id": "5830345",
"name": "5830345"
},
"RAX-AUTH:authenticatedBy": [
"APIKEY"
]
},
"user": {
"id": "92bb036af5b0467198cded3455123456",
"roles": [
{
"id": "88",
"serviceId": "bde1268ebabeeabb70a0e702a4626977c331d5c4",
"description": "Cloud Networks",
"name": "CloudNetworks-Security-Groups"
},
{
"tenantId": "5830345",
"id": "684",
"serviceId": "a45b14e394a57e3fd4e45d59ff3693ead204998b",
"description": "A Role that allows a user access to keystone Service methods",
"name": "compute:default"
},
{
"id": "2",
"serviceId": "bde1268ebabeeabb70a0e702a4626977c331d5c4",
"description": "Default Role.",
"name": "identity:default"
},
{
"id": "10015034",
"serviceId": "bde1268ebabeeabb70a0e702a4626977c331d5c4",
"description": "Admin role for access to all capabilities for all products",
"name": "admin"
}
],
"name": "accountUserName",
"RAX-AUTH:defaultRegion": "SYD",
"RAX-AUTH:phonePin": "653161",
"RAX-AUTH:phonePinState": "ACTIVE"
}
}
}
Example: Validate token for impersonation response: JSON
{
"access":{
"token":{
"id":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"expires":"2010-11-01T03:32:15-05:00",
"tenant":{
"id": "yourTenantID",
"name": "My Project"
}
},
"user":{
"id":"123",
"name":"yourUsername",
"roles":[{
"id":"123",
"name":"compute:admin"
},
{
"id":"234",
"name":"object-store:admin",
}
]
},
"RAX-AUTH:impersonator":{
"id":"567",
"name":"impersonator.username",
"roles":[{
"id":"123",
"name":"Racker"
},
{
"id":"234",
"name":"object-store:admin",
}
]
}
}
}
Example: Validate Token for Impersonation Response: XML
<?xml version="1.0" encoding="UTF-8"?>
<access xmlns="http://docs.openstack.org/identity/api/v2.0"
xmlns:RAX-AUTH="http://docs.rackspace.com/identity/api/ext/RAX-AUTH/v1.0">
<token id="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
expires="2010-11-01T03:32:15-05:00">
<tenant id="yourTenantID"
name="My Project" />
</token>
<user id="123"
username="yourUserName">
<roles xmlns="http://docs.openstack.org/identity/api/v2.0">
<role id="123" name="compute:admin" />
<role id="234" name="object-store:admin" />
</roles>
</user>
<RAX-AUTH:impersonator id="567"
username="impersonator.UserName">
<roles xmlns="http://docs.openstack.org/identity/api/v2.0">
<role id="123" name="Racker" />
<role id="234" name="object-store:admin" />
</roles>
</RAX-AUTH:impersonator>
</access>
Example: Validate token for Racker response: JSON
{
"access": {
"token": {
"expires": "2013-10-26T14:34:02.255Z",
"id": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
},
"user": {
"RAX-AUTH:defaultRegion": "",
"roles": [
{
"name": "Racker",
"description": "Defines a user as being a Racker",
"id": "9",
"serviceId": "18e7a7032733486cd32f472d7bd58f709ac0d221"
}
],
"id": "userId"
}
}
}
Example: Validate token for Racker response: XML
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<access xmlns="http://docs.openstack.org/identity/api/v2.0"
xmlns:ns2="http://www.w3.org/2005/Atom"
xmlns:os-ksadm="http://docs.openstack.org/identity/api/ext/OS-KSADM/v1.0"
xmlns:rax-ksqa="http://docs.rackspace.com/identity/api/ext/RAX-KSQA/v1.0"
xmlns:rax-kskey="http://docs.rackspace.com/identity/api/ext/RAX-KSKEY/v1.0"
xmlns:os-ksec2="http://docs.openstack.org/identity/api/ext/OS-KSEC2/v1.0"
xmlns:rax-auth="http://docs.rackspace.com/identity/api/ext/RAX-AUTH/v1.0">
<token id="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
expires="2013-11-26T18:08:51.146Z"/>
<user id="racerSSOUsername">
<roles>
<role id="9" name="Racker"
description="Defines a user as being a Racker"
serviceId="18e7a7032733486cd32f472d7bd58f709ac0d221"/>
<role name="dl_RackUSA"/>
<role name="dl_RackGlobal"/>
<role name="dl_cloudblock"/>
<role name="dl_US Managers"/>
<role name="DL_USManagers"/>
</roles>
</user>
</access>
Get user by id#
GET /v2.0/users/{userId}
This operation returns the following detailed account information for a specific user, by user id: email address, user name, user id, status, default region, and domain id.
Note
If this request is issued by a user holding the admin role
(identity:user-admin
), the specific user’s information is returned
only if that user is associated with the same tenant as the requester’s
user-admin
token.
If this request is issued by a user holding the user role
(identity:default
), the response only includes the user account
information for the user who submitted the request.
The user’s Support PIN is only returned if the caller is retrieving their own user account.
