openstack-attic
/
identity-api
Code Issues Proposed changes

Remove ATOM responses for list versions and get version details. 

Once https://review.openstack.org/#/c/110768/ merges,
the JSON and XML list versions responses will update.
Also, other clean-up (formatting, future tense)

Change-Id: If9248bdd9e73ccc7ac7871aa8981925eb5a889d4
Closes-Bug: #1338120
This commit is contained in:
Diane Fleming 2014-07-30 15:33:54 -05:00
parent 83a5fcc0c4
commit a47eba6e4c
9 changed files with 301 additions and 392 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
v2.0/src/ch_identity-client-api.xml
View File

@ -1,12 +1,11 @@
<?xml version='1.0' encoding='UTF-8'?>
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:wadl="http://wadl.dev.java.net/2009/02"
xml:id="Service_API_Client_Operations" version="5.0"
role="api-reference">
<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:svg="http://www.w3.org/2000/svg"
xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns:html="http://www.w3.org/1999/xhtml"
version="5.0" role="api-reference" xml:id="Service_API_Client_Operations">
<title>Client operations</title>
<para>These operations enable clients to get API version and
extension information, and get authentication tokens.</para>
<para>These operations enable clients to get API version and extension information, and get
authentication tokens.</para>
<section xml:id="identity-v2-versions">
<title>API versions</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
@ -40,10 +39,6 @@
href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity.wadl#tokens">
<wadl:method href="#authenticate-v2.0"/>
</wadl:resource>
<!-- <wadl:resource
href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity.wadl#tenants">
<wadl:method href="#listTenants"/>
</wadl:resource>-->
</wadl:resources>
</section>
</chapter>

