<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-family: Calibri, sans-serif; ">
<div><span id="OLK_SRC_BODY_SECTION" style="font-size: 14px; ">
<div>
<div lang="EN-US">
<div class="WordSection1">
<p class="MsoNormal" style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif; ">
Hi Everyone,</p>
</div>
</div>
</div>
</span>
<div><br>
</div>
<div><span class="Apple-style-span" style="font-size: 15px; ">Here's a quick Keystone API update. We had aimed to lock down the API last Sunday but have been running behind. However, we now have an updated spec. </span><span class="Apple-style-span" style="font-size: 15px; ">We've
updated the documentation, WADL, XSD, and sample files in Keystone to reflect the core Keystone API we are aiming to implement for Diablo. The specs are available here (and in simple text below):</span></div>
<div style="font-size: 14px; "><br>
</div>
<div style="font-size: 14px; "><span class="Apple-tab-span" style="white-space: pre; "></span><span class="Apple-tab-span" style="white-space:pre"></span>Service (Public) API: <a href="https://github.com/openstack/keystone/blob/master/keystone/content/service/identitydevguide.pdf" style="color: blue; text-decoration: underline; ">https://github.com/openstack/keystone/raw/master/keystone/content/service/identitydevguide.pdf</a></div>
<div style="font-size: 14px; "><span class="Apple-tab-span" style="white-space: pre; "></span><span class="Apple-tab-span" style="white-space:pre"></span>Admin (Private/Privileged) API: <a href="https://github.com/openstack/keystone/raw/master/keystone/content/admin/identityadminguide.pdf" style="color: blue; text-decoration: underline; ">https://github.com/openstack/keystone/raw/master/keystone/content/admin/identityadminguide.pdf</a></div>
<div style="font-size: 14px; "><span class="Apple-tab-span" style="white-space: pre; "></span><span class="Apple-tab-span" style="white-space:pre"></span>WADLs/XSD all available in the keystone/content folders in the source code</div>
<div style="font-size: 14px; "><br>
</div>
<span id="OLK_SRC_BODY_SECTION" style="font-size: 14px; ">
<div>
<div lang="EN-US">
<div class="WordSection1">
<p class="MsoNormal" style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif; ">
The latest changes include:</p>
<p class="MsoListParagraph" style="margin-top: 0in; margin-right: 0in; margin-left: 0.5in; margin-bottom: 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif; text-indent: -0.25in; ">
<span><span>·<span style="font: normal normal normal 7pt/normal 'Times New Roman'; "> </span></span></span>Minimizing the core API to handle authentication functionality only. To do this, we narrowed down the API calls to the list at the bottom of this
email (also listed on the whiteboard for <a href="https://blueprints.launchpad.net/keystone/+spec/identity-api" style="color: blue; text-decoration: underline; ">https://blueprints.launchpad.net/keystone/+spec/identity-api</a>).</p>
<p class="MsoListParagraph" style="margin-top: 0in; margin-right: 0in; margin-left: 0.5in; margin-bottom: 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif; text-indent: -0.25in; ">
<span><span>·</span></span><span><span><span style="font: normal normal normal 7pt/normal 'Times New Roman'; "> </span></span></span>We've split the API into Service and Admin APIs (where the Service API is generally what is exposed on the internet
while the Admin API is on a controlled network).</p>
<p class="MsoListParagraph" style="margin-top: 0in; margin-right: 0in; margin-left: 0.5in; margin-bottom: 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif; text-indent: -0.25in; ">
</p>
<p class="MsoListParagraph" style="margin-top: 0in; margin-right: 0in; margin-left: 0.5in; margin-bottom: 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif; text-indent: -0.25in; ">
·<span style="font: normal normal normal 7pt/normal 'Times New Roman'; "> </span>We've moved the majority of the CRUD logic to extensions (this allows the Keystone API to be implemented on top of any back-end system; ex. LDAP).</p>
<p class="MsoListParagraph" style="margin-top: 0in; margin-right: 0in; margin-left: 0.5in; margin-bottom: 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif; text-indent: -0.25in; ">
<span><span>·<span style="font: normal normal normal 7pt/normal 'Times New Roman'; "> </span></span></span>Extension support for multiple credentials (as defined in<a href="https://blueprints.launchpad.net/keystone/+spec/support-multiple-credentials" style="color: blue; text-decoration: underline; ">https://blueprints.launchpad.net/keystone/+spec/support-multiple-credentials</a>)</p>
<p class="MsoListParagraph" style="margin-top: 0in; margin-right: 0in; margin-left: 0.5in; margin-bottom: 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif; text-indent: -0.25in; ">
<span><span>·<span style="font: normal normal normal 7pt/normal 'Times New Roman'; "> </span></span></span>Extension support for service registration (<a href="https://blueprints.launchpad.net/keystone/+spec/keystone-service-registration" style="color: blue; text-decoration: underline; ">https://blueprints.launchpad.net/keystone/+spec/keystone-service-registration</a>)</p>
