API Overview
Token Management
|
API |
Description |
|---|---|
|
Obtain a user token through username/password-based authentication. |
|
|
Obtaining a User Token Through Password and Virtual MFA Authentication |
Obtain a user token using a username, password, and virtual MFA code on condition that virtual MFA–based login protection has been enabled. |
|
Obtain an agency token. |
|
|
Used by the administrator to verify the token of an IAM user or used by an IAM user to verify their own token. |
Access Key Management
|
API |
Description |
|---|---|
|
Obtaining Temporary Access Keys and Security Tokens of an Agency |
Obtain a temporary access key and security token by using an agency. |
|
Obtaining Temporary Access Keys and Security Tokens of an IAM User |
Obtain a temporary access key and security token using a token. |
|
Used by the administrator to create a permanent access key for an IAM user or used by an IAM user to create a permanent access key. |
|
|
Used by the administrator to query all permanent access key of an IAM user or used by an IAM user to query all of their own permanent access keys. |
|
|
Used by the administrator to query the specified permanent access key of an IAM user or used by an IAM user to query one of their own permanent access keys. |
|
|
Used by the administrator to modify the specified permanent access key of an IAM user or used by an IAM user to modify one of their own permanent access keys. |
|
|
Used by the administrator to delete the specified permanent access key of an IAM user or used by an IAM user to delete one of their own permanent access keys. |
Region Management
|
API |
Description |
|---|---|
|
Query regions. |
|
|
Query region details. |
Project Management
|
API |
Description |
|---|---|
|
Query project information. |
|
|
Used by the administrator to list the projects accessible to a specified IAM user or used by an IAM user to list accessible projects. |
|
|
List the projects in which resources are accessible to a specified IAM user. |
|
|
Provided for the administrator to create a project. |
|
|
Provided for the administrator to modify project information. |
|
|
Query the detailed information about a project based on the project ID. |
|
|
Provided for the administrator to change the status of a specified project. The project status can be normal or suspended. |
|
|
Provided for the administrator to query project details and status. |
|
|
Query the quotas of a specified project. |
Account Management
|
API |
Description |
|---|---|
|
Query the account information that is accessible to a specified IAM user. |
|
|
Query the password strength policy, including the regular expression and description, of a specified account. |
|
|
Query the password strength policy, including the regular expression and description, of a specified account based on specified conditions. |
|
|
Query the quotas of a specified account. |
IAM User Management
|
API |
Description |
|---|---|
|
Provided for the administrator to list all IAM users. |
|
|
Used by the administrator to query the details about a specified IAM user or used by an IAM user to query their own details, including the mobile number and email address. |
|
|
Used by the administrator to query the details about a specified IAM user or used by an IAM user to query their own details, excluding the mobile number and email address. |
|
|
Used by the administrator to query the groups of a specified IAM user or used by an IAM user to query their own groups. |
|
|
Used by the administrator to query the IAM users in a user group. |
|
|
Provided for the administrator to create an IAM user. |
|
|
This API is provided for the administrator to create an IAM user. |
|
|
Used by an IAM user to change the login password. |
|
|
Modifying IAM User Information (By an IAM User) (Recommended) |
Used by an IAM user to modify its basic information. |
|
Modifying IAM User Information (By the Administrator) (Recommended) |
Provided for the administrator to modify IAM user information. |
|
Provided for the administrator to modify IAM user information. |
|
|
Provided for the administrator to delete an IAM user. |
|
|
Provided for the administrator to query the MFA device information of IAM users. |
|
|
Used by the administrator to query the MFA device information of a specified IAM user or used by an IAM user to query their own MFA device information. |
|
|
Provided for the administrator to query the login protection configurations of IAM users. |
|
|
Used by the administrator to query the login protection configuration of a specified IAM user or used by an IAM user to query their own login protection configuration. |
|
|
Provided for the administrator to modify the login protection configuration of an IAM user. |
|
|
Bind a virtual MFA device to an IAM user. |
|
|
Unbind the virtual MFA device bound to an IAM user. |
|
|
Create a virtual MFA device for an IAM user. |
|
|
Provided for the administrator to delete the virtual MFA device created for an IAM user. |
User Group Management
|
API |
Description |
|---|---|
|
Provided for the administrator to list all user groups. |