492
v2.0/src/ch_identity-general-api-info.xml
View File

@ -38,82 +38,80 @@ This operation does not require a request body.</para>'>
</tr>
</thead>'>
]>
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="Overview-Identity-API-d1e62">
<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:svg="http://www.w3.org/2000/svg"
xmlns:html="http://www.w3.org/1999/xhtml" version="5.0" xml:id="general-api-information">
<title>General API information</title>
<para>The OpenStack Identity API is implemented using a RESTful
web service interface. All requests to authenticate and
operate against the OpenStack Identity API should be performed
<para>The OpenStack Identity API is implemented using a RESTful web service interface. All
requests to authenticate and operate against the OpenStack Identity API should be performed
using SSL over HTTP (HTTPS) on TCP port 443.</para>
<xi:include href="section_identity-concepts.xml"/>
<section xml:id="Request_Response_Types-d1e149">
<title>Request and response types</title>
<para>The OpenStack Identity API supports both the JSON and
XML data serialization formats. The request format is
specified using the <code>Content-Type</code> header and
is required for operations that have a request body. The
response format can be specified in requests using either
the <code>Accept</code> header or adding an
<code>.xml</code> or <code>.json</code> extension to
the request URI. Note that it is possible for a response
to be serialized using a format different from the request
(see example below). If no response format is specified,
JSON is the default. If conflicting formats are specified
using both an <code>Accept</code> header and a query
extension, the query extension takes precedence.</para>
<table rules="all">
<caption>Response types</caption>
<thead>
<tr>
<td>Format</td>
<td>Accept Header</td>
<td>Query Extension</td>
<td>Default</td>
</tr>
</thead>
<tbody>
<tr>
<td>JSON</td>
<td>application/json</td>
<td>.json</td>
<td>Yes</td>
</tr>
<tr>
<td>XML</td>
<td>application/xml</td>
<td>.xml</td>
<td>No</td>
</tr>
</tbody>
</table>
<example>
<title>JSON request with headers</title>
<section xml:id="Request_Response_Types-d1e459">
<title>Request and response formats</title>
<para>The OpenStack Identity API supports both JSON and XML data serialization request and
response formats.</para>
<para>Use the <code>Content-Type</code> request header to specify the request format. This
header is required for operations that have a request body.</para>
<para>The syntax for the <code>Content-Type</code> header is:</para>
<programlisting>Content-Type: application/<replaceable>FORMAT</replaceable></programlisting>
<para>Where <replaceable>FORMAT</replaceable> is either <literal>json</literal> or
<literal>xml</literal>.</para>
<para>Use one of the following methods to specify the response format:</para>
<variablelist>
<varlistentry>
<term><code>Accept</code> header</term>
<listitem>
<para>The syntax for the <code>Accept</code> header is:</para>
<programlisting>Accept: application/<replaceable>FORMAT</replaceable></programlisting>
<para>Where <replaceable>FORMAT</replaceable> is either <literal>json</literal>
or <literal>xml</literal>. The default format is
<literal>json</literal>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Query extension</term>
<listitem>
<para>Add an <literal>.xml</literal> or <literal>.json</literal> extension to
the request URI. For example, the <literal>.xml</literal> extension in the
following list servers URI request specifies that the response body is to be
returned in XML format:</para>
<programlisting>&GET; <replaceable>publicURL</replaceable>/servers.xml</programlisting>
</listitem>
</varlistentry>
</variablelist>
<para>If you do not specify a response format, JSON is the default.</para>
<para>If the <code>Accept</code> header and the query extension specify conflicting formats,
the format specified in the query extension takes precedence. For example, if the query
extension is <literal>.xml</literal> and the <code>Accept</code> header specifies
<literal>application/json</literal>, the response is returned in XML format.</para>
<para>You can serialize a response in a different format from the request format.</para>
<para><xref linkend="json-request"/> shows a request body in JSON format and <xref
linkend="xml-response"/> shows a response body in XML format.</para>
<example xml:id="json-request">
<title>Request with headers: JSON</title>
<programlisting language="http"><xi:include href="samples/samplerequestheader.txt" parse="text"/></programlisting>
<programlisting language="json"><xi:include href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/samples/auth_credentials.json" parse="text"/></programlisting>
</example>
<example>
<title>XML response with headers</title>
<para><xref linkend="xml-response"/> shows the headers and XML response returned by the JSON
request:</para>
<example xml:id="xml-response">
<title>Response with headers: XML</title>
<programlisting language="http"><xi:include href="samples/sampleresponseheader.txt" parse="text"/></programlisting>
<programlisting language="xml"><xi:include href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/samples/auth.xml" parse="text"/></programlisting>
</example>
</section>
<section xml:id="Content_Compression-d1e262">
<title>Content compression</title>
<para>Request and response body data may be encoded with gzip
compression in order to accelerate interactive performance
of API calls and responses. This is controlled using the
<code>Accept-Encoding</code> header on the request
from the client and indicated by the
<code>Content-Encoding</code> header in the server
response. Unless the header is explicitly set, encoding
defaults to disabled.</para>
<para>Request and response body data may be encoded with gzip compression in order to
accelerate interactive performance of API calls and responses. This is controlled using
the <code>Accept-Encoding</code> header on the request from the client and indicated by
the <code>Content-Encoding</code> header in the server response. Unless the header is
explicitly set, encoding defaults to disabled.</para>
<table rules="all">
<caption>Compression headers</caption>
<thead>
<tr>
<td>Header Type</td>
<td>Header type</td>
<td>Name</td>
<td>Value</td>
</tr>
@ -134,60 +132,47 @@ This operation does not require a request body.</para>'>
</section>
<section xml:id="Paginated_Collections-d1e325">
<title>Paginated collections</title>
<para>To reduce load on the service, list operations return a
maximum number of items at a time. The maximum number of
items returned is determined by the Identity provider. To
navigate the collection, you can set the
<parameter>limit</parameter> and
<parameter>marker</parameter> parameters in the URI.