This table shows the possible response codes for this operation:
Response Code |
Name |
Description |
---|---|---|
200 |
OK |
The operation completed successfully. |
400 |
Bad Request |
The request is missing one or more elements, or the values of some elements are invalid. |
401 |
Unauthorized |
You are not authorized to complete this operation. This error can occur if the request is submitted with an invalid authentication token. |
403 |
Forbidden |
The request was valid, but the server is refusing to respond because you do not have permission to access the requested resource. Submit a request to your account administrator to determine how to gain access. |
404 |
Not Found |
The requested resource was not found. |
405 |
Invalid Method |
The method specified in the request is not valid for the resource identified in the request URI. |
413 |
Over Limit |
The number of items returned is above the allowed limit. |
503 |
Service Fault |
Service is not available. |
Request#
This table shows the header and URI parameters for the request:
Name |
Type |
Description |
---|---|---|
X-Auth-Token |
Header String (Required) |
A valid admin authentication token. |
{userId} |
URI String (Required) |
A user ID assigned by system when user is added. |
This operation does not accept a request body.
Response#
This table shows the body parameters for the response:
Name |
Type |
Description |
---|---|---|
users |
Object (Required) |
Returns the collection of users who match the specification in the List user API request. |
users.user |
Object (Required) |
A user object that provides user account information. |
user.RAX-AUTH:defaultRegion |
String (Optional) |
The default region that the user is assigned to. Must be one of the regions available in the service catalog. |
user.RAX-AUTH:domainId |
String (Optional) |
The ID for the domain that the user account has been assigned to. |
user.RAX-AUTH:phonePin |
String (Optional) |
A user’s Support PIN. |
user.RAX-AUTH:phonePinState |
String (Required) |
The Support PIN state.
|
user.RAX-AUTH:multiFactorEnabled |
Boolean (Optional) |
If an account has been configured to use multi-factor authentication, this field indicates if multi-factor authentication is currently enabled or disabled. |
user.RAX-AUTH:multiFactorState |
String (Optional) |
This extended attribute indicates if a multi-factor-enabled user
account is locked as a result of failed authentication attempts. If the
account has been locked at any point, the value is either |
user.RAX-AUTH:userMultiFactorEnforcementLevel |
String (Optional) |
If present, this extended attribute specifies the multi-factor authentication enforcement policy that applies to the specified account.
|
user.RAX-AUTH:contactId |
String (Optional) |
The core contact ID. |
user.RAX-AUTH:passwordExpiration |
String (Optional) |
If present, this extended attribute specifies the time when the user’s current password will expire. |
Example: Get user by ID HTTP response header: XML
HTTP/1.1 200 OK
Content-Type: application/xml
Example: Get user by ID: XML response
<?xml version="1.0" encoding="UTF-8"?>
<user
xmlns="http://docs.openstack.org/identity/api/v2.0"
xmlns:rax-auth="http://docs.rackspace.com/identity/api/ext/RAX-AUTH/v1.0"
xmlns:atom="http://www.w3.org/2005/Atom"
xmlns:rax-kskey="http://docs.rackspace.com/identity/api/ext/RAX-KSKEY/v1.0"
xmlns:os-ksec2="http://docs.openstack.org/identity/api/ext/OS-KSEC2/v1.0"
xmlns:rax-ksqa="http://docs.rackspace.com/identity/api/ext/RAX-KSQA/v1.0"
xmlns:ns7="http://docs.rackspace.com/identity/api/ext/RAX-KSGRP/v1.0"
xmlns:os-ksadm="http://docs.openstack.org/identity/api/ext/OS-KSADM/v1.0"
rax-auth:contactId="1234"
rax-auth:domainId="5830280"
rax-auth:defaultRegion="DFW"
rax-auth:multiFactorEnabled="true"
rax-auth:multiFactorState="ACTIVE"
rax-auth:userMultiFactorEnforcementLevel="OPTIONAL"
rax-auth:passwordExpiration="2018-02-09T13:39:53.685-06:00"
id="123456"
username="jqsmith"
email="john.smith@example.org"
enabled="true"/>
Example: Get user by ID HTTP response header: JSON
HTTP/1.1 200 OK
Content-Type: application/json
Example: Get user by ID response: JSON
{
"user":
{
"rax-auth:contactId":"1234"
"rax-auth:domainId":"5830280"
"id": "123456",
"enabled": true,
"username": "jqsmith",
"email": "john.smith@example.org",
"rax-auth:defaultRegion":"DFW",
"rax-auth:phonePin":"914737",
"rax-auth:phonePinState": "ACTIVE",
"rax-auth:multiFactorEnabled":"true",
"rax-auth:multiFactorState":"ACTIVE",
"rax-auth:userMultiFactorEnforcementLevel":"OPTIONAL"
"rax-auth:passwordExpiration":"2018-02-09T13:39:53.685-06:00"
}
}
Authenticate as tenant with token#
POST /v2.0/tokens
Identity user administrators can use this operation to authenticate by using a tenant ID or tenant name and a valid token.
Submit the POST token authentication request to the Identity service endpoint URL with a payload of credentials. Use either of the following credentials in the request.
tenantName
andtoken
ortenantId
andtoken
If the request includes both the name and ID, the server returns a 400 Bad Request error.
Important
If you authenticate as a tenant, the Service Catalog
returned includes
only endpoints for the Rackspace Cloud services authorized for that tenant.
The exception to this rule is if you specify the mosso (cloud) tenant for
which the full service catalog is still returned.
