keystone  18.0.0
About: OpenStack Keystone (Core Service: Identity) provides an authentication and authorization service for other OpenStack services. Provides a catalog of endpoints for all OpenStack services.
The "Victoria" series (maintained release).
  Fossies Dox: keystone-18.0.0.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

domains-config-v3.inc
Go to the documentation of this file.
1 .. -*- rst -*-
2 
3 ======================
4  Domain configuration
5 ======================
6 
7 You can manage domain-specific configuration options.
8 
9 Domain-specific configuration options are structured within their
10 group objects. The API supports only the ``identity`` and ``ldap``
11 groups. These groups override the default configuration settings
12 for the storage of users and groups by the Identity server.
13 
14 You can create, update, and delete domain-specific configuration
15 options by using the HTTP PUT , PATCH , and DELETE methods. When
16 updating, it is only necessary to include those options that are
17 being updated.
18 
19 To create an option, use the PUT method. The Identity API does not
20 return options that are considered sensitive, although you can
21 create and update these options. The only option currently
22 considered sensitive is the ``password`` option within the ``ldap``
23 group.
24 
25 The API enables you to include sensitive options as part of non-
26 sensitive options. For example, you can include the password as
27 part of the ``url`` option.
28 
29 If you try to create or update configuration options for groups
30 other than the ``identity`` or ``ldap`` groups, the ``Forbidden
31 (403)`` response code is returned.
32 
33 For information about how to integrate the Identity service with
34 LDAP, see `Integrate Identity with LDAP
35 <https://docs.openstack.org/keystone/latest/admin/integrate-with-ldap.html>`_.
36 
37 Show default configuration settings
38 ===================================
39 
40 .. rest_method:: GET /v3/domains/config/default
41 
42 The default configuration settings for the options that can be overridden
43 can be retrieved.
44 
45 Relationship:
46 ``https://docs.openstack.org/api/openstack-identity/3/rel/domain_config_default``
47 
48 Response
49 --------
50 
51 Parameters
52 ~~~~~~~~~~
53 
54 .. rest_parameters:: parameters.yaml
55 
56  - config: domain_config
57  - ldap: domain_ldap
58  - url: domain_url
59  - user_tree_dn: domain_user_tree_dn
60  - identity: identity
61  - driver: domain_driver
62 
63 Example
64 ~~~~~~~
65 
66 .. literalinclude:: ./samples/admin/domain-config-default-response.json
67  :language: javascript
68 
69 
70 Show default configuration for a group
71 ======================================
72 
73 .. rest_method:: GET /v3/domains/config/{group}/default
74 
75 Reads the default configuration settings for a specific group.
76 
77 The API supports only the ``identity`` and ``ldap`` groups.
78 
79 Relationship:
80 ``https://docs.openstack.org/api/openstack-identity/3/rel/domain_config_default``
81 
82 Request
83 -------
84 
85 Parameters
86 ~~~~~~~~~~
87 
88 .. rest_parameters:: parameters.yaml
89 
90  - group: group_id_path
91 
92 Response
93 --------
94 
95 Parameters
96 ~~~~~~~~~~
97 
98 .. rest_parameters:: parameters.yaml
99 
100  - ldap: domain_ldap
101  - url: domain_url
102  - user_tree_dn: domain_user_tree_dn
103  - identity: identity
104  - driver: domain_driver
105 
106 Status Codes
107 ~~~~~~~~~~~~
108 
109 .. rest_status_code:: success status.yaml
110 
111  - 200
112 
113 .. rest_status_code:: error status.yaml
114 
115  - 400
116  - 401
117  - 403
118  - 404
119  - 405
120  - 413
121  - 503
122 
123 Example
124 ~~~~~~~
125 
126 .. literalinclude:: ./samples/admin/domain-config-group-default-response.json
127  :language: javascript
128 
129 
130 Show default option for a group
131 ===============================
132 
133 .. rest_method:: GET /v3/domains/config/{group}/{option}/default
134 
135 Reads the default configuration setting for an option within a group.
136 
137 The API supports only the ``identity`` and ``ldap`` groups. For the
138 ``ldap`` group, a valid value is ``url`` or ``user_tree_dn``. For
139 the ``identity`` group, a valid value is ``driver``.
