keystone.api package

Submodules

keystone.api.auth module

class keystone.api.auth.AuthAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.auth.AuthProjectsResource'>, url='/auth/projects', alternate_urls=[{'url': '/OS-FEDERATION/projects', 'json_home': json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-FEDERATION/1.0/rel/projects', status='stable', path_vars={})}], kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/auth_projects', status='stable', path_vars={})), resource_map(resource=<class 'keystone.api.auth.AuthDomainsResource'>, url='/auth/domains', alternate_urls=[{'url': '/OS-FEDERATION/domains', 'json_home': json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-FEDERATION/1.0/rel/domains', status='stable', path_vars={})}], kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/auth_domains', status='stable', path_vars={})), resource_map(resource=<class 'keystone.api.auth.AuthSystemResource'>, url='/auth/system', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/auth_system', status='stable', path_vars={})), resource_map(resource=<class 'keystone.api.auth.AuthCatalogResource'>, url='/auth/catalog', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/auth_catalog', status='stable', path_vars={})), resource_map(resource=<class 'keystone.api.auth.AuthTokenOSPKIResource'>, url='/auth/tokens/OS-PKI/revoked', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-PKI/1.0/rel/revocations', status='stable', path_vars={})), resource_map(resource=<class 'keystone.api.auth.AuthTokenResource'>, url='/auth/tokens', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/auth_tokens', status='stable', path_vars={}))]
resources = []
class keystone.api.auth.AuthCatalogResource[source]

Bases: keystone.api.auth._AuthFederationWebSSOBase

get()[source]

Get service catalog for token.

GET/HEAD /v3/auth/catalog

methods = {'GET'}

A list of methods this view can handle.

class keystone.api.auth.AuthDomainsResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'domains'
get()[source]

Get possible domain scopes for token.

GET/HEAD /v3/auth/domains GET/HEAD /v3/OS-FEDERATION/domains

member_key = 'domain'
methods = {'GET'}

A list of methods this view can handle.

class keystone.api.auth.AuthFederationAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.auth.AuthFederationSaml2Resource'>, url='/auth/OS-FEDERATION/saml2', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-FEDERATION/1.0/rel/saml2', status='stable', path_vars={})), resource_map(resource=<class 'keystone.api.auth.AuthFederationSaml2ECPResource'>, url='/auth/OS-FEDERATION/saml2/ecp', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-FEDERATION/1.0/rel/ecp', status='stable', path_vars={})), resource_map(resource=<class 'keystone.api.auth.AuthFederationWebSSOResource'>, url='/auth/OS-FEDERATION/websso/<string:protocol_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-FEDERATION/1.0/rel/websso', status='stable', path_vars={'protocol_id': 'https://docs.openstack.org/api/openstack-identity/3/ext/OS-FEDERATION/1.0/param/protocol_id'})), resource_map(resource=<class 'keystone.api.auth.AuthFederationWebSSOIDPsResource'>, url='/auth/OS-FEDERATION/identity_providers/<string:idp_id>/protocols/<string:protocol_id>/websso', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-FEDERATION/1.0/rel/identity_providers_websso', status='stable', path_vars={'idp_id': 'https://docs.openstack.org/api/openstack-identity/3/ext/OS-FEDERATION/1.0/param/idp_id', 'protocol_id': 'https://docs.openstack.org/api/openstack-identity/3/ext/OS-FEDERATION/1.0/param/protocol_id'}))]
resources = []
class keystone.api.auth.AuthFederationSaml2ECPResource[source]

Bases: keystone.api.auth._AuthFederationWebSSOBase

get()[source]
methods = {'GET', 'POST'}

A list of methods this view can handle.

post()[source]

Exchange a scoped token for an ECP assertion.

POST /v3/auth/OS-FEDERATION/saml2/ecp

class keystone.api.auth.AuthFederationSaml2Resource[source]

Bases: keystone.api.auth._AuthFederationWebSSOBase

get()[source]
methods = {'GET', 'POST'}

A list of methods this view can handle.

post()[source]

Exchange a scoped token for a SAML assertion.

POST /v3/auth/OS-FEDERATION/saml2

class keystone.api.auth.AuthFederationWebSSOIDPsResource[source]

Bases: keystone.api.auth._AuthFederationWebSSOBase

get(idp_id, protocol_id)[source]
methods = {'GET', 'POST'}

A list of methods this view can handle.

post(idp_id, protocol_id)[source]
class keystone.api.auth.AuthFederationWebSSOResource[source]

Bases: keystone.api.auth._AuthFederationWebSSOBase

get(protocol_id)[source]
methods = {'GET', 'POST'}

A list of methods this view can handle.

post(protocol_id)[source]
class keystone.api.auth.AuthProjectsResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'projects'
get()[source]

Get possible project scopes for token.