This table shows the possible response codes for this operation:
Response Code |
Name |
Description |
---|---|---|
200 |
OK |
Success. The tenant is authenticated. |
400 |
Bad Request |
Missing required parameters. This error also occurs if you include both the tenant name and ID in the request. |
401 |
Unauthorized |
You provided invalid credentials. |
404 |
Not Found |
The requested resource was not found. The token has expired or is no longer available. Use the POST token request to get a new token. |
500 |
Service Fault |
Service is not available. |
Request#
This table shows the query parameters for the request:
Name |
Type |
Description |
---|---|---|
apply_rcn_roles |
Boolean (Optional) |
When true, include any roles and endpoints to which the user has access due to RCN roles. Defaults to false. |
This table shows the body parameters for the request:
Name |
Type |
Description |
---|---|---|
tenantName |
String (Optional) |
Specify the name of the tenant. If you use this value in the request, do not include the tenant ID. |
tenantId |
UUID (Optional) |
Specify the unique ID for the tenant account. If you use this value in the request, do not include the tenant name. |
token |
String (Required) |
A |
Example: Authenticate as tenant with token: XML request
<?xml version="1.0" encoding="UTF-8"?>
<auth xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://docs.openstack.org/identity/api/v2.0"
tenantId="1100111">
<token id="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" />
</auth>
Example: Authenticate as tenant with token request: JSON
{
"auth": {
"tenantId": "1100111",
"token": {
"id": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
}
}
}
Response#
This table shows the body parameters for the response:
Name |
Type |
Description |
---|---|---|
access |
String (Required) |
An |
token |
String (Required) |
The token object supplies a scoped authentication token that can be used to access Rackspace services for the specified tenant. |
user |
String (Required) |
A user object that returns the following information about the user, if available for the account: id, name, assigned roles, default region, and domain. |
serviceCatalog |
String (Required) |
The service catalog provides information about each service available to the authenticated user along with the service endpoints for API requests. |
RAX-AUTH:phonePin |
String (Required) |
A six digit PIN that allows a user to confirm their identity to a Support Racker when they call Rackspace to get help with their account or accounts. |
RAX-AUTH:phonePinState |
String (Required) |
The Support PIN state.
|
Example: Authenticate as tenant with token response XML
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<access
xmlns:atom="http://www.w3.org/2005/Atom"
xmlns:rax-auth="http://docs.rackspace.com/identity/api/ext/RAX-AUTH/v1.0"
xmlns="http://docs.openstack.org/identity/api/v2.0"
xmlns:ns4="http://docs.rackspace.com/identity/api/ext/RAX-KSGRP/v1.0"
xmlns:rax-ksqa="http://docs.rackspace.com/identity/api/ext/RAX-KSQA/v1.0"
xmlns:os-ksadm="http://docs.openstack.org/identity/api/ext/OS-KSADM/v1.0"
xmlns:rax-kskey="http://docs.rackspace.com/identity/api/ext/RAX-KSKEY/v1.0"
xmlns:os-ksec2="http://docs.openstack.org/identity/api/ext/OS-KSEC2/v1.0">
<token id="d74f592f986e4d6e995853ccf01d25fe" expires="2015-06-05T16:24:57.637Z">
<tenant id="123456" name="123456"/>
<rax-auth:authenticatedBy>
<rax-auth:credential>APIKEY</rax-auth:credential>
</rax-auth:authenticatedBy>
</token>
<user id="172157" name="yourUserName" rax-auth:defaultRegion="DFW" rax-auth:domainId="123456">
<roles>
<role id="10000150" name="checkmate" description="Checkmate Access role" rax-auth:propagate="false"/>
<role id="5" name="object-store:default" description="A Role that allows a user access to keystone Service methods"
tenantId="MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f" rax-auth:propagate="true"/>
<role id="6" name="compute:default" description="A Role that allows a user access to keystone Service methods"
tenantId="123456" rax-auth:propagate="true"/>
<role id="3" name="identity:user-admin" description="User Admin Role." rax-auth:propagate="false"/>
</roles>
</user>
<serviceCatalog>
<service type="volume" name="cloudBlockStorage">
<endpoint region="SYD" tenantId="123456" publicURL="https://syd.blockstorage.api.rackspacecloud.com/v1/123456"/>
<endpoint region="DFW" tenantId="123456" publicURL="https://dfw.blockstorage.api.rackspacecloud.com/v1/123456"/>
<endpoint region="IAD" tenantId="123456" publicURL="https://iad.blockstorage.api.rackspacecloud.com/v1/123456"/>
<endpoint region="HKG" tenantId="123456" publicURL="https://hkg.blockstorage.api.rackspacecloud.com/v1/123456"/>
</service>
<service type="image" name="cloudImages">
<endpoint region="IAD" tenantId="123456" publicURL="https://iad.images.api.rackspacecloud.com/v2"/>