140 
141 Relationship:
142 ``https://docs.openstack.org/api/openstack-identity/3/rel/domain_config_default``
143 
144 Request
145 -------
146 
147 Parameters
148 ~~~~~~~~~~
149 
150 .. rest_parameters:: parameters.yaml
151 
152  - group: group_id_path
153  - option: option
154 
155 Response
156 --------
157 
158 Parameters
159 ~~~~~~~~~~
160 
161 .. rest_parameters:: parameters.yaml
162 
163  - url: domain_url
164  - driver: domain_driver
165  - user_tree_dn: domain_user_tree_dn
166 
167 Status Codes
168 ~~~~~~~~~~~~
169 
170 .. rest_status_code:: success status.yaml
171 
172  - 200
173 
174 .. rest_status_code:: error status.yaml
175 
176  - 400
177  - 401
178  - 403
179  - 404
180  - 405
181  - 413
182  - 503
183 
184 Example
185 ~~~~~~~
186 
187 .. literalinclude:: ./samples/admin/domain-config-group-option-default-response.json
188  :language: javascript
189 
190 
191 Show domain group option configuration
192 ======================================
193 
194 .. rest_method:: GET /v3/domains/{domain_id}/config/{group}/{option}
195 
196 Shows details for a domain group option configuration.
197 
198 The API supports only the ``identity`` and ``ldap`` groups. For the
199 ``ldap`` group, a valid value is ``url`` or ``user_tree_dn``. For
200 the ``identity`` group, a valid value is ``driver``.
201 
202 Relationship: ``https://docs.openstack.org/api/openstack-identity/3/rel/domain_config_default``
203 
204 Request
205 -------
206 
207 Parameters
208 ~~~~~~~~~~
209 
210 .. rest_parameters:: parameters.yaml
211 
212  - domain_id: domain_id_path
213  - group: group_id_path
214  - option: option
215 
216 Response
217 --------
218 
219 Parameters
220 ~~~~~~~~~~
221 
222 .. rest_parameters:: parameters.yaml
223 
224  - url: domain_url
225  - driver: domain_driver
226  - ldap: domain_ldap
227  - config: domain_config
228  - user_tree_dn: domain_user_tree_dn
229  - identity: identity
230 
231 Status Codes
232 ~~~~~~~~~~~~
233 
234 .. rest_status_code:: success status.yaml
235 
236  - 200
237 
238 .. rest_status_code:: error status.yaml
239 
240  - 400
241  - 401
242  - 403
243  - 404
244  - 405
245  - 413
246  - 503
247 
248 Example
249 ~~~~~~~
250 
251 .. literalinclude:: ./samples/admin/domain-config-group-option-show-response.json
252  :language: javascript
253 
254 
255 Update domain group option configuration
256 ========================================
257 
258 .. rest_method:: PATCH /v3/domains/{domain_id}/config/{group}/{option}
259 
260 Updates a domain group option configuration.
261 
262 The API supports only the ``identity`` and ``ldap`` groups. For the
263 ``ldap`` group, a valid value is ``url`` or ``user_tree_dn``. For
264 the ``identity`` group, a valid value is ``driver``.
