There are few things more useful than a set of examples when starting to work with a new API. Here are some I’ve started collecting up for my work:

The first of three articles: More. Policy

Get a token. This user has the role ‘admin’ in a project, which means they can execute admin operations.
Save the following in a file named token-request.json

{
"auth": {
"identity": {
"methods": [
"password"
],
"password": {
"user": {
"domain": {
"name": "Default"
},
"name": "admin",
"password": "freeipa4all"
}
}
},
"scope": {
"project": {
"domain": {
"name": "Default"
},
"name": "demo"
}
}
}
}
 

And execute it with

export TOKEN=`curl -si -d @token-request.json -H "Content-type: application/json" http://localhost:35357/v3/auth/tokens | awk '/X-Subject-Token/ {print $2}'`
 

To list domains

curl -si -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://localhost:35357/v3/domains
 

Create a domain

curl  -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" -d '{"domain": {"description": "--optional--", "enabled": true, "name": "dom1"}}'  http://localhost:35357/v3/domains
 

To list users

curl -si -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://localhost:35357/v3/users

To create a users, create file named create_user.json file like this:

{
"user": {
"default_project_id": "d0f445c3379b48f38a2ab0f17314bbf9",
"description": "Description",
"domain_id": "default",
"email": "ayoung@redhat.com",
"enabled": true,
"name": "ayoung",
"password": "changeme" }
}

Execute it like this

curl -si -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json" http://localhost:35357/v3/users -d @create_user.json
 

The response should look like this, with different auto-generated IDs.

{"user": {"description": "Description", "links": {"self": "http://192.168.0.2:5000/v3/users/8221b007376a40ce8459c05f90077f16"}, "enabled": true, "email": "ayoung@redhat.com", "default_project_id": "d0f445c3379b48f38a2ab0f17314bbf9", "id": "8221b007376a40ce8459c05f90077f16", "domain_id": "default", "name": "ayoung"}}
 

Note that in the above case the new user_id is 8221b007376a40ce8459c05f90077f16. Use that to get the user directly:

$ curl  -H"X-Auth-Token:$TOKEN" -H "Content-type: application/json"   http://localhost:35357/v3/users/8221b007376a40ce8459c05f90077f16
{"user": {"name": "ayoung", "links": {"self": "http://192.168.0.2:5000/v3/users/8221b007376a40ce8459c05f90077f16"}, "enabled": true, "email": "ayoung@redhat.com...", "default_project_id": "d0f445c3379b48f38a2ab0f17314bbf9", "id": "8221b007376a40ce8459c05f90077f16", "domain_id": "default", "description": "Description"}}

To figure out how to do additional operations, see the V3 Identity API.

From: http://adam.younglogic.com/2013/09/keystone-v3-api-examples/

Keystone V3 API Examples的更多相关文章

  1. OpenStack IdentityService Keystone V3 API Curl实战

    v3 API Examples Using Curl <Tokens> 1,Default scope 获取token Get an token with default scope (m ...

  2. OpenStack Keystone v3 API新特性

    原连接 http://blog.chinaunix.net/uid-21335514-id-3497996.html keystone的v3 API与v2.0相比有很大的不同,从API的请求格式到re ...

  3. 使用openstackclient调用Keystone v3 API

    本文内容属于个人原创,转载务必注明出处:  http://www.cnblogs.com/Security-Darren/p/4138945.html 考虑到Keystone社区逐渐弃用第二版身份AP ...

  4. [转]OpenStack Keystone V3

    Keystone V3 Keystone 中主要涉及到如下几个概念:User.Tenant.Role.Token.下面对这几个概念进行简要说明. User:顾名思义就是使用服务的用户,可以是人.服务或 ...

  5. OpenStack Keystone V3 简介

    Keystone V3 简介 Keystone 中主要涉及到如下几个概念:User.Tenant.Role.Token.下面对这几个概念进行简要说明. User:顾名思义就是使用服务的用户,可以是人. ...

  6. 在Keystone V3基础上改进的分布式认证体系

    目标 使用java实现keystone v3相关功能与概念: api client authentication service discovery distributed multi-tenant ...

  7. [转]Setting Keystone v3 domains

    http://www.florentflament.com/blog/setting-keystone-v3-domains.html The Openstack Identity v3 API, p ...

  8. 使用google map v3 api 开发地图服务

    Google Map V3 API 学习地址: http://code.google.com/intl/zh-CN/apis/maps/documentation/javascript/article ...

  9. 在java中如何使用etcd的v2 和v3 api获取配置,并且对配置的变化进行监控

    etcd 和zookeeper 很像,都可以用来做配置管理.并且etcd可以在目前流行的Kubernetes中使用. 但是etcd 提供了v2版本合v3的版本的两种api.我们现在分别来介绍一下这两个 ...

随机推荐

  1. H3C CSMA/CD冲突检测和退避

  2. HDU 1698 Just a Hook 线段树区间更新、

    来谈谈自己对延迟标记(lazy标记)的理解吧. lazy标记的主要作用是尽可能的降低时间复杂度. 这样说吧. 如果你不用lazy标记,那么你对于一个区间更新的话是要对其所有的子区间都更新一次,但如果用 ...

  3. CentOS 安装 semanage 命令

    CentOS 安装 semanage 命令 在服务器上运行: [root@ca1 ~]# yum install policycoreutils-python vim /etc/selinux/con ...

  4. Python--day29--logging模块(日志模块)

    重要程度六颗星,比如一个小窗口的广告如果因为你没有日志的问题导致点击量没有记录下来,几十分钟那就会损失几十万了,这责任谁负得起. 希望离开一个公司是因为有了更好的去处而不是因为各种各样的原因被开掉,那 ...

  5. poj 3295

    题目意思就是计算表达式的值,如果所有情况下表达式为真就输出“tautology”,否则输出“not”. p, q, r, s, and t,每个人有两种情况,综合起来一共有32种情况,枚举所有情况最后 ...

  6. 多线程:“对象当前正在其他地方使用”如何解决 system.drawing

    使用这个委托,在拥有此控件的基础窗口句柄的线程上执行指定委托 this.Invoke(new Action(() => { node.SetValues(values); }));

  7. js 制作分页

    如图所示 在html中调用方法 getpage(7, 1, 1, 'URL') 1.page.js文件 代码 function getpage(count, countPage, pageIndex, ...

  8. H3C RIP路由表的维护

  9. mysql 添加索引,ALTER TABLE和CREATE INDEX的区别

    nvicat-->mysql表设计-->创建索引. (1)使用ALTER TABLE语句创建索引,其中包括普通索引.UNIQUE索引和PRIMARY KEY索引3种创建索引的格式: PRI ...

  10. 【js】 vue 2.5.1 源码学习(一) 大体结构 (自写版本,非源码)

    一.整体思路 1. 首先我们需要解析data,并且data里面的属性添加为vue的属性,并且拿到属性值 . 通过 原型方法 _peoxy实现     Obsever(代理函数) ==> walk ...