GET/HEAD /v3/auth/projects GET/HEAD /v3/OS-FEDERATION/projects

member_key = 'project'
methods = {'GET'}

A list of methods this view can handle.

class keystone.api.auth.AuthSystemResource[source]

Bases: keystone.api.auth._AuthFederationWebSSOBase

get()[source]

Get possible system scopes for token.

GET/HEAD /v3/auth/system

methods = {'GET'}

A list of methods this view can handle.

class keystone.api.auth.AuthTokenOSPKIResource[source]

Bases: flask_restful.Resource

get()[source]

Deprecated; get revoked token list.

GET/HEAD /v3/auth/tokens/OS-PKI/revoked

methods = {'GET'}

A list of methods this view can handle.

class keystone.api.auth.AuthTokenResource[source]

Bases: keystone.api.auth._AuthFederationWebSSOBase

delete()[source]

Revoke a token.

DELETE /v3/auth/tokens

get()[source]

Validate a token.

HEAD/GET /v3/auth/tokens

methods = {'DELETE', 'GET', 'POST'}

A list of methods this view can handle.

post()[source]

Issue a token.

POST /v3/auth/tokens

keystone.api.credentials module

class keystone.api.credentials.CredentialAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = []
resources = [<class 'keystone.api.credentials.CredentialResource'>]
class keystone.api.credentials.CredentialResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'credentials'
delete(credential_id)[source]
get(credential_id=None)[source]
member_key = 'credential'
methods = {'DELETE', 'GET', 'PATCH', 'POST'}

A list of methods this view can handle.

patch(credential_id)[source]
post()[source]

keystone.api.discovery module

class keystone.api.discovery.DiscoveryAPI[source]

Bases: object

static instantiate_and_register_to_app(flask_app)[source]
class keystone.api.discovery.MimeTypes[source]

Bases: object

JSON = 'application/json'
JSON_HOME = 'application/json-home'
keystone.api.discovery.get_version_v3()[source]
keystone.api.discovery.get_versions()[source]
keystone.api.discovery.v3_mime_type_best_match()[source]

keystone.api.domains module

class keystone.api.domains.DefaultConfigGroupResource[source]

Bases: flask_restful.Resource

get(group=None)[source]

Get default domain group config.

GET/HEAD /v3/domains/config/{group}/default

methods = {'GET'}

A list of methods this view can handle.

class keystone.api.domains.DefaultConfigOptionResource[source]

Bases: flask_restful.Resource

get(group=None, option=None)[source]

Get default domain group option config.

GET/HEAD /v3/domains/config/{group}/{option}/default

methods = {'GET'}

A list of methods this view can handle.

class keystone.api.domains.DefaultConfigResource[source]

Bases: flask_restful.Resource

get()[source]

Get default domain config.

GET/HEAD /v3/domains/config/default

methods = {'GET'}

A list of methods this view can handle.

class keystone.api.domains.DomainAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