|
|
Provided for the administrator to query user group information. |
|
|
Provided for the administrator to create a user group. |
|
|
Provided for the administrator to update user group information. |
|
|
Provided for the administrator to delete a user group. |
|
|
Provided for the administrator to check whether an IAM user belongs to a specified user group. |
|
|
Provided for the administrator to add an IAM user to a specified user group. |
|
|
Used by the administrator to remove an IAM user from a specified user group. |
Permissions Management
|
API |
Description |
|---|---|
|
Provided for the administrator to list all permissions. |
|
|
Provided for the administrator to query permission details. |
|
|
Querying Permissions of a User Group for a Global Service Project |
Provided for the administrator to query the permissions of a user group for the global service project. |
|
Querying Permissions of a User Group for a Region-specific Project |
Provided for the administrator to query the permissions of a user group for a region-specific project. |
|
Granting Permissions to a User Group for a Global Service Project |
Provided for the administrator to grant permissions to a user group for the global service project. |
|
Granting Permissions to a User Group for a Region-specific Project |
Provided for the administrator to grant permissions to a user group for a region-specific project. |
|
Checking Whether a User Group Has Specified Permissions for a Global Service Project |
Provided for the administrator to check whether a user group has specified permissions for the global service project. |
|
Checking Whether a User Group Has Specified Permissions for a Region-specific Project |
Provided for the administrator to check whether a user group has specified permissions for a region-specific project. |
|
Provided for the administrator to query all permissions that have been assigned to a user group. |
|
|
Checking Whether a User Group Has Specified Permissions for All Projects |
Provided for the administrator to check whether a user group has specified permissions for all projects. |
|
Removing Specified Permissions of a User Group in All Projects |
Provided for the administrator to remove the specified permissions of a user group for all projects. |
|
Removing Permissions of a User Group for a Global Service Project |
Provided for the administrator to remove the specified permissions of a user group for the global service project. |
|
Removing the Permissions of a User Group for a Region-specific Project |
Provided for the administrator to remove the specified permissions of a user group for a region-specific project. |
|
Provided for the administrator to grant permissions to a user group for all projects. |
Custom Policy Management
|
API |
Description |
|---|---|
|
Provided for the administrator to list all custom policies. |
|
|
Provided for the administrator to query the details of a specified custom policy. |
|
|
Provided for the administrator to create a custom policy for cloud services. |
|
|
Provided for the administrator to create a custom policy for agencies. |
|
|
Provided for the administrator to modify a custom policy for cloud services. |
|
|
Provided for the administrator to modify a custom policy for agencies. |
|
|
Provided for the administrator to delete a custom policy. |
Agency Management
|
API |
Description |
|---|---|
|
Provided for the administrator to list agencies that match specified conditions. |
|
|
Provided for the administrator to query the details about an agency. |
|
|
Provided for the administrator to create an agency. |
|
|
Provided for the administrator to modify an agency. |
|
|
Provided for the administrator to delete an agency. |
|
|
Querying Permissions of an Agency for a Global Service Project |
Provided for the administrator to query the permissions of an agency for the global service project. |
|
Querying Permissions of an Agency for a Region-specific Project |
Provided for the administrator to query the permissions of an agency for a region-specific project. |
|
Granting Permissions to an Agency for a Global Service Project |
Provided for the administrator to grant permissions to an agency for the global service project. |
|
Granting Permissions to an Agency for a Region-specific Project |
Provided for the administrator to grant permissions to an agency for a region-specific project. |
|
Checking Whether an Agency Has Specified Permissions for a Global Service Project |
Provided for the administrator to check whether an agency has specified permissions for a global service project. |
|
Checking Whether an Agency Has Specified Permissions for a Region-specific Project |
Provided for the administrator to check whether an agency has specified permissions for a region-specific project. |
|
Removing Permissions of an Agency for a Global Service Project |
Provided for the administrator to remove the specified permissions of an agency for a global service project. |
|
Removing Permissions of an Agency for a Region-specific Project |
Provided for the administrator to remove the specified permissions of an agency for a region-specific project. |
