Open Stack

Your guess is correct. The only calls you should be able to make without having a token are the calls to discover the service (getting version info, WADL contract, dev guide, help, etc…) and to get a token. After that, all other calls require passing in a token.

On the Admin APIs, the token passed in must have the necessary administrative privileges.

To bootstrap Keystone with a blank identity store, you can execute bin/keystone-manage to create your initial administrative identity(ies).

If you use the sample data creation script provided, it will create an admin user (and create a token for that user) which you can use.

We'll clarify that in the dev guide.

Thanks Andi

Ziad

From: Andiabes <andi.abes at gmail.com<mailto:andi.abes at gmail.com>>
Date: Fri, 10 Jun 2011 21:08:18 -0400
To: Ziad Sawalha <ziad.sawalha at rackspace.com<mailto:ziad.sawalha at rackspace.com>>
Cc: "openstack at lists.launchpad.net<mailto:openstack at lists.launchpad.net>" <openstack at lists.launchpad.net<mailto:openstack at lists.launchpad.net>>
Subject: Re: [Openstack] OpenStack Identity: Keystone API Proposal

It might be useful to include in the API guide some information about authentication to keystone itself. I.e when requesting a list of users,tenants etc the requestor should somehow authenticate itself
I'm guessing that the flow involve acquiring a token that authenticates the user to keystone as a user who has privileges to manage the relevant entities.?

Sent from my iPad

On Jun 10, 2011, at 7:24 PM, Ziad Sawalha <ziad.sawalha at rackspace.com<mailto:ziad.sawalha at rackspace.com>> wrote:

Time flies! It's June 10th already. In my last email to this community I had proposed today as the day to lock down the Keystone API so we can finalize implementation by Diablo-D2 (June 30th).

We've been working on this feverishly over the past couple of weeks and have just pushed out a proposed API here:<https://github.com/rackspace/keystone/raw/master/keystone/content/identitydevguide.pdf>https://github.com/rackspace/keystone/raw/master/keystone/content/identitydevguide.pdf

For any and all interested, the original source and code is on Github (<https://github.com/rackspace/keystone/raw/master/keystone/content/identitydevguide.pdf>https://github.com/rackspace/keystone), along with the current implementation of Keystone, examples, sample data, tests, instructions, and all the goodies we could muster to put together. The project also lives on Launchpad at <http://launchpad.net/keystone> http://launchpad.net/keystone.

The API we just put out there is still a proposal. We're going to be focusing on the implementation, but would still love to get community input, feedback, and participation.

Have a great weekend and regards to all,

Ziad





Confidentiality Notice: This e-mail message (including any attached or
embedded documents) is intended for the exclusive and confidential use of the
individual or entity to which this message is addressed, and unless otherwise
expressly indicated, is confidential and privileged information of Rackspace.
Any dissemination, distribution or copying of the enclosed material is prohibited.
If you receive this transmission in error, please notify us immediately by e-mail
at abuse at rackspace.com<mailto:abuse at rackspace.com>, and delete the original message.
Your cooperation is appreciated.


_______________________________________________
Mailing list: <https://launchpad.net/~openstack> https://launchpad.net/~openstack
Post to     : <mailto:openstack at lists.launchpad.net> openstack at lists.launchpad.net<mailto:openstack at lists.launchpad.net>
Unsubscribe : <https://launchpad.net/~openstack> https://launchpad.net/~openstack
More help   : <https://help.launchpad.net/ListHelp> https://help.launchpad.net/ListHelp


Confidentiality Notice: This e-mail message (including any attached or
embedded documents) is intended for the exclusive and confidential use of the
individual or entity to which this message is addressed, and unless otherwise
expressly indicated, is confidential and privileged information of Rackspace.
Any dissemination, distribution or copying of the enclosed material is prohibited.
If you receive this transmission in error, please notify us immediately by e-mail
at abuse at rackspace.com, and delete the original message.
Your cooperation is appreciated.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20110611/46e0061c/attachment.html>