<endpoint region="HKG" tenantId="123456" publicURL="https://hkg.images.api.rackspacecloud.com/v2"/>
<endpoint region="DFW" tenantId="123456" publicURL="https://dfw.images.api.rackspacecloud.com/v2"/>
<endpoint region="SYD" tenantId="123456" publicURL="https://syd.images.api.rackspacecloud.com/v2"/>
</service>
<service type="rax:queues" name="cloudQueues">
<endpoint region="HKG" tenantId="123456" publicURL="https://hkg.queues.api.rackspacecloud.com/v1/123456"
internalURL="https://snet-hkg.queues.api.rackspacecloud.com/v1/123456"/>
<endpoint region="SYD" tenantId="123456" publicURL="https://syd.queues.api.rackspacecloud.com/v1/123456"
internalURL="https://snet-syd.queues.api.rackspacecloud.com/v1/123456"/>
<endpoint region="DFW" tenantId="123456" publicURL="https://dfw.queues.api.rackspacecloud.com/v1/123456"
internalURL="https://snet-dfw.queues.api.rackspacecloud.com/v1/123456"/>
<endpoint region="IAD" tenantId="123456" publicURL="https://iad.queues.api.rackspacecloud.com/v1/123456"
internalURL="https://snet-iad.queues.api.rackspacecloud.com/v1/123456"/>
</service>
<service type="rax:bigdata" name="cloudBigData">
<endpoint region="IAD" tenantId="123456" publicURL="https://iad.bigdata.api.rackspacecloud.com/v1.0/123456"/>
<endpoint region="DFW" tenantId="123456" publicURL="https://dfw.bigdata.api.rackspacecloud.com/v1.0/123456"/>
</service>
<service type="orchestration" name="cloudOrchestration">
<endpoint region="HKG" tenantId="123456" publicURL="https://hkg.orchestration.api.rackspacecloud.com/v1/123456"/>
<endpoint region="DFW" tenantId="123456" publicURL="https://dfw.orchestration.api.rackspacecloud.com/v1/123456"/>
<endpoint region="IAD" tenantId="123456" publicURL="https://iad.orchestration.api.rackspacecloud.com/v1/123456"/>
<endpoint region="SYD" tenantId="123456" publicURL="https://syd.orchestration.api.rackspacecloud.com/v1/123456"/>
</service>
<service type="compute" name="cloudServersOpenStack">
<endpoint region="SYD" tenantId="123456" publicURL="https://syd.servers.api.rackspacecloud.com/v2/123456">
<version id="2" info="https://syd.servers.api.rackspacecloud.com/v2" list="https://syd.servers.api.rackspacecloud.com/"/>
</endpoint>
<endpoint region="DFW" tenantId="123456" publicURL="https://dfw.servers.api.rackspacecloud.com/v2/123456">
<version id="2" info="https://dfw.servers.api.rackspacecloud.com/v2" list="https://dfw.servers.api.rackspacecloud.com/"/>
</endpoint>
<endpoint region="IAD" tenantId="123456" publicURL="https://iad.servers.api.rackspacecloud.com/v2/123456">
<version id="2" info="https://iad.servers.api.rackspacecloud.com/v2" list="https://iad.servers.api.rackspacecloud.com/"/>
</endpoint>
<endpoint region="HKG" tenantId="123456" publicURL="https://hkg.servers.api.rackspacecloud.com/v2/123456">
<version id="2" info="https://hkg.servers.api.rackspacecloud.com/v2" list="https://hkg.servers.api.rackspacecloud.com/"/>
</endpoint>
</service>
<service type="rax:autoscale" name="autoscale">
<endpoint region="DFW" tenantId="123456" publicURL="https://dfw.autoscale.api.rackspacecloud.com/v1.0/123456"/>
<endpoint region="HKG" tenantId="123456" publicURL="https://hkg.autoscale.api.rackspacecloud.com/v1.0/123456"/>
<endpoint region="IAD" tenantId="123456" publicURL="https://iad.autoscale.api.rackspacecloud.com/v1.0/123456"/>
<endpoint region="SYD" tenantId="123456" publicURL="https://syd.autoscale.api.rackspacecloud.com/v1.0/123456"/>
</service>
<service type="rax:database" name="cloudDatabases">
<endpoint region="SYD" tenantId="123456" publicURL="https://syd.databases.api.rackspacecloud.com/v1.0/123456"/>
<endpoint region="DFW" tenantId="123456" publicURL="https://dfw.databases.api.rackspacecloud.com/v1.0/123456"/>
<endpoint region="IAD" tenantId="123456" publicURL="https://iad.databases.api.rackspacecloud.com/v1.0/123456"/>
<endpoint region="HKG" tenantId="123456" publicURL="https://hkg.databases.api.rackspacecloud.com/v1.0/123456"/>
</service>
<service type="rax:backup" name="cloudBackup">
<endpoint region="IAD" tenantId="123456" publicURL="https://iad.backup.api.rackspacecloud.com/v1.0/123456"/>
<endpoint region="HKG" tenantId="123456" publicURL="https://hkg.backup.api.rackspacecloud.com/v1.0/123456"/>
<endpoint region="SYD" tenantId="123456" publicURL="https://syd.backup.api.rackspacecloud.com/v1.0/123456"/>
<endpoint region="DFW" tenantId="123456" publicURL="https://dfw.backup.api.rackspacecloud.com/v1.0/123456"/>
</service>
<service type="network" name="cloudNetworks">
<endpoint region="IAD" tenantId="123456" publicURL="https://iad.networks.api.rackspacecloud.com/v2.0"/>
<endpoint region="LON" tenantId="123456" publicURL="https://lon.networks.api.rackspacecloud.com/v2.0"/>
<endpoint region="SYD" tenantId="123456" publicURL="https://syd.networks.api.rackspacecloud.com/v2.0"/>