For example,
?<parameter>limit</parameter>=100&amp;<parameter>marker</parameter>=1234.
The <parameter>marker</parameter> parameter is the ID of
the last item in the previous list. Items are sorted by
update time. When an update time is not available they are
sorted by ID. The <parameter>limit</parameter> parameter
sets the page size. Both parameters are optional. If the
client requests a <parameter>limit</parameter> beyond that
which is supported by the deployment an overLimit
(<errorcode>413</errorcode>) fault might be thrown. A
marker with an invalid ID will return an itemNotFound
(<errorcode>404</errorcode>) fault.</para>
<para>To reduce load on the service, list operations return a maximum number of items at a
time. The maximum number of items returned is determined by the Identity provider. To
navigate the collection, you can set the <parameter>limit</parameter> and
<parameter>marker</parameter> parameters in the URI. For example,
?<parameter>limit</parameter>=100&amp;<parameter>marker</parameter>=1234. The
<parameter>marker</parameter> parameter is the ID of the last item in the previous
list. Items are sorted by update time. When an update time is not available they are
sorted by ID. The <parameter>limit</parameter> parameter sets the page size. Both
parameters are optional. If the client requests a <parameter>limit</parameter> beyond
that which is supported by the deployment an <errorname>overLimit</errorname>
(<errorcode>413</errorcode>) fault might be thrown. A marker with an invalid ID
returns an <errorname>itemNotFound</errorname> (<errorcode>404</errorcode>)
fault.</para>
<note>
<para>Paginated collections never return itemNotFound
(<errorcode>404</errorcode>) faults when the
collection is empty &mdash; clients should expect an
empty collection.</para>
<para>Paginated collections never return itemNotFound (<errorcode>404</errorcode>)
faults when the collection is empty &mdash; clients should expect an empty
collection.</para>
</note>
<para>For convenience, collections contain atom "next" and
"previous" links. The first page in the list will not
contain a "previous" link, the last page in the list will
not contain a "next" link. The following examples
illustrate three pages in a collection of tenants. The
first page was retrieved through a &GET; to
http://identity.api.openstack.org/v2.0/1234/tenants?limit=1.
In these examples, the <parameter>limit</parameter>
parameter sets the page size to a single item. Subsequent
"next" and "previous" links will honor the initial page
size. Thus, a client might follow links to traverse a
paginated collection without having to input the
<parameter>marker</parameter> parameter.</para>
<para>For convenience, collections contain atom "next" and "previous" links. The first page
in the list does not contain a <literal>previous</literal> link, the last page in the
list does not contain a <literal>next</literal> link. The following examples illustrate
three pages in a collection of tenants. The first page was retrieved through a &GET; to
<literal>http://identity.api.openstack.org/v2.0/1234/tenants?limit=1</literal>. In
these examples, the <parameter>limit</parameter> parameter sets the page size to a
single item. Subsequent <literal>next</literal> and <literal>previous</literal> links
honor the initial page size. Thus, a client might follow links to traverse a paginated
collection without having to input the <parameter>marker</parameter> parameter.</para>
<example>
<title>Tenant collection, first page: XML response</title>
<programlisting language="xml"><xi:include href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/samples/tenants-1.xml" parse="text"/></programlisting>
</example>
<example>
<title>Tenant collection, first page: JSON
response</title>
<title>Tenant collection, first page: JSON response</title>
<programlisting language="json"><xi:include href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/samples/tenants-1.json" parse="text"/></programlisting>
</example>
<example>
<title>Tenant collection, second page: XML
response</title>
<title>Tenant collection, second page: XML response</title>
<programlisting language="xml"><xi:include href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/samples/tenants-2.xml" parse="text"/></programlisting>
</example>
<example>
<title>Tenant collection, second page: JSON
response</title>
<title>Tenant collection, second page: JSON response</title>
<programlisting language="json"><xi:include href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/samples/tenants-2.json" parse="text"/></programlisting>
</example>
<example>
@ -198,16 +183,13 @@ This operation does not require a request body.</para>'>
<title>Tenant collection, last page: JSON response</title>
<programlisting language="json"><xi:include href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/samples/tenants-3.json" parse="text"/></programlisting>
</example>
<para>In the JSON representation, paginated collections
contain a <property>values</property> property that
contains the items in the collections. Links are accessed
via the <property>links</property> property. The approach
allows for extensibility of both the collection members
and of the paginated collection itself. It also allows
collections to be embedded in other objects as illustrated
below. Here, a subset of groups are presented within a
user. Clients must follow the "next" link to continue to
retrieve additional groups belonging to a user.</para>
<para>In the JSON representation, paginated collections contain a
<property>values</property> property that contains the items in the collections.
Links are accessed via the <property>links</property> property. The approach allows for
extensibility of both the collection members and of the paginated collection itself. It
also allows collections to be embedded in other objects as illustrated below. Here, a
subset of groups are presented within a user. Clients must follow the "next" link to
continue to retrieve additional groups belonging to a user.</para>
<example>
<title>Paginated roles in user: XML response</title>
<programlisting language="xml"><xi:include href="samples/getuser-1.xml" parse="text"/></programlisting>
@ -219,19 +201,15 @@ This operation does not require a request body.</para>'>
</section>
<section xml:id="Versions-d1e472">
<title>Versions</title>
<para>The OpenStack Identity API uses both a URI and a MIME
type versioning scheme. In the URI scheme, the first
element of the path contains the target version identifier
(for example, https://identity.api.openstack.org/
v2.0/&hellip;). The MIME type versioning scheme uses HTTP
content negotiation where the <code>Accept</code> or
<code>Content-Type</code> headers contains a MIME type
that includes the version ID as a parameter