265 
266 Relationship: ``https://docs.openstack.org/api/openstack-identity/3/rel/domain_config_default``
267 
268 Request
269 -------
270 
271 Parameters
272 ~~~~~~~~~~
273 
274 .. rest_parameters:: parameters.yaml
275 
276  - domain_id: domain_id_path
277  - group: group_id_path
278  - option: option
279  - url: domain_url
280  - driver: domain_driver
281  - user_tree_dn: domain_user_tree_dn
282 
283 Example
284 ~~~~~~~
285 
286 .. literalinclude:: ./samples/admin/domain-config-group-option-update-request.json
287  :language: javascript
288 
289 Response
290 --------
291 
292 Parameters
293 ~~~~~~~~~~
294 
295 .. rest_parameters:: parameters.yaml
296 
297  - url: domain_url
298  - driver: domain_driver
299  - ldap: domain_ldap
300  - config: domain_config
301  - user_tree_dn: domain_user_tree_dn
302  - identity: identity
303 
304 Status Codes
305 ~~~~~~~~~~~~
306 
307 .. rest_status_code:: success status.yaml
308 
309  - 200
310 
311 .. rest_status_code:: error status.yaml
312 
313  - 400
314  - 401
315  - 403
316  - 404
317  - 405
318  - 409
319  - 413
320  - 415
321  - 503
322 
323 Example
324 ~~~~~~~
325 
326 .. literalinclude:: ./samples/admin/domain-config-group-option-update-response.json
327  :language: javascript
328 
329 
330 Delete domain group option configuration
331 ========================================
332 
333 .. rest_method:: DELETE /v3/domains/{domain_id}/config/{group}/{option}
334 
335 Deletes a domain group option configuration.
336 
337 The API supports only the ``identity`` and ``ldap`` groups. For the
338 ``ldap`` group, a valid value is ``url`` or ``user_tree_dn``. For
339 the ``identity`` group, a valid value is ``driver``.
340 
341 Relationship: ``https://docs.openstack.org/api/openstack-identity/3/rel/domain_config_default``
342 
343 Request
344 -------
345 
346 .. rest_parameters:: parameters.yaml
347 
348  - domain_id: domain_id_path
349  - group: group_id_path
350  - option: option
351 
352 Response
353 --------
354 
355 Status Codes
356 ~~~~~~~~~~~~
357 
358 .. rest_status_code:: success status.yaml
359 
360  - 204
361 
362 .. rest_status_code:: error status.yaml
363 
364  - 400
365  - 401
366  - 403
367  - 404
368  - 405
369  - 409
370  - 413
371  - 415
372  - 503
373 
374 
375 Show domain group configuration
376 ===============================
377 
378 .. rest_method:: GET /v3/domains/{domain_id}/config/{group}
379 
380 Shows details for a domain group configuration.
381 
382 The API supports only the ``identity`` and ``ldap`` groups.
383 
384 Relationship: ``https://docs.openstack.org/api/openstack-identity/3/rel/domain_config_default``
385 
386 Request
387 -------
388 
389 Parameters
390 ~~~~~~~~~~
391 
392 .. rest_parameters:: parameters.yaml
393 
394  - domain_id: domain_id_path
395  - group: group_id_path
396 
397 Response
398 --------
399 
400 Parameters
401 ~~~~~~~~~~
402 
403 .. rest_parameters:: parameters.yaml
404 
405  - url: domain_url
406  - driver: domain_driver
407  - ldap: domain_ldap
408  - config: domain_config
409  - user_tree_dn: domain_user_tree_dn
410  - identity: identity
411 
412 Status Codes
413 ~~~~~~~~~~~~
414 
415 .. rest_status_code:: success status.yaml
416 
417  - 200
418 
419 .. rest_status_code:: error status.yaml
420 
421  - 400
422  - 401
423  - 403
424  - 404
425  - 405
426  - 413
427  - 503
428 
429 Example
430 ~~~~~~~
431 
432 .. literalinclude:: ./samples/admin/domain-config-group-show-response.json
433  :language: javascript
434 
435 
436 Update domain group configuration
437 =================================
438 
439 .. rest_method:: PATCH /v3/domains/{domain_id}/config/{group}
440 
441 Updates a domain group configuration.
442 
443 The API supports only the ``identity`` and ``ldap`` groups. If you
444 try to set configuration options for other groups, this call fails
445 with the ``Forbidden (403)`` response code.