<endpoint region="DFW" tenantId="123456" publicURL="https://dfw.networks.api.rackspacecloud.com/v2.0"/>
<endpoint region="HKG" tenantId="123456" publicURL="https://hkg.networks.api.rackspacecloud.com/v2.0"/>
</service>
<service type="rax:cloudmetrics" name="cloudMetrics">
<endpoint region="IAD" tenantId="123456" publicURL="https://global.metrics.api.rackspacecloud.com/v2.0/123456"/>
</service>
<service type="rax:load-balancer" name="cloudLoadBalancers">
<endpoint region="SYD" tenantId="123456" publicURL="https://syd.loadbalancers.api.rackspacecloud.com/v1.0/123456"/>
<endpoint region="IAD" tenantId="123456" publicURL="https://iad.loadbalancers.api.rackspacecloud.com/v1.0/123456"/>
<endpoint region="HKG" tenantId="123456" publicURL="https://hkg.loadbalancers.api.rackspacecloud.com/v1.0/123456"/>
<endpoint region="DFW" tenantId="123456" publicURL="https://dfw.loadbalancers.api.rackspacecloud.com/v1.0/123456"/>
</service>
<service type="rax:feeds" name="cloudFeeds">
<endpoint region="HKG" tenantId="123456" publicURL="https://hkg.feeds.api.rackspacecloud.com/123456"
internalURL="https://atom.prod.hkg1.us.ci.rackspace.net/123456"/>
<endpoint region="SYD" tenantId="123456" publicURL="https://syd.feeds.api.rackspacecloud.com/123456"
internalURL="https://atom.prod.syd2.us.ci.rackspace.net/123456"/>
<endpoint region="IAD" tenantId="123456" publicURL="https://iad.feeds.api.rackspacecloud.com/123456"
internalURL="https://atom.prod.iad3.us.ci.rackspace.net/123456"/>
<endpoint region="DFW" tenantId="123456" publicURL="https://dfw.feeds.api.rackspacecloud.com/123456"
internalURL="https://atom.prod.dfw1.us.ci.rackspace.net/123456"/>
</service>
<service type="rax:monitor" name="cloudMonitoring">
<endpoint tenantId="123456" publicURL="https://monitoring.api.rackspacecloud.com/v1.0/123456"/>
</service>
<service type="rax:dns" name="cloudDNS">
<endpoint tenantId="123456" publicURL="https://dns.api.rackspacecloud.com/v1.0/123456"/>
</service>
<service type="compute" name="cloudServers">
<endpoint tenantId="123456" publicURL="https://servers.api.rackspacecloud.com/v1.0/123456">
<version id="1.0" info="https://servers.api.rackspacecloud.com/v1.0" list="https://servers.api.rackspacecloud.com/"/>
</endpoint>
</service>
<service type="rax:cdn" name="rackCDN">
<endpoint region="DFW" tenantId="123456" publicURL="https://global.cdn.api.rackspacecloud.com/v1.0/123456"
internalURL="https://global.cdn.api.rackspacecloud.com/v1.0/123456"/>
</service>
<service type="rax:object-cdn" name="cloudFilesCDN">
<endpoint region="DFW" tenantId="MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
publicURL="https://cdn1.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"/>
<endpoint region="SYD" tenantId="MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
publicURL="https://cdn4.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"/>
<endpoint region="HKG" tenantId="MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
publicURL="https://cdn6.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"/>
<endpoint region="IAD" tenantId="MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
publicURL="https://cdn5.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"/>
</service>
<service type="object-store" name="cloudFiles">
<endpoint region="DFW" tenantId="MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
publicURL="https://storage101.dfw1.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
internalURL="https://snet-storage101.dfw1.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"/>
<endpoint region="SYD" tenantId="MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
publicURL="https://storage101.syd2.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
internalURL="https://snet-storage101.syd2.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"/>
<endpoint region="IAD" tenantId="MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
publicURL="https://storage101.iad3.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
internalURL="https://snet-storage101.iad3.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"/>
<endpoint region="HKG" tenantId="MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
publicURL="https://storage101.hkg1.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
internalURL="https://snet-storage101.hkg1.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"/>
</service>
</serviceCatalog>
</access>
Example: Authenticate as tenant with token response JSON
{
"access": {
"token": {
"id": "d74f592f986e4d6e995853ccf0123456",
"expires": "2015-06-05T16:24:57.637Z",
"tenant": {
"id": "123456",
"name": "123456"
},
"RAX-AUTH:authenticatedBy": [
"APIKEY"
]
},
"serviceCatalog": [
{
"name": "cloudBlockStorage",
"endpoints": [
{
"region": "SYD",
"tenantId": "123456",
"publicURL": "https://syd.blockstorage.api.rackspacecloud.com/v1/123456"
},
{
"region": "DFW",