(application/vnd.openstack.identity+xml;version=1.1). A
version MIME type is always linked to a base MIME type
(application/xml or application/json). If conflicting
versions are specified using both an HTTP header and a
URI, the URI takes precedence.</para>
<para>The OpenStack Identity API uses both a URI and a MIME type versioning scheme. In the
URI scheme, the first element of the path contains the target version identifier (for
example, https://identity.api.openstack.org/ v2.0/&hellip;). The MIME type versioning
scheme uses HTTP content negotiation where the <code>Accept</code> or
<code>Content-Type</code> headers contains a MIME type that includes the version ID
as a parameter (application/vnd.openstack.identity+xml;version=1.1). A version MIME type
is always linked to a base MIME type (application/xml or application/json). If
conflicting versions are specified using both an HTTP header and a URI, the URI takes
precedence.</para>
<example>
<title>Request with MIME type versioning</title>
<literallayout class="monospaced">GET /tenants HTTP/1.1
@ -244,86 +222,62 @@ X-Auth-Token: eaaafd18-0fed-4b3a-81b4-663c99ec1cbb</literallayout>
<literallayout class="monospaced">GET /v1.1/tenants HTTP/1.1
Host: identity.api.openstack.org
Accept: application/xml
X-Auth-Token: eaaafd18-0fed-4b3a-81b4-663c99ec1cbb </literallayout>
X-Auth-Token: eaaafd18-0fed-4b3a-81b4-663c99ec1cbb</literallayout>
</example>
<note>
<para>The MIME type versioning approach allows for the
creation of permanent links, because the version
scheme is not specified in the URI path:
https://api.identity.openstack.org/tenants/12234.
</para>
<para>The MIME type versioning approach allows for the creation of permanent links,
because the version scheme is not specified in the URI path:
<literal>https://api.identity.openstack.org/tenants/12234</literal>.</para>
</note>
<para>If a request is made without a version specified in the
URI or via HTTP headers, then a multiple-choices response
(<returnvalue>300</returnvalue>) will follow providing
links and MIME types to available versions.</para>
<para>If a request is made without a version specified in the URI or through HTTP headers, a
multiple-choices response (<returnvalue>300</returnvalue>) provides links and MIME types
to available versions.</para>
<example>
<title>Multiple choices response: XML</title>
<title>Multiple choices: XML response</title>
<programlisting language="xml"><xi:include href="samples/choices.xml" parse="text"/></programlisting>
</example>
<example>
<title>Multiple choices response: JSON</title>
<title>Multiple choices: JSON response</title>
<programlisting language="json"><xi:include href="samples/choices.json" parse="text"/></programlisting>
</example>
<para>New features and functionality that do not break
API-compatibility will be introduced in the current
version of the API as extensions (see below) and the URI
and MIME types will remain unchanged. Features or
functionality changes that would necessitate a break in
API-compatibility will require a new version, which will
result in URI and MIME type version being updated
accordingly. When new API versions are released, older
versions will be marked as <code>DEPRECATED</code>.
Providers should work with developers and partners to
ensure there is adequate time to migrate to the new
version before deprecated versions are
discontinued.</para>
<para>Your application can programmatically determine
available API versions by performing a &GET; on the root
URL (such as, with the version and everything to the right
of it truncated) returned from the authentication system.
Note that an Atom representation of the versions resources
is supported when issuing a request with the
<code>Accept</code> header containing
application/atom+xml or by adding a .atom to the request
URI. This allows standard Atom clients to track version
changes.</para>
<para>New features and functionality that do not break API-compatibility are introduced in
the current version of the API as extensions (see the following section) and the URI and
MIME types remain unchanged. Features or functionality changes that would necessitate a
break in API-compatibility require a new version, which results in URI and MIME type
versions being updated accordingly. When new API versions are released, older versions
are marked as <code>DEPRECATED</code>. Providers should work with developers and
partners to ensure adequate migration time to the new version before deprecated versions
are discontinued.</para>
<para>Your application can programmatically determine available API versions by performing a
&GET; on the root URL (such as, with the version and everything to the right of it
truncated) returned from the authentication system. Note that an Atom representation of
the versions resources is supported when issuing a request with the <code>Accept</code>
header containing application/atom+xml or by adding a .atom to the request URI. This
enables standard Atom clients to track version changes.</para>
<example>
<title>List versions: HTTP request</title>
<literallayout class="monospaced">GET HTTP/1.1
Host: identity.api.openstack.org</literallayout>
</example>
<simpara>&CODES;<returnvalue>200</returnvalue>,
<returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; badRequest
(<errorcode>400</errorcode>), identityFault
<simpara>&CODES;<returnvalue>200</returnvalue>, <returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; badRequest (<errorcode>400</errorcode>), identityFault
(<errorcode>500</errorcode>),
serviceUnavailable(<errorcode>503</errorcode>)</simpara>
&NO_REQUEST; <example>
serviceUnavailable(<errorcode>503</errorcode>)</simpara> &NO_REQUEST; <example>
<title>List versions: XML response</title>
<programlisting language="xml"><xi:include href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/samples/versions.xml" parse="text"/></programlisting>
</example>
<example>
<title>List versions: Atom response</title>
<programlisting language="xml"><xi:include href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/samples/versions-atom.xml" parse="text"/></programlisting>
</example>
<example>
<title>List versions: JSON response</title>
<programlisting language="json"><xi:include href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/samples/versions.json" parse="text"/></programlisting>
</example>
<para>You can also obtain additional information about a
specific version by performing a &GET; on the base version
URL (for example,
https://identity.api.openstack.org/v1.1/). Version request
URLs should always end with a trailing slash (/). If the
slash is omitted, the server might respond with a
<returnvalue>302</returnvalue> redirection request.
Format extensions might be placed after the slash (for