446 
447 Relationship: ``https://docs.openstack.org/api/openstack-identity/3/rel/domain_config_default``
448 
449 Request
450 -------
451 
452 Parameters
453 ~~~~~~~~~~
454 
455 .. rest_parameters:: parameters.yaml
456 
457  - domain_id: domain_id_path
458  - group: group_id_path
459  - url: domain_url
460  - driver: domain_driver
461  - ldap: domain_ldap
462  - config: domain_config
463  - user_tree_dn: domain_user_tree_dn
464  - identity: identity
465 
466 Example
467 ~~~~~~~
468 
469 .. literalinclude:: ./samples/admin/domain-config-group-update-request.json
470  :language: javascript
471 
472 Response
473 --------
474 
475 Parameters
476 ~~~~~~~~~~
477 
478 .. rest_parameters:: parameters.yaml
479 
480  - url: domain_url
481  - driver: domain_driver
482  - ldap: domain_ldap
483  - config: domain_config
484  - user_tree_dn: domain_user_tree_dn
485  - identity: identity
486 
487 Status Codes
488 ~~~~~~~~~~~~
489 
490 .. rest_status_code:: success status.yaml
491 
492  - 200
493 
494 .. rest_status_code:: error status.yaml
495 
496  - 400
497  - 401
498  - 403
499  - 404
500  - 405
501  - 409
502  - 413
503  - 415
504  - 503
505 
506 Example
507 ~~~~~~~
508 
509 .. literalinclude:: ./samples/admin/domain-config-group-update-response.json
510  :language: javascript
511 
512 
513 Delete domain group configuration
514 =================================
515 
516 .. rest_method:: DELETE /v3/domains/{domain_id}/config/{group}
517 
518 Deletes a domain group configuration.
519 
520 The API supports only the ``identity`` and ``ldap`` groups.
521 
522 Relationship: ``https://docs.openstack.org/api/openstack-identity/3/rel/domain_config_default``
523 
524 Request
525 -------
526 
527 Parameters
528 ~~~~~~~~~~
529 
530 .. rest_parameters:: parameters.yaml
531 
532  - domain_id: domain_id_path
533  - group: group_id_path
534 
535 Response
536 --------
537 
538 Status Codes
539 ~~~~~~~~~~~~
540 
541 .. rest_status_code:: success status.yaml
542 
543  - 200
544 
545 .. rest_status_code:: error status.yaml
546 
547  - 400
548  - 401
549  - 403
550  - 404
551  - 405
552  - 409
553  - 413
554  - 415
555  - 503
556 
557 
558 Create domain configuration
559 ===========================
560 
561 .. rest_method:: PUT /v3/domains/{domain_id}/config
562 
563 Creates a domain configuration.
564 
565 Relationship: ``https://docs.openstack.org/api/openstack-identity/3/rel/domain_config``
566 
567 Request
568 -------
569 
570 Parameters
571 ~~~~~~~~~~
572 
573 .. rest_parameters:: parameters.yaml
574 
575  - domain_id: domain_id_path
576  - url: domain_url
577  - driver: domain_driver
578  - ldap: domain_ldap
579  - config: domain_config
580  - user_tree_dn: domain_user_tree_dn
581  - identity: identity
582 
583 Example
584 ~~~~~~~
585 
586 .. literalinclude:: ./samples/admin/domain-config-create-request.json
587  :language: javascript
588 
589 Response
590 --------
591 
592 Parameters
593 ~~~~~~~~~~
594 
595 .. rest_parameters:: parameters.yaml
596 
597  - url: domain_url
598  - driver: domain_driver
599  - ldap: domain_ldap
600  - config: domain_config
601  - user_tree_dn: domain_user_tree_dn
602  - identity: identity
603 
604 Status Codes
605 ~~~~~~~~~~~~
606 
607 .. rest_status_code:: success status.yaml
608 
609  - 200
610  - 201
611 
612 .. rest_status_code:: error status.yaml
613 
614  - 400
615  - 401
616  - 403
617  - 404
618  - 405
619  - 413
620  - 503
621 
622 Example
623 ~~~~~~~
624 
625 .. literalinclude:: ./samples/admin/domain-config-create-response.json
626  :language: javascript
627 
628 
629 Show domain configuration