<p class="MsoListParagraph" style="margin-top: 0in; margin-right: 0in; margin-left: 0.5in; margin-bottom: 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif; text-indent: -0.25in; ">
<span class="author-g-59ryt61gircyxgbi"><span><span>·<span style="font: normal normal normal 7pt/normal 'Times New Roman'; "> </span></span></span></span>Removing the default tenant id (<span class="author-g-59ryt61gircyxgbi"><a href="https://blueprints.launchpad.net/keystone/+spec/remove-default-tenant" style="color: blue; text-decoration: underline; ">https://blueprints.launchpad.net/keystone/+spec/remove-default-tenant</a>)</span></p>
<p class="MsoListParagraph" style="margin-top: 0in; margin-right: 0in; margin-left: 0.5in; margin-bottom: 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif; text-indent: -0.25in; ">
<span><span>·<span style="font: normal normal normal 7pt/normal 'Times New Roman'; "> </span></span></span>Refactoring calls to support POST instead of PUT (<a href="https://github.com/rackspace/keystone/issues/134" style="color: blue; text-decoration: underline; ">https://github.com/rackspace/keystone/issues/134</a>)</p>
<p class="MsoListParagraph" style="margin-top: 0in; margin-right: 0in; margin-left: 0.5in; margin-bottom: 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif; text-indent: -0.25in; ">
<span><span>·<span style="font: normal normal normal 7pt/normal 'Times New Roman'; "> </span></span></span>Support in the model for roles for a user without a tenant (<a href="https://blueprints.launchpad.net/keystone/+spec/roles-for-none-tenant" style="color: blue; text-decoration: underline; ">https://blueprints.launchpad.net/keystone/+spec/roles-for-none-tenant</a>)</p>
</div>
</div>
</div>
</span>
<div style="font-size: 14px; "><br>
</div>
<div style="font-size: 14px; "><br>
</div>
<div style="font-size: 14px; ">Updates:</div>
<ul style="margin-bottom: 0in; font-size: 14px; ">
<li>We're now using the Gerrit workflow to integrate with Launchpad: <a href="http://wiki.openstack.org/GerritWorkflow" style="color: blue; text-decoration: underline; ">http://wiki.openstack.org/GerritWorkflow</a></li><li>We're in the process of moving issues to Launchpad (waiting on Launchpad to complete the import). We'll be turning off the github.com/rackspace repo as soon as that is done.</li><li>I'd like to introduce Joe Savak, who has joined the Rackspace team and will be dedicated to Identity (and therefore working closely with the Keystone project)</li></ul>
<div><br>
</div>
<div>A big thank you to everyone who has contributed to the code and setting up the environment so far: THANK YOU!</div>
<span id="OLK_SRC_BODY_SECTION">
<div>
<div lang="EN-US">
<div class="WordSection1">
<div><span class="Apple-style-span" style="font-size: 15px; "><br>
</span></div>
<p class="MsoNormal" style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 14px; font-family: Calibri, sans-serif; ">
We look forward to your continued input and help as we continue to work toward completing the Diablo release. Let us know what you think!</p>
<p class="MsoNormal" style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 14px; font-family: Calibri, sans-serif; ">
</p>
<p class="MsoNormal" style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 14px; font-family: Calibri, sans-serif; ">
Thanks,</p>
<p class="MsoNormal" style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 14px; font-family: Calibri, sans-serif; ">
Ziad & Joe</p>
</div>
</div>
</div>
</span>
<div style="font-size: 14px; "><br>
</div>
<div style="font-size: 14px; "><span class="Apple-style-span" style="color: rgb(51, 51, 51); font-family: sans-serif; font-size: 12px; line-height: 18px; "><b>Keystone v2.0 API</b></span></div>
<div style="font-size: 14px; "><span class="Apple-style-span" style="color: rgb(51, 51, 51); font-family: sans-serif; font-size: 12px; line-height: 18px; ">Service API:</span></div>
<div style="font-size: 14px; "><span class="Apple-style-span" style="color: rgb(51, 51, 51); font-family: sans-serif; font-size: 12px; line-height: 18px; ">
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 1.2em; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; width: auto; max-width: 60em; ">
POST /tokens<br style="max-width: 60em; ">
Returns a token in exchange for valid credentials.</p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 1.2em; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; width: auto; max-width: 60em; ">
GET /tenants<br style="max-width: 60em; ">
Returns a list of tenants for the token provided in the X-Auth-Token header.</p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 1.2em; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; width: auto; max-width: 60em; ">
This implies that a token without a specific tenant returns a list of all tenants<br style="max-width: 60em; ">
associated with the user, and that a token that has a tenant returns the single<br style="max-width: 60em; ">