example, https://identity.api.openstack.org/v1.1/.xml).
Note that this is a special case that does not hold true
for other API requests. In general, requests such as
/tenants.xml and /tenants/.xml are handled
equivalently.</para>
<para>You can also obtain additional information about a specific version by performing a
&GET; on the base version URL (for example, https://identity.api.openstack.org/v1.1/).
Version request URLs should always end with a trailing slash (/). If the slash is
omitted, the server might respond with a <returnvalue>302</returnvalue> redirection
request. Format extensions might be placed after the slash (for example,
https://identity.api.openstack.org/v1.1/.xml). Note that this is a special case that
does not hold true for other API requests. In general, requests such as /tenants.xml and
/tenants/.xml are handled equivalently.</para>
<example>
<title>Get version details: HTTP request</title>
<literallayout class="monospaced">
@ -331,47 +285,34 @@ GET HTTP/1.1
Host: identity.api.openstack.org/v1.1/
</literallayout>
</example>
<simpara>&CODES;<returnvalue>200</returnvalue>,
<returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; badRequest
(<errorcode>400</errorcode>), identityFault
<simpara>&CODES;<returnvalue>200</returnvalue>, <returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; badRequest (<errorcode>400</errorcode>), identityFault
(<errorcode>500</errorcode>),
serviceUnavailable(<errorcode>503</errorcode>)</simpara>
&NO_REQUEST; <example>
serviceUnavailable(<errorcode>503</errorcode>)</simpara> &NO_REQUEST; <example>
<title>Get version details: XML response</title>
<programlisting language="xml"><xi:include href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/samples/version.xml" parse="text"/></programlisting>
</example>
<example>
<title>Get version details: Atom response</title>
<programlisting language="xml"><xi:include href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/samples/version-atom.xml" parse="text"/></programlisting>
</example>
<example>
<title>Get version details: JSON response</title>
<programlisting language="json"><xi:include href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/samples/version.json" parse="text"/></programlisting>
</example>
<para>The detailed version response contains pointers to both
a human-readable and a machine-processable description of
the API service. The machine-processable description is
written in the Web Application Description Language
(WADL).</para>
<para>The detailed version response contains pointers to both a human-readable and a
machine-processable description of the API service. The machine-processable description
is written in the Web Application Description Language (WADL).</para>
<note>
<para>If there is a discrepancy between the two
specifications, the WADL is authoritative as it
contains the most accurate and up-to-date description
of the API service.</para>
<para>If there is a discrepancy between the two specifications, the WADL is
authoritative as it contains the most accurate and up-to-date description of the API
service.</para>
</note>
</section>
<section xml:id="Extensions-d1e688">
<title>Extensions</title>
<para>The OpenStack Identity API is extensible. Extensions
serve two purposes: They allow the introduction of new
features in the API without requiring a version change and
they allow the introduction of vendor specific niche
functionality. Applications can programmatically determine
what extensions are available by performing a &GET; on the
/extensions URI. Note that this is a versioned request
&mdash; that is, an extension available in one API version
might not be available in another.</para>
<para>The OpenStack Identity API is extensible. Extensions serve two purposes: They allow
the introduction of new features in the API without requiring a version change and they
allow the introduction of vendor specific niche functionality. Applications can
programmatically determine what extensions are available by performing a &GET; on the
/extensions URI. Note that this is a versioned request &mdash; that is, an extension
available in one API version might not be available in another.</para>
<informaltable rules="all">
<thead>
<tr>
@ -384,34 +325,29 @@ Host: identity.api.openstack.org/v1.1/
<tr>
<td colspan="1">&GET;</td>
<td colspan="2">/extensions</td>
<td colspan="3">Returns a list of available
extensions</td>
<td colspan="3">Returns a list of available extensions</td>
</tr>
</tbody>
</informaltable>
<simpara>&CODES;<returnvalue>200</returnvalue>,
<returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; badRequest
(<errorcode>400</errorcode>), identityFault
<simpara>&CODES;<returnvalue>200</returnvalue>, <returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; badRequest (<errorcode>400</errorcode>), identityFault
(<errorcode>500</errorcode>),
serviceUnavailable(<errorcode>503</errorcode>)</simpara>
&NO_REQUEST; <para>Each extension is identified by two unique
identifiers, a <property>namespace</property> and an
<property>alias</property>. Additionally an extension
contains documentation links in various formats.</para>
serviceUnavailable(<errorcode>503</errorcode>)</simpara> &NO_REQUEST; <para>Each
extension is identified by two unique identifiers, a <property>namespace</property> and
an <property>alias</property>. Additionally an extension contains documentation links in
various formats.</para>
<example>
<title>List extensions: XML</title>
<title>List extensions: XML response</title>
<programlisting language="xml"><xi:include href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/samples/extensions.xml" parse="text"/></programlisting>
</example>
<example>
<title>List extensions: JSON</title>
<title>List extensions: JSON response</title>
<programlisting language="json"><xi:include href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/samples/extensions.json" parse="text"/></programlisting>
</example>
<para>Extensions might also be queried individually by their
unique alias. This provides the simplest method of
checking if an extension is available as an unavailable
extension will issue an itemNotFound
(<errorcode>404</errorcode>) response.</para>
<para>Extensions might also be queried individually by their unique alias. This provides the
simplest method of checking if an extension is available as an unavailable extension
issues an <errorname>itemNotFound</errorname> (<errorcode>404</errorcode>)
response.</para>
<informaltable rules="all">
<thead>
<tr>
@ -423,90 +359,72 @@ Host: identity.api.openstack.org/v1.1/
<tbody>
<tr>
<td colspan="1">&GET;</td>
<td colspan="2"
>/extensions/<parameter>alias</parameter></td>
<td colspan="3">Return details of a single
extension</td>
<td colspan="2">/extensions/<parameter>alias</parameter></td>