630 =========================
631 
632 .. rest_method:: GET /v3/domains/{domain_id}/config
633 
634 Shows details for a domain configuration.
635 
636 Relationship: ``https://docs.openstack.org/api/openstack-identity/3/rel/domain_config``
637 
638 Request
639 -------
640 
641 Parameters
642 ~~~~~~~~~~
643 
644 .. rest_parameters:: parameters.yaml
645 
646  - domain_id: domain_id_path
647 
648 Response
649 --------
650 
651 Parameters
652 ~~~~~~~~~~
653 
654 .. rest_parameters:: parameters.yaml
655 
656  - url: domain_url
657  - driver: domain_driver
658  - ldap: domain_ldap
659  - config: domain_config
660  - user_tree_dn: domain_user_tree_dn
661  - identity: identity
662 
663 Status Codes
664 ~~~~~~~~~~~~
665 
666 .. rest_status_code:: success status.yaml
667 
668  - 200
669 
670 .. rest_status_code:: error status.yaml
671 
672  - 400
673  - 401
674  - 403
675  - 404
676  - 405
677  - 413
678  - 503
679 
680 Example
681 ~~~~~~~
682 
683 .. literalinclude:: ./samples/admin/domain-config-show-response.json
684  :language: javascript
685 
686 
687 Update domain configuration
688 ===========================
689 
690 .. rest_method:: PATCH /v3/domains/{domain_id}/config
691 
692 Updates a domain configuration.
693 
694 Relationship: ``https://docs.openstack.org/api/openstack-identity/3/rel/domain_config``
695 
696 Request
697 -------
698 
699 Parameters
700 ~~~~~~~~~~
701 
702 .. rest_parameters:: parameters.yaml
703 
704  - domain_id: domain_id_path
705  - url: domain_url
706  - driver: domain_driver
707  - ldap: domain_ldap
708  - config: domain_config
709  - user_tree_dn: domain_user_tree_dn
710  - identity: identity
711 
712 Example
713 ~~~~~~~
714 
715 .. literalinclude:: ./samples/admin/domain-config-update-request.json
716  :language: javascript
717 
718 Response
719 --------
720 
721 Parameters
722 ~~~~~~~~~~
723 
724 .. rest_parameters:: parameters.yaml
725 
726  - url: domain_url
727  - driver: domain_driver
728  - ldap: domain_ldap
729  - config: domain_config
730  - user_tree_dn: domain_user_tree_dn
731  - identity: identity
732 
733 Status Codes
734 ~~~~~~~~~~~~
735 
736 .. rest_status_code:: success status.yaml
737 
738  - 200
739 
740 .. rest_status_code:: error status.yaml
741 
742  - 400
743  - 401
744  - 403
745  - 404
746  - 405
747  - 409
748  - 413
749  - 415
750  - 503
751 
752 Example
753 ~~~~~~~
754 
755 .. literalinclude:: ./samples/admin/domain-config-update-response.json
756  :language: javascript
757 
758 
759 Delete domain configuration
760 ===========================
761 
762 .. rest_method:: DELETE /v3/domains/{domain_id}/config
763 
764 Deletes a domain configuration.
765 
766 Relationship: ``https://docs.openstack.org/api/openstack-identity/3/rel/domain_config``
767 
768 Request
769 -------
770 
771 Parameters
772 ~~~~~~~~~~
773 
774 .. rest_parameters:: parameters.yaml
775 
776  - domain_id: domain_id_path
777 
778 Response
779 --------
780 
781 Status Codes
782 ~~~~~~~~~~~~
783 
784 .. rest_status_code:: success status.yaml
785 
786  - 204
787 
788 .. rest_status_code:: error status.yaml
789 
790  - 400
791  - 401
792  - 403
793  - 404
794  - 405
795  - 409
796  - 413
797  - 415
798  - 503
keystone.conf.ldap.user_tree_dn
user_tree_dn
Definition: ldap.py:102
keystone.conf.application_credential.driver
driver
Definition: application_credential.py:18
keystone.conf.auth.password
password
Definition: auth.py:30
keystone.conf.auth.methods
methods
Definition: auth.py:19
keystone.common.validation.parameter_types.url
dictionary url
Definition: parameter_types.py:58