"tenantId": "123456",
"publicURL": "https://dfw.blockstorage.api.rackspacecloud.com/v1/123456"
},
{
"region": "IAD",
"tenantId": "123456",
"publicURL": "https://iad.blockstorage.api.rackspacecloud.com/v1/123456"
},
{
"region": "HKG",
"tenantId": "123456",
"publicURL": "https://hkg.blockstorage.api.rackspacecloud.com/v1/123456"
}
],
"type": "volume"
},
{
"name": "cloudImages",
"endpoints": [
{
"region": "IAD",
"tenantId": "123456",
"publicURL": "https://iad.images.api.rackspacecloud.com/v2"
},
{
"region": "HKG",
"tenantId": "123456",
"publicURL": "https://hkg.images.api.rackspacecloud.com/v2"
},
{
"region": "DFW",
"tenantId": "123456",
"publicURL": "https://dfw.images.api.rackspacecloud.com/v2"
},
{
"region": "SYD",
"tenantId": "123456",
"publicURL": "https://syd.images.api.rackspacecloud.com/v2"
}
],
"type": "image"
},
{
"name": "cloudQueues",
"endpoints": [
{
"region": "HKG",
"tenantId": "123456",
"publicURL": "https://hkg.queues.api.rackspacecloud.com/v1/123456",
"internalURL": "https://snet-hkg.queues.api.rackspacecloud.com/v1/123456"
},
{
"region": "SYD",
"tenantId": "123456",
"publicURL": "https://syd.queues.api.rackspacecloud.com/v1/123456",
"internalURL": "https://snet-syd.queues.api.rackspacecloud.com/v1/123456"
},
{
"region": "DFW",
"tenantId": "123456",
"publicURL": "https://dfw.queues.api.rackspacecloud.com/v1/123456",
"internalURL": "https://snet-dfw.queues.api.rackspacecloud.com/v1/123456"
},
{
"region": "IAD",
"tenantId": "123456",
"publicURL": "https://iad.queues.api.rackspacecloud.com/v1/123456",
"internalURL": "https://snet-iad.queues.api.rackspacecloud.com/v1/123456"
}
],
"type": "rax:queues"
},
{
"name": "cloudBigData",
"endpoints": [
{
"region": "IAD",
"tenantId": "123456",
"publicURL": "https://iad.bigdata.api.rackspacecloud.com/v1.0/123456"
},
{
"region": "DFW",
"tenantId": "123456",
"publicURL": "https://dfw.bigdata.api.rackspacecloud.com/v1.0/123456"
}
],
"type": "rax:bigdata"
},
{
"name": "cloudOrchestration",
"endpoints": [
{
"region": "HKG",
"tenantId": "123456",
"publicURL": "https://hkg.orchestration.api.rackspacecloud.com/v1/123456"
},
{
"region": "DFW",
"tenantId": "123456",
"publicURL": "https://dfw.orchestration.api.rackspacecloud.com/v1/123456"
},
{
"region": "IAD",
"tenantId": "123456",
"publicURL": "https://iad.orchestration.api.rackspacecloud.com/v1/123456"
},
{
"region": "SYD",
"tenantId": "123456",
"publicURL": "https://syd.orchestration.api.rackspacecloud.com/v1/123456"
}
],
"type": "orchestration"
},
{
"name": "cloudServersOpenStack",
"endpoints": [
{
"region": "SYD",
"tenantId": "123456",
"publicURL": "https://syd.servers.api.rackspacecloud.com/v2/123456",
"versionInfo": "https://syd.servers.api.rackspacecloud.com/v2",
"versionList": "https://syd.servers.api.rackspacecloud.com/",
"versionId": "2"
},
{
"region": "DFW",
"tenantId": "123456",
"publicURL": "https://dfw.servers.api.rackspacecloud.com/v2/123456",
"versionInfo": "https://dfw.servers.api.rackspacecloud.com/v2",
"versionList": "https://dfw.servers.api.rackspacecloud.com/",
"versionId": "2"
},
{
"region": "IAD",
"tenantId": "123456",
"publicURL": "https://iad.servers.api.rackspacecloud.com/v2/123456",
"versionInfo": "https://iad.servers.api.rackspacecloud.com/v2",
"versionList": "https://iad.servers.api.rackspacecloud.com/",
"versionId": "2"
},
{
"region": "HKG",
"tenantId": "123456",
"publicURL": "https://hkg.servers.api.rackspacecloud.com/v2/123456",
"versionInfo": "https://hkg.servers.api.rackspacecloud.com/v2",
"versionList": "https://hkg.servers.api.rackspacecloud.com/",
"versionId": "2"
}
],
"type": "compute"
},
{
"name": "autoscale",
"endpoints": [
{
"region": "DFW",
"tenantId": "123456",
"publicURL": "https://dfw.autoscale.api.rackspacecloud.com/v1.0/123456"
},
{
"region": "HKG",
"tenantId": "123456",
"publicURL": "https://hkg.autoscale.api.rackspacecloud.com/v1.0/123456"
},
{
"region": "IAD",
"tenantId": "123456",
"publicURL": "https://iad.autoscale.api.rackspacecloud.com/v1.0/123456"
},
{
"region": "SYD",
"tenantId": "123456",
"publicURL": "https://syd.autoscale.api.rackspacecloud.com/v1.0/123456"
}
],
"type": "rax:autoscale"
},
{
"name": "cloudDatabases",
"endpoints": [
{
"region": "SYD",
"tenantId": "123456",
"publicURL": "https://syd.databases.api.rackspacecloud.com/v1.0/123456"
},
{
"region": "DFW",
"tenantId": "123456",
"publicURL": "https://dfw.databases.api.rackspacecloud.com/v1.0/123456"
},
{
"region": "HKG",
"tenantId": "123456",
"publicURL": "https://hkg.databases.api.rackspacecloud.com/v1.0/123456"
}
],
"type": "rax:database"
},
{
"name": "cloudBackup",
"endpoints": [
{
"region": "IAD",
"tenantId": "123456",
"publicURL": "https://iad.backup.api.rackspacecloud.com/v1.0/123456"
},
{
"region": "HKG",
"tenantId": "123456",
"publicURL": "https://hkg.backup.api.rackspacecloud.com/v1.0/123456"
},
{
"region": "SYD",
"tenantId": "123456",