<td colspan="3">Return details of a single extension</td>
</tr>
</tbody>
</informaltable>
<simpara>&CODES;<returnvalue>200</returnvalue>,
<returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; itemNotFound
(<errorcode>404</errorcode>), badRequest
(<errorcode>400</errorcode>), identityFault
(<errorcode>500</errorcode>),
serviceUnavailable(<errorcode>503</errorcode>)</simpara>
&NO_REQUEST; <example>
<title>List extensions: XML response</title>
<simpara>&CODES;<returnvalue>200</returnvalue>, <returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; itemNotFound (<errorcode>404</errorcode>), badRequest
(<errorcode>400</errorcode>), identityFault (<errorcode>500</errorcode>),
serviceUnavailable(<errorcode>503</errorcode>)</simpara> &NO_REQUEST; <example>
<title>Show extension details: XML response</title>
<programlisting language="xml"><xi:include href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/samples/extension.xml" parse="text"/></programlisting>
</example>
<example>
<title>List extensions: JSON response</title>
<title>Show extension details: JSON response</title>
<programlisting language="json"><xi:include href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/samples/extension.json" parse="text"/></programlisting>
</example>
<para>Extensions can define new data types, parameters,
actions, headers, states, and resources. In XML,
additional elements and attributes might be defined. These
elements must be defined in the extension's namespace. In
JSON, the alias must be used. The volumes element in the
<xref linkend="UserEXT"
xrefstyle="template: Examples %n"/> and <xref
linkend="UserEXTJ" xrefstyle="select: labelnumber"/>
is defined in the <code>RS-META</code> namespace. Extended
headers are always prefixed with <code>X-</code> followed
by the alias and a dash: (<code>X-RS-META-HEADER1</code>).
Parameters must be prefixed with the extension alias
followed by a colon.</para>
<para>Extensions can define new data types, parameters, actions, headers, states, and
resources. In XML, additional elements and attributes might be defined. These elements
must be defined in the extension's namespace. In JSON, the alias must be used. The
volumes element in the <xref linkend="UserEXT" xrefstyle="template: Examples %n"/> and
<xref linkend="UserEXTJ" xrefstyle="select: labelnumber"/> is defined in the
<code>RS-META</code> namespace. Extended headers are always prefixed with
<code>X-</code> followed by the alias and a dash: (<code>X-RS-META-HEADER1</code>).
Parameters must be prefixed with the extension alias followed by a colon.</para>
<important>
<para>Applications should be prepared to ignore response
data that contains extension elements. Also,
applications should also verify that an extension is
available before submitting an extended
request.</para>
<para>Applications should ignore response data that contains extension elements. Also,
applications should also verify that an extension is available before submitting an
extended request.</para>
</important>
<example xml:id="UserEXT">
<title>Extended User Response: XML</title>
<title>Show user details: XML response</title>
<programlisting language="xml"><xi:include href="samples/ext-getuser.xml" parse="text"/></programlisting>
</example>
<example xml:id="UserEXTJ">
<title>Extended User Response: JSON</title>
<title>Show user details: JSON response</title>
<programlisting language="json"><xi:include href="samples/ext-getuser.json" parse="text"/></programlisting>
</example>
</section>
<section xml:id="Faults-d1e908">
<title>Faults</title>
<para>When an error occurs, the system returns an HTTP error
response code denoting the type of error. The system also
returns additional information about the fault in the body
of the response.</para>
<para>When an error occurs, the system returns an HTTP error response code denoting the type
of error. The system also returns additional information about the fault in the body of
the response.</para>
<example>
<title>XML Fault Response</title>
<title>Identity fault: XML response</title>
<programlisting language="xml"><xi:include href="samples/identity_fault.xml" parse="text"/></programlisting>
</example>
<example>
<title>JSON Fault Response</title>
<title>Identity fault: JSON response</title>
<programlisting language="json"><xi:include href="samples/identity_fault.json" parse="text"/></programlisting>
</example>
<para>The error code is returned in the body of the response
for convenience. The message section returns a human
readable message. The details section is optional and
might contain useful information for tracking down an
error (such as, a stack trace).</para>
<para>The root element of the fault (for example,
identityFault) might change depending on the type of
error. The following is an example of an itemNotFound
error.</para>
<para>The response body returns the error code for convenience. The message section returns
a human readable message. The details section is optional and might contain useful
information for tracking down an error (such as, a stack trace).</para>
<para>The root element of the fault (for example, <errorname>identityFault</errorname>)
might change depending on the type of error. The following is an example of an
<errorname>itemNotFound</errorname> error.</para>
<example>
<title>XML Not Found Fault</title>
<title>itemNotFound fault: XML response</title>
<programlisting language="xml"><xi:include href="samples/item_not_found.xml" parse="text"/></programlisting>
</example>
<example>
<title>JSON Not Found Fault</title>
<title>itemNotFound fault: JSON response</title>
<programlisting language="json"><xi:include href="samples/item_not_found.json" parse="text"/></programlisting>
</example>
<para>The following list shows the possible fault types with
associated error codes.</para>
<para>The following table shows the possible fault types with associated error codes:</para>
<table rules="all">
<caption>Fault types</caption>
<thead>
@ -564,12 +482,10 @@ Host: identity.api.openstack.org/v1.1/
</tr>
</tbody>
</table>
<para>From an XML schema perspective, all API faults are
extensions of the base fault type
<type>identityFault</type>. When working with a system
that binds XML to actual classes (such as JAXB), one
should be capable of using <type>identityFault</type> as a
“catch-all” if there&apos;s no interest in distinguishing
between individual fault types.</para>
<para>From an XML schema perspective, all API faults are extensions of the base
<errorname>identityFault</errorname> fault type. When working with a system that
binds XML to actual classes (such as JAXB), one should be capable of using
<errorname>identityFault</errorname> as a “catch-all” if there&apos;s no interest in
distinguishing between individual fault types.</para>
</section>
</chapter>