tenant the token is associated with.</p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 1.2em; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; width: auto; max-width: 60em; ">
Admin API (Superset of Service API):</p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 1.2em; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; width: auto; max-width: 60em; ">
POST /tokens<br style="max-width: 60em; ">
Returns a token in exchange for valid credentials.</p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 1.2em; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; width: auto; max-width: 60em; ">
GET /tokens/{token_id}<br style="max-width: 60em; ">
Validates a token.</p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 1.2em; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; width: auto; max-width: 60em; ">
Returns token expiration, user info, and the user's roles for the given<br style="max-width: 60em; ">
token.</p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 1.2em; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; width: auto; max-width: 60em; ">
HEAD /tokens/{token_id}<br style="max-width: 60em; ">
Validates a token (for performance).</p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 1.2em; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; width: auto; max-width: 60em; ">
GET /tokens/<wbr style="max-width: 60em; ">{token_<wbr style="max-width: 60em; ">id}?belongsTo=<wbr style="max-width: 60em; ">{tenant_<wbr style="max-width: 60em; ">id}<br style="max-width: 60em; ">
Validates that a token belongs to a specific tenant.</p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 1.2em; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; width: auto; max-width: 60em; ">
Returns token expiration, user info, and the user's roles for the given<br style="max-width: 60em; ">
token.</p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 1.2em; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; width: auto; max-width: 60em; ">
HEAD /tokens/<wbr style="max-width: 60em; ">{token_<wbr style="max-width: 60em; ">id}?belongsTo=<wbr style="max-width: 60em; ">{tenant_<wbr style="max-width: 60em; ">id}<br style="max-width: 60em; ">
Validates that a token belongs to a specific tenant (for performance).</p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 1.2em; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; width: auto; max-width: 60em; ">
GET /users/<wbr style="max-width: 60em; ">?username=<wbr style="max-width: 60em; ">{user_name}<br style="max-width: 60em; ">
Returns detailed information about a specific user, by user name.</p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 1.2em; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; width: auto; max-width: 60em; ">
GET /users/{user_id}<br style="max-width: 60em; ">
Returns detailed information about a specific user, by user id.</p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 1.2em; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; width: auto; max-width: 60em; ">
GET /users/<wbr style="max-width: 60em; ">{user_id}<wbr style="max-width: 60em; ">/roles<br style="max-width: 60em; ">
Returns global roles for a specific user (excludes tenant roles).</p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 1.2em; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; width: auto; max-width: 60em; ">
GET /tenants<br style="max-width: 60em; ">
Returns a list of all tenants.</p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 1.2em; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; width: auto; max-width: 60em; ">
GET /tenants/<wbr style="max-width: 60em; ">?name={<wbr style="max-width: 60em; ">tenant_<wbr style="max-width: 60em; ">name}<br style="max-width: 60em; ">
Returns detailed information about a tenant, by name.</p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 1.2em; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; width: auto; max-width: 60em; ">
GET /tenants/<wbr style="max-width: 60em; ">{tenant_<wbr style="max-width: 60em; ">id}<br style="max-width: 60em; ">
Returns detailed information about a tenant, by id.</p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 1.2em; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; width: auto; max-width: 60em; ">
GET /tenants/<wbr style="max-width: 60em; ">{tenant_<wbr style="max-width: 60em; ">id}/endpoints<br style="max-width: 60em; ">
Returns a list of endpoints associated with a specific tenant.</p>
<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 1.2em; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; width: auto; max-width: 60em; ">
GET /tenants/<wbr style="max-width: 60em; ">{tenant_<wbr style="max-width: 60em; ">id}/users/<wbr style="max-width: 60em; ">{user_id}<wbr style="max-width: 60em; ">/roles<br style="max-width: 60em; ">
Returns a list of roles for a user on a specific tenant.</p>
</span></div>
</div>
<font face="monospace">This email may include confidential information. If you received it in error, please delete it.</font></body>
</html>