API Overview
Token Management
|
API |
Description |
|---|---|
|
Obtain a user token through username/password-based authentication. |
|
|
Obtain an agency token. |
|
|
Check the validity of a specified token. If the token is valid, detailed information about the token will be returned. |
|
|
Provided for the administrator to verify the token of a user or provided for a user to verify their token. The administrator can only verify the token of a user created using the account. If the verified token is valid, 200 is displayed. |
|
|
Delete a token no matter whether the token has expired or not. |
Access Key Management
|
API |
Description |
|---|---|
|
Obtain a temporary access key (AK/SK) and security token. |
|
|
Provided for the administrator to create a permanent access key for a user or provided for a user to create a permanent access key for themselves. |
|
|
Provided for the administrator to list all permanent access key of a user or provided for a user to list all of their permanent access keys. |
|
|
Provided for the administrator to query the specified permanent access key of a user or provided for a user to query one of their permanent access keys. |
|
|
Provided for the administrator to modify the specified permanent access key of a user or provided for a user to modify one of their permanent access keys. |
|
|
Provided for the administrator to delete the specified permanent access key of a user or provided for a user to delete one of their permanent access keys. |
Region Management
|
API |
Description |
|---|---|
|
List all regions. |
|
|
Query region details. |
Project Management
|
API |
Description |
|---|---|
|
Querying Project Information Based on the Specified Criteria |
Query project information. |
|
Query the project list of a specified user. |
|
|
List the projects in which resources are accessible to a specified user. |
|
|
Create a project. |
|
|
Modify the details of a project. |
|
|
Query the detailed information about a project based on the project ID. |
|
|
Change the status of a specified project. The project status can be normal or suspended. |
|
|
Query the details and status of a project. |
|
|
Query the quotas of a specified project. |
Tenant Management
|
API |
Description |
|---|---|
|
Query the list of domains accessible to users. |
|
|
Query the password strength policy, including its regular expression and description. |
|
|
Query the regular expression or description of the password strength policy configured for a specified account. |
|
|
Query a resource quota. You can query the quota of users, user groups, identity providers, agencies, and policies. |
User Management
|
API |
Description |
|---|---|
|
List all users. |
|
|
Query the detailed information about a specified user. |
|
|
Provided for the administrator to query the details about a specified user or provided for a user to query their details. |
|
|
Query the information about the groups to which a specified user belongs. |
|
|
Provided for the administrator to query the users in a user group. |
|
|
Create a user under a domain. |
|
|
Change the password for a user. |
|
|
Modify user information under a domain. |
|
|
Modifying User Information (Including Email Address and Mobile Number) |
Provided for users to modify their information. |
|
Modifying User Information (Including Email Address and Mobile Number) |
Provided for the administrator to modify user information. |
|
Provided for the administrator to delete a user. |
|
|
Delete a user from a user group. |
|
|
Provided for the administrator to query the MFA device information of users. |
|
|
Provided for the administrator to query the MFA device information of a specified user or provided for a user to query their MFA device information. |
|
|
Provided for the administrator to query the login protection configurations of users. |
|
|
Provided for the administrator to query the login protection configuration of a specified user or provided for a user to query their login protection configuration. |
|
|
Bind a virtual MFA device to a user. |
|
|
Unbind the virtual MFA device bound to a user. |
|
|
Create a virtual MFA device for a user. |
|
|
Provided for the administrator to delete the virtual MFA device created for a user. |
|
|
Provided for the administrator to modify the login protection configuration of a user. |
User Group Management
|
API |
Description |
|---|---|
|
Provided for the administrator to list all user groups. |
|
|
Provided for the administrator to query user group information. |
|
|
Provided for the administrator to create a user group. |
|
|
Provided for the administrator to add a user to a specified user group. |
|
|
Provided for the administrator to update user group information. |
|
|
Provided for the administrator to delete a user group. |
|
|
Provided for the administrator to check whether a user belongs to a specified user group. |
Permission Management
|
API |
Description |
|---|---|
|
Provided for the administrator to list all permissions. |
|
|
Provided for the administrator to query permission information. |
|
|
Query the permissions of a specified user group under a domain. |
|
|
Querying Permissions of a User Group Corresponding to a Project |
Query the permissions of a specified user group for a project. |
|
Grant permissions to a specified user group under a domain. |
|
|
Granting Permissions to a User Group Corresponding to a Project |
Grant permissions to a specified user group for a project. |
|
Deleting Permissions of a User Group Corresponding to a Project |
Delete permissions of a user group corresponding to a project. |
|
Delete permissions of a specified user group of a domain. |
|
|