66
v2.0/src/ch_identity-service-api.xml
View File

@ -8,28 +8,23 @@
xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns:html="http://www.w3.org/1999/xhtml"
xml:id="Service_API_Admin_Operations" version="5.0" role="api-reference">
<title>Administrative operations</title>
<para>The OpenStack Identity API administrative operations enable
service developers to get and validate access tokens, manage
users, tenants, roles, and service endpoints.</para>
<para>Most administrative API calls require authentication. The
only calls available without authentication are the calls to
discover the service &ndash; getting version info, WADL
contract, dev guide, help, and so on &ndash; and the call to
authenticate and get a token.</para>
<para>Authentication is performed by passing in a valid token in
the <code>X-Auth-Token</code> header on the request from the
client. The Identity API verifies that the token has, or
belongs to a user that has, the <code>Admin</code>
role.</para>
<para>For information about how to create your first
administrator, see the <link
xlink:href="http://docs.openstack.org/admin-guide-cloud/content/"
><citetitle>OpenStack Cloud Administrator
Guide</citetitle></link>.</para>
<para>The OpenStack Identity API administrative operations enable service developers to get and
validate access tokens, manage users, tenants, roles, and service endpoints.</para>
<para>Most administrative API calls require authentication. The only calls available without
authentication are the calls to discover the service &ndash; getting version info, WADL
contract, dev guide, help, and so on &ndash; and the call to authenticate and get a
token.</para>
<para>Authentication is performed by passing in a valid token in the <code>X-Auth-Token</code>
header on the request from the client. The Identity API verifies that the token has, or
belongs to a user that has, the <code>Admin</code> role.</para>
<para>For information about how to create your first administrator, see the <link
xlink:href="http://docs.openstack.org/admin-guide-cloud/content/"><citetitle>OpenStack
Cloud Administrator Guide</citetitle></link>.</para>
<section xml:id="admin-versions">
<title>Versions</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-version">
<wadl:resource
href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-version">
<wadl:method href="#admin-getVersionInfo"/>
</wadl:resource>
</wadl:resources>
@ -37,10 +32,12 @@
<section xml:id="admin-extensions">
<title>Extensions</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-extensions">
<wadl:resource
href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-extensions">
<wadl:method href="#admin-listExtensions-v2.0"/>
</wadl:resource>
<wadl:resource href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-extension">
<wadl:resource
href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-extension">
<wadl:method href="#admin-getExtension-v2.0"/>
</wadl:resource>
</wadl:resources>
@ -48,10 +45,12 @@
<section xml:id="admin-tokens">
<title>Tokens</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-tokens">
<wadl:resource
href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-tokens">
<wadl:method href="#admin-authenticate"/>
</wadl:resource>
<wadl:resource href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-tokenById">
<wadl:resource
href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-tokenById">
<wadl:method href="#admin-validateToken"/>
<wadl:method href="#admin-checkToken"/>
</wadl:resource>
@ -60,20 +59,25 @@
<section xml:id="admin-users">
<title>Users</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-users">
<wadl:resource
href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-users">
<wadl:method href="#admin-addUser"/>
</wadl:resource>
<wadl:resource href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-userId">
<wadl:resource
href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-userId">
<wadl:method href="#admin-updateUser"/>
<wadl:method href="#admin-deleteUser"/>
</wadl:resource>
<wadl:resource href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-name">
<wadl:resource
href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-name">
<wadl:method href="#admin-getUserByName"/>
</wadl:resource>
<wadl:resource href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-userid">
<wadl:resource
href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-userid">
<wadl:method href="#admin-getUserById"/>
</wadl:resource>
<wadl:resource href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-userRoles">
<wadl:resource
href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-userRoles">
<wadl:method href="#admin-listUserGlobalRoles"/>
</wadl:resource>
</wadl:resources>
@ -81,11 +85,13 @@
<section xml:id="admin-tenants">
<title>Tenants</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-tenants">
<wadl:resource
href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-tenants">
<wadl:method href="#admin-listTenants"/>
<wadl:method href="#admin-getTenantByName"/>
</wadl:resource>
<wadl:resource href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-tenantById">
<wadl:resource
href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/identity-admin.wadl#admin-tenantById">
<wadl:method href="#admin-getTenantById"/>
</wadl:resource>
<wadl:resource

39
v2.0/src/identity-dev-guide.xml
View File

@ -1,12 +1,8 @@
<?xml version='1.0' encoding='UTF-8'?>
<book xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:html="http://www.w3.org/1999/xhtml" version="5.0"
xml:id="Identity-Developer-Guide">
<book xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:svg="http://www.w3.org/2000/svg"
xmlns:html="http://www.w3.org/1999/xhtml" version="5.0" xml:id="Identity-Developer-Guide">
<title>OpenStack Identity API v2.0 Reference</title>
<?rax title.font.size="26px" subtitle.font.size="26px"?>
<titleabbrev>Identity API Reference</titleabbrev>
<info>
<author>
@ -31,18 +27,26 @@
<pubdate/>
<legalnotice role="apache2">
<annotation>
<remark>Copyright details are filled in by the
template.</remark>
<remark>Copyright details are filled in by the template.</remark>
</annotation>
</legalnotice>
<abstract>
<para>This document describes how to develop applications
that use the OpenStack Identity API v2.0 for
authentication. This document also describes how to
integrate services with the OpenStack Identity API
v2.0.</para>
<para>This document describes how to develop applications that use the OpenStack
Identity API v2.0 for authentication. This document also describes how to integrate
services with the OpenStack Identity API v2.0.</para>
</abstract>
<revhistory>
<revision>
<date>2014-07-29</date>
<revdescription>
<itemizedlist>
<listitem>
<para>Removed ATOM responses for list versions and get version details
calls.</para>
</listitem>
</itemizedlist>
</revdescription>
</revision>
<revision>
<date>2014-07-20</date>
<revdescription>
@ -58,8 +62,8 @@
<revdescription>
<itemizedlist>
<listitem>
<para>Added missing code samples and
request parameter descriptions.</para>
<para>Added missing code samples and request parameter
descriptions.</para>
</listitem>
</itemizedlist>
</revdescription>
@ -69,8 +73,7 @@
<revdescription>
<itemizedlist>
<listitem>
<para>Added back missing client operations
and extensions.</para>
<para>Added back missing client operations and extensions.</para>
</listitem>
</itemizedlist>
</revdescription>