|
Provided for the administrator to query all permissions that have been assigned to an agency. |
|
|
Granting Specified Permissions to an Agency for All Projects |
Provided for the administrator to grant specified permissions to an agency for all projects. |
|
Provided for the administrator to check whether an agency has specified permissions. |
|
|
Provided for the administrator to remove the specified permissions of an agency in all projects. |
Enterprise Project Management
|
API |
Description |
|---|---|
|
Query the user groups associated with the enterprise project of a specified ID. |
|
|
Querying the Permissions of a User Group Associated with an Enterprise Project |
Query the permissions of a user group associated with the enterprise project of a specified ID. |
|
Granting Permissions to a User Group Associated with an Enterprise Project |
Grant permissions to a user group associated with the enterprise project of a specified ID. |
|
Removing Permissions of a User Group Associated with an Enterprise Project |
Remove the permissions of a user group associated with an enterprise project. |
|
Querying the Enterprise Projects Associated with a User Group |
Query the enterprise projects associated with a user group. |
|
Querying the Enterprise Projects Directly Associated with an IAM User |
Query the enterprise projects associated with an IAM user. |
|
Querying Users Directly Associated with an Enterprise Project |
Query the users directly associated with a specified enterprise project. |
|
Querying Permissions of a User Directly Associated with an Enterprise Project |
Query the permissions of a user directly associated with a specified enterprise project. |
|
Granting Permissions to a User Associated with an Enterprise Project |
Grant permissions to a user for an enterprise project. |
|
Removing Permissions of a User Directly Associated with an Enterprise Project |
Remove the permissions of a user directly associated with a specified enterprise project. |
Security Settings
|
API |
Description |
|---|---|
|
Provided for the administrator to modify the operation protection policy. |
|
|
Query the operation protection policy. |
|
|
Provided for the administrator to modify the password policy. |
|
|
Query the password policy. |
|
|
Provided for the administrator to modify the login authentication policy. |
|
|
Query the login authentication policy. |
|
|
Provided for the administrator to modify the ACL for console access. |
|
|
Query the ACL for console access. |
|
|
Provided for the administrator to modify the ACL for API access. |
|
|
Query the ACL for API access. |
Federated Identity Authentication Management
|
API |
Description |
|---|---|
|
Obtain a federated authentication token using the OpenStack Client or ShibbolethECP Client. |
|
|
Obtain a federated authentication token in the IdP-initiated mode. The Client4ShibbolethIdP script is used as an example. |
|
|
List all identity providers. |
|
|
Query the details about an identity provider. |
|
|
Provided for the administrator to register an identity provider. |
|
|
Provided for the administrator to update an identity provider. |
|
|
Provided for the administrator to delete an identity provider. |
|
|
List all mappings. |
|
|
Query the details of a mapping. |
|
|
Provided for the administrator to register a mapping. |
|
|
Provided for the administrator to update a mapping. |
|
|
Provided for the administrator to delete a mapping. |
|
|
List all protocols. |
|
|
Query the details of a protocol. |
|
|
Provided for the administrator to register a protocol, that is, to associate a protocol with an identity provider. |
|
|
Provided for the administrator to update the protocol associated with a specified identity provider. |
|
|
Provided for the administrator to delete the protocol associated with a specified identity provider. |
|
|
Provided for the administrator to query the metadata file imported to IAM for an identity provider. |
|
|
Query the metadata file of Keystone. |
|
|
Provided for the administrator to import a metadata file. |
|
|
Obtain an unscoped token through IdP-initiated federated identity authentication. |
|
|
Obtain a scoped token through federated identity authentication. |
|
|
Obtain a federated identity authentication token using an OpenID Connect ID token. |
|
|
Obtain an unscoped token using an OpenID Connect ID token. |
|
|
List the accounts whose resources are accessible to federated users. |
Custom Identity Brokers
|
API |
Description |
|---|---|
|
Obtain a token for logging in through a custom identity broker. |
Version Information Management
|
API |
Description |
|---|---|
|
Query the version information of Keystone APIs. |
|
|
Obtain the information about Keystone API 3.0. |
Services and Endpoints
|
API |
Description |
|---|---|
|
List all services. |
|
|
Query the details of a service. |
|
|
Query the service catalog corresponding to X-Auth-Token contained in the request. |
|
|
List all endpoints. |
|
|
Query the details of an endpoint. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