"publicURL": "https://syd.backup.api.rackspacecloud.com/v1.0/123456"
},
{
"region": "DFW",
"tenantId": "123456",
"publicURL": "https://dfw.backup.api.rackspacecloud.com/v1.0/123456"
}
],
"type": "rax:backup"
},
{
"name": "cloudNetworks",
"endpoints": [
{
"region": "IAD",
"tenantId": "123456",
"publicURL": "https://iad.networks.api.rackspacecloud.com/v2.0"
},
{
"region": "LON",
"tenantId": "123456",
"publicURL": "https://lon.networks.api.rackspacecloud.com/v2.0"
},
{
"region": "SYD",
"tenantId": "123456",
"publicURL": "https://syd.networks.api.rackspacecloud.com/v2.0"
},
{
"region": "DFW",
"tenantId": "123456",
"publicURL": "https://dfw.networks.api.rackspacecloud.com/v2.0"
},
{
"region": "HKG",
"tenantId": "123456",
"publicURL": "https://hkg.networks.api.rackspacecloud.com/v2.0"
}
],
"type": "network"
},
{
"name": "cloudMetrics",
"endpoints": [
{
"region": "IAD",
"tenantId": "123456",
"publicURL": "https://global.metrics.api.rackspacecloud.com/v2.0/123456"
}
],
"type": "rax:cloudmetrics"
},
{
"name": "cloudLoadBalancers",
"endpoints": [
{
"region": "SYD",
"tenantId": "123456",
"publicURL": "https://syd.loadbalancers.api.rackspacecloud.com/v1.0/123456"
},
{
"region": "IAD",
"tenantId": "123456",
"publicURL": "https://iad.loadbalancers.api.rackspacecloud.com/v1.0/123456"
},
{
"region": "HKG",
"tenantId": "123456",
"publicURL": "https://hkg.loadbalancers.api.rackspacecloud.com/v1.0/123456"
},
{
"region": "DFW",
"tenantId": "123456",
"publicURL": "https://dfw.loadbalancers.api.rackspacecloud.com/v1.0/123456"
}
],
"type": "rax:load-balancer"
},
{
"name": "cloudFeeds",
"endpoints": [
{
"region": "HKG",
"tenantId": "123456",
"publicURL": "https://hkg.feeds.api.rackspacecloud.com/123456",
"internalURL": "https://atom.prod.hkg1.us.ci.rackspace.net/123456"
},
{
"region": "SYD",
"tenantId": "123456",
"publicURL": "https://syd.feeds.api.rackspacecloud.com/123456",
"internalURL": "https://atom.prod.syd2.us.ci.rackspace.net/123456"
},
{
"region": "IAD",
"tenantId": "123456",
"publicURL": "https://iad.feeds.api.rackspacecloud.com/123456",
"internalURL": "https://atom.prod.iad3.us.ci.rackspace.net/123456"
},
{
"region": "DFW",
"tenantId": "123456",
"publicURL": "https://dfw.feeds.api.rackspacecloud.com/123456",
"internalURL": "https://atom.prod.dfw1.us.ci.rackspace.net/123456"
}
],
"type": "rax:feeds"
},
{
"name": "cloudMonitoring",
"endpoints": [
{
"tenantId": "123456",
"publicURL": "https://monitoring.api.rackspacecloud.com/v1.0/123456"
}
],
"type": "rax:monitor"
},
{
"name": "cloudDNS",
"endpoints": [
{
"tenantId": "123456",
"publicURL": "https://dns.api.rackspacecloud.com/v1.0/123456"
}
],
"type": "rax:dns"
},
{
"name": "cloudServers",
"endpoints": [
{
"tenantId": "123456",
"publicURL": "https://servers.api.rackspacecloud.com/v1.0/123456",
"versionInfo": "https://servers.api.rackspacecloud.com/v1.0",
"versionList": "https://servers.api.rackspacecloud.com/",
"versionId": "1.0"
}
],
"type": "compute"
},
{
"name": "rackCDN",
"endpoints": [
{
"region": "DFW",
"tenantId": "123456",
"publicURL": "https://global.cdn.api.rackspacecloud.com/v1.0/123456",
"internalURL": "https://global.cdn.api.rackspacecloud.com/v1.0/123456"
}
],
"type": "rax:cdn"
},
{
"name": "cloudFilesCDN",
"endpoints": [
{
"region": "DFW",
"tenantId": "MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f",
"publicURL": "https://cdn1.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
},
{
"region": "SYD",
"tenantId": "MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f",
"publicURL": "https://cdn4.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
},
{
"region": "HKG",
"tenantId": "MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f",
"publicURL": "https://cdn6.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
},
{
"region": "IAD",
"tenantId": "MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f",
"publicURL": "https://cdn5.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
}
],
"type": "rax:object-cdn"
},
{
"name": "cloudFiles",
"endpoints": [
{
"region": "DFW",
"tenantId": "MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f",
"publicURL": "https://storage101.dfw1.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f",
"internalURL": "https://snet-storage101.dfw1.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
},
{
"region": "SYD",
"tenantId": "MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f",
"publicURL": "https://storage101.syd2.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f",
"internalURL": "https://snet-storage101.syd2.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
},
{
"region": "IAD",
"tenantId": "MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f",
"publicURL": "https://storage101.iad3.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f",
"internalURL": "https://snet-storage101.iad3.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