42
v2.0/src/samples/choices.xml
View File

@ -1,38 +1,30 @@
<?xml version="1.0" encoding="utf-8"?>
<choices
xmlns="http://docs.openstack.org/common/api/v1.0"
xmlns:atom="http://www.w3.org/2005/Atom">
<choices xmlns="http://docs.openstack.org/common/api/v1.0" xmlns:atom="http://www.w3.org/2005/Atom">
<version id="v1.0" status="DEPRECATED">
<media-types>
<media-type
base="application/xml"
type="application/vnd.openstack.identity+xml;version=1.0" />
<media-type
base="application/json"
type="application/vnd.openstack.identity+json;version=1.0" />
<media-type base="application/xml"
type="application/vnd.openstack.identity+xml;version=1.0"/>
<media-type base="application/json"
type="application/vnd.openstack.identity+json;version=1.0"/>
</media-types>
<atom:link rel="self" href="http://identity.api.openstack.org/v1.0" />
<atom:link rel="self" href="http://identity.api.openstack.org/v1.0"/>
</version>
<version id="v1.1" status="CURRENT">
<media-types>
<media-type
base="application/xml"
type="application/vnd.openstack.identity+xml;version=1.1" />
<media-type
base="application/json"
type="application/vnd.openstack.identity+json;version=1.1" />
<media-type base="application/xml"
type="application/vnd.openstack.identity+xml;version=1.1"/>
<media-type base="application/json"
type="application/vnd.openstack.identity+json;version=1.1"/>
</media-types>
<atom:link rel="self" href="http://identity.api.openstack.org/v1.1" />
<atom:link rel="self" href="http://identity.api.openstack.org/v1.1"/>
</version>
<version id="v2.0" status="BETA">
<media-types>
<media-type
base="application/xml"
type="application/vnd.openstack.identity+xml;version=2.0" />
<media-type
base="application/json"
type="application/vnd.openstack.identity+json;version=2.0" />
<media-type base="application/xml"
type="application/vnd.openstack.identity+xml;version=2.0"/>
<media-type base="application/json"
type="application/vnd.openstack.identity+json;version=2.0"/>
</media-types>
<atom:link rel="self" href="http://identity.api.openstack.org/v2.0" />
<atom:link rel="self" href="http://identity.api.openstack.org/v2.0"/>
</version>
</choices>
</choices>

10
v2.0/src/samples/ext-getuser.xml
View File

@ -1,10 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
<user xmlns="http://docs.openstack.org/identity/api/v2.0"
enabled="true" email="john.smith@example.org"
id="u1000" username="jqsmith">
<metadata
xmlns="http://docs.rackspacecloud.com/identity/api/ext/meta/v2.0">
<user xmlns="http://docs.openstack.org/identity/api/v2.0" enabled="true"
email="john.smith@example.org" id="u1000" username="jqsmith">
<metadata xmlns="http://docs.rackspacecloud.com/identity/api/ext/meta/v2.0">
<meta key="MetaKey1">MetaValue1</meta>
<meta key="MetaKey2">MetaValue2</meta>
</metadata>
</user>
</user>

14
v2.0/src/samples/getuser-1.xml
View File

@ -1,13 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?>
<user xmlns="http://docs.openstack.org/identity/api/v2.0"
xmlns:atom="http://www.w3.org/2005/Atom"
enabled="true" email="john.smith@example.org"
username="jqsmith" id="u1000">
<user xmlns="http://docs.openstack.org/identity/api/v2.0" xmlns:atom="http://www.w3.org/2005/Atom"
enabled="true" email="john.smith@example.org" username="jqsmith" id="u1000">
<roles xmlns="http://docs.openstack.org/identity/api/ext/role">
<role tenantId="1234" id="Admin"/>
<role tenantId="1234" id="DBUser"/>
<atom:link
rel="next"
href="http://identity.api.openstack.org/v2.0/tenants/1234/users/u1000/groups?marker=Super"/>
<atom:link rel="next"
href="http://identity.api.openstack.org/v2.0/tenants/1234/users/u1000/groups?marker=Super"
/>
</roles>
</user>
</user>

9
v2.0/src/samples/identity_fault.xml
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<identityFault xmlns="http://docs.openstack.org/identity/api/v2.0"
code="500">
<message>Fault</message>
<details>Error Details...</details>
</identityFault>
<identityFault xmlns="http://docs.openstack.org/identity/api/v2.0" code="500">
<message>Fault</message>
<details>Error Details...</details>
</identityFault>

4
v2.0/src/section_identity-concepts.xml
View File

@ -1,7 +1,9 @@
<?xml version="1.0" encoding="UTF-8"?>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:html="http://www.w3.org/1999/xhtml" version="5.0"
xml:id="Identity-Concepts-e1362">
<title>Identity concepts</title>
<para>To use OpenStack Identity, you must be familiar with these