Querying Whether a User Group Under a Domain Has Specific Permissions |
Query whether a specified user group under a domain has specific permissions. |
|
Querying Whether a User Group Corresponding to a Project Has Specific Permissions |
Query whether a user group corresponding to a project has specific permissions. |
|
Grant permissions to a user group. |
|
|
Removing Specified Permissions of a User Group in All Projects |
Provided for the administrator to remove the specified permissions of a user group in all projects. |
|
Checking Whether a User Group Has Specified Permissions for All Projects |
Provided for the administrator to check whether a user group has specified permissions for all projects. |
|
Provided for the administrator to query all permissions that have been assigned to a user group. |
Custom Policy Management
|
API |
Description |
|---|---|
|
Provided for the administrator to list all custom policies. |
|
|
Provided for the administrator to query custom policy details. |
|
|
Provided for the administrator to create a custom policy for cloud services. |
|
|
Provided for the administrator to create a custom policy for agencies. |
|
|
Provided for the administrator to modify a custom policy for cloud services. |
|
|
Provided for the administrator to modify a custom policy for agencies. |
|
|
Provided for the administrator to delete a custom policy. |
Agency Management
|
API |
Description |
|---|---|
|
Create an agency. |
|
|
Query an agency list based on the specified conditions. |
|
|
Query the details of a specified agency. |
|
|
Modify agency information, including the trust_domain_id, description, and trust_domain_name parameters. |
|
|
Delete an agency. |
|
|
Grant permissions to an agency for a project. |
|
|
Checking Whether an Agency Has the Specified Permissions on a Project |
Check whether an agency has the specified permissions on a project. |
|
Query the list of permissions of an agency on a project. |
|
|
Delete permissions of an agency on a project. |
|
|
Grant permissions to an agency on a domain. |
|
|
Checking Whether an Agency Has the Specified Permissions on a Domain |
Check whether an agency has the specified permissions on a domain. |
|
Query the list of permissions of an agency on a domain. |
|
|
Delete permissions of an agency on a domain. |
|
|
Provided for the administrator to query all permissions that have been assigned to an agency. |
|
|
Granting Specified Permissions to an Agency for All Projects |
Provided for the administrator to grant specified permissions to an agency for all projects. |
|
Provided for the administrator to check whether an agency has specified permissions. |
|
|
Provided for the administrator to remove the specified permissions of an agency in all projects. |
Security Settings
|
API |
Description |
|---|---|
|
Query the operation protection policy. |
|
|
Provided for the administrator to modify the operation protection policy. |
|
|
Query the password policy. |
|
|
Provided for the administrator to modify the password policy. |
|
|
Query the login authentication policy. |
|
|
Provided for the administrator to modify the login authentication policy. |
|
|
Query the ACL for console access. |
|
|
Provided for the administrator to modify the ACL for console access. |
|
|
Query the ACL for API access. |
|
|
Provided for the administrator to modify the ACL for API access. |
Federated Identity Authentication Management
|
API |
Description |
|---|---|
|
Obtain a federated authentication token using the OpenStack Client or ShibbolethECP Client. |
|
|
Obtain a federated authentication token in the IdP-initiated mode. The Client4ShibbolethIdP script is used as an example. |
|
|
List all identity providers. |
|
|
Query the details about an identity provider. |
|
|
Provided for the administrator to create an identity provider. |
|
|
Provided for the administrator to update an identity provider. |
|
|
Provided for the administrator to delete an identity provider. |
|
|
List all mappings. |
|
|
Query the information about a mapping. |
|
|
Provided for the administrator to register a mapping. |
|
|
Provided for the administrator to update a mapping. |
|
|
Provided for the administrator to delete a mapping. |
|
|
List all protocols. |
|
|
Query the details of a protocol. |
|
|
Provided for the administrator to register a protocol, that is, to associate a protocol with an identity provider. |
|
|
Provided for the administrator to update the protocol associated with a specified identity provider. |
|
|
Provided for the administrator to delete the protocol associated with a specified identity provider. |
|
|
Provided for the administrator to query the metadata file imported to IAM for an identity provider. |
|
|
Query the metadata file of Keystone. |
|
|
Provided for the administrator to import a metadata file. |
|
|
Obtain an unscoped token through SP-initiated federated identity authentication. |
|
|
Obtain an unscoped token through IdP-initiated federated identity authentication. |
|
|
Obtain a scoped token through federated identity authentication. |
|
|
List the accounts whose resources are accessible to federated users. |
|
|
List the projects in which resources are accessible to federated users. |
Version Information Management
|
API |
Description |
|---|---|
|
Query the version information of Keystone APIs. |
|
|
Obtain the information about Keystone API 3.0. |
Services and Endpoints
|
API |
Description |
|---|---|
|
List all services. |
|
|
Query the details of a service. |
|
|
Query the service catalog corresponding to X-Auth-Token contained in the request. |
|
|
List all endpoints. |
|
|
Query the details of an endpoint. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