},
{
"region": "HKG",
"tenantId": "MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f",
"publicURL": "https://storage101.hkg1.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f",
"internalURL": "https://snet-storage101.hkg1.clouddrive.com/v1/MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f"
}
],
"type": "object-store"
}
],
"user": {
"id": "172157",
"roles": [
{
"id": "10000150",
"description": "Checkmate Access role",
"name": "checkmate"
},
{
"tenantId": "MossoCloudFS_9c24e3db-52bf-4f26-8dc1-220871796e9f",
"id": "5",
"description": "A Role that allows a user access to keystone Service methods",
"name": "object-store:default"
},
{
"tenantId": "123456",
"id": "6",
"description": "A Role that allows a user access to keystone Service methods",
"name": "compute:default"
},
{
"id": "3",
"description": "User Admin Role.",
"name": "identity:user-admin"
}
],
"name": "yourUserName",
"RAX-AUTH:defaultRegion": "DFW",
"RAX-AUTH:domainId": "123456"
"RAX-AUTH:phonePin": "914737",
"RAX-AUTH:phonePinState": "ACTIVE"
}
}
}
Unlock the Support PIN#
PUT /v2.0/users/{userId}/RAX-AUTH/phone-pin/unlock
Users can unlock their Support PINs by calling this service.
Note
If users try to unlock a Support PIN for any user apart from themselves,
the service returns a HTTP 403
response.
The service also gives an error with code HTTP 403
if a user attempts to
unlock the their Support PIN when the Support PIN is not in locked state.
The following table shows the possible response codes for this operation:
Response Code |
Name |
Description |
---|---|---|
204 |
No Content |
The request has been fulfilled. The Support PIN is unlocked. |
400 |
Bad Request |
The request was invalid. |
401 |
Unauthorized |
You are not authorized to complete this operation. This error can occur if the request is submitted with an invalid authentication token. |
403 |
Forbidden |
Caller does not have an appropriate role or Support PIN is not in a locked state |
404 |
Not Found |
The user was not found. |
405 |
Invalid Method |
The method specified in the request is not valid for the resource identified in the request URI. |
503 |
Service Fault |
Service is not available. |
Request#
The following table shows the header parameters for the unlock Support PIN request:
Name |
Type |
Description |
---|---|---|
X-Auth-Token |
String (Required) |
A valid authentication token. |
Note
There is no request body for this service.
Response#
A successful unlock Support PIN request returns no response body with
HTTP 204
status code. Response body is only returned in case
service errors.
Example: When attempt is made to unlock a Support PIN which is not in locked state JSON response
{
"forbidden": {
"code": 403,
"message": "User's current Support PIN is not in locked state."
}
}
Example: When invalid user ID is passed in request url JSON response
{
"itemNotFound": {
"code": 404,
"message": "User 12345 not found"
}
}
Reset the Support PIN#
POST /v2.0/users/{userId}/RAX-AUTH/phone-pin/reset
Reset the Support PIN for a specific user. Users are not allowed to reset their own Support PINs by calling this service. If a user tries to reset their Support PIN, the service returns a 403 HTTP response.
Note
This service is only available to the following roles:
identity:user-admin
: Can reset the Support PIN for all of the users on
the caller’s domain.
identity:user-manage
: Can reset the Support PIN of users in the caller’s
domain who have the identity:user-manage role or below.
A successful reset Support PIN request returns no response body with
HTTP 204
status code.
The following table shows the possible response codes for this operation:
Response Code |
Name |
Description |
---|---|---|
204 |
No Content |
The request has been fulfilled. |
400 |
Bad Request |
The request was invalid. |
401 |
Unauthorized |
You are not authorized to complete this operation. This error can occur if the request is submitted with an invalid authentication token. |
403 |
Forbidden |
Caller does not have an appropriate role. |
404 |
Not Found |
If the caller does not have authorization to reset the phone PIN on the specified user or the user does not exist, a 404 HTTP response is returned. |
405 |
Invalid Method |
The method specified in the request is not valid for the resource identified in the request URI. |
409 |
Conflict |
The request could not be completed due to a conflict with the current state of the target resource. |
503 |
Service Fault |
Service is not available. |
Request#
The following table shows the header parameters for the reset Support PIN request:
Name |
Type |
Description |
---|---|---|
X-Auth-Token |
String (Required) |
A valid authentication token. |
The following table shows the request parameters for the reset Support PIN request:
Name |
Type |
Description |
---|---|---|
|
Boolean (Optional) |
|