CONFIG_GROUP = 'https://docs.openstack.org/api/openstack-identity/3/param/config_group'
CONFIG_OPTION = 'https://docs.openstack.org/api/openstack-identity/3/param/config_option'
resource_mapping = [resource_map(resource=<class 'keystone.api.domains.DomainConfigResource'>, url='/domains/<string:domain_id>/config', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/domain_config', status='stable', path_vars={'domain_id': 'https://docs.openstack.org/api/openstack-identity/3/param/domain_id'})), resource_map(resource=<class 'keystone.api.domains.DomainConfigGroupResource'>, url='/domains/<string:domain_id>/config/<string:group>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/domain_config_group', status='stable', path_vars={'domain_id': 'https://docs.openstack.org/api/openstack-identity/3/param/domain_id', 'group': 'https://docs.openstack.org/api/openstack-identity/3/param/config_group'})), resource_map(resource=<class 'keystone.api.domains.DomainConfigOptionResource'>, url='/domains/<string:domain_id>/config/<string:group>/<string:option>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/domain_config_option', status='stable', path_vars={'domain_id': 'https://docs.openstack.org/api/openstack-identity/3/param/domain_id', 'group': 'https://docs.openstack.org/api/openstack-identity/3/param/config_group', 'option': 'https://docs.openstack.org/api/openstack-identity/3/param/config_option'})), resource_map(resource=<class 'keystone.api.domains.DefaultConfigResource'>, url='/domains/config/default', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/domain_config_default', status='stable', path_vars={})), resource_map(resource=<class 'keystone.api.domains.DefaultConfigGroupResource'>, url='/domains/config/<string:group>/default', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/domain_config_default_group', status='stable', path_vars={'group': 'https://docs.openstack.org/api/openstack-identity/3/param/config_group'})), resource_map(resource=<class 'keystone.api.domains.DefaultConfigOptionResource'>, url='/domains/config/<string:group>/<string:option>/default', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/domain_config_default_option', status='stable', path_vars={'group': 'https://docs.openstack.org/api/openstack-identity/3/param/config_group', 'option': 'https://docs.openstack.org/api/openstack-identity/3/param/config_option'})), resource_map(resource=<class 'keystone.api.domains.DomainUserListResource'>, url='/domains/<string:domain_id>/users/<string:user_id>/roles', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/domain_user_roles', status='stable', path_vars={'domain_id': 'https://docs.openstack.org/api/openstack-identity/3/param/domain_id', 'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id'})), resource_map(resource=<class 'keystone.api.domains.DomainUserResource'>, url='/domains/<string:domain_id>/users/<string:user_id>/roles/<string:role_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/domain_user_role', status='stable', path_vars={'domain_id': 'https://docs.openstack.org/api/openstack-identity/3/param/domain_id', 'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id', 'role_id': 'https://docs.openstack.org/api/openstack-identity/3/param/role_id'})), resource_map(resource=<class 'keystone.api.domains.DomainGroupListResource'>, url='/domains/<string:domain_id>/groups/<string:group_id>/roles', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/domain_group_roles', status='stable', path_vars={'domain_id': 'https://docs.openstack.org/api/openstack-identity/3/param/domain_id', 'group_id': 'https://docs.openstack.org/api/openstack-identity/3/param/group_id'})), resource_map(resource=<class 'keystone.api.domains.DomainGroupResource'>, url='/domains/<string:domain_id>/groups/<string:group_id>/roles/<string:role_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/domain_group_role', status='stable', path_vars={'domain_id': 'https://docs.openstack.org/api/openstack-identity/3/param/domain_id', 'group_id': 'https://docs.openstack.org/api/openstack-identity/3/param/group_id', 'role_id': 'https://docs.openstack.org/api/openstack-identity/3/param/role_id'}))]
resources = [<class 'keystone.api.domains.DomainResource'>]
class keystone.api.domains.DomainConfigBase[source]

Bases: keystone.server.flask.common.ResourceBase

delete(domain_id=None, group=None, option=None)[source]

Delete domain config.

DELETE /v3/domains/{domain_id}/config DELETE /v3/domains/{domain_id}/config/{group} DELETE /v3/domains/{domain_id}/config/{group}/{option}

get(domain_id=None, group=None, option=None)[source]

Check if config option exists.

GET/HEAD /v3/domains/{domain_id}/config GET/HEAD /v3/domains/{domain_id}/config/{group} GET/HEAD /v3/domains/{domain_id}/config/{group}/{option}

member_key = 'config'
methods = {'DELETE', 'GET', 'PATCH'}

A list of methods this view can handle.

patch(domain_id=None, group=None, option=None)[source]

Update domain config option.

PATCH /v3/domains/{domain_id}/config PATCH /v3/domains/{domain_id}/config/{group} PATCH /v3/domains/{domain_id}/config/{group}/{option}

class keystone.api.domains.DomainConfigGroupResource[source]

Bases: keystone.api.domains.DomainConfigBase

Provides config group routing functionality.

This class leans on DomainConfigBase to provide the following APIs:

GET/HEAD /v3/domains/{domain_id}/config/{group} PATCH /v3/domains/{domain_id}/config/{group} DELETE /v3/domains/{domain_id}/config/{group}

methods = {'DELETE', 'GET', 'PATCH'}

A list of methods this view can handle.

class keystone.api.domains.DomainConfigOptionResource[source]

Bases: keystone.api.domains.DomainConfigBase

Provides config option routing functionality.

This class leans on DomainConfigBase to provide the following APIs:

GET/HEAD /v3/domains/{domain_id}/config/{group}/{option} PATCH /v3/domains/{domain_id}/config/{group}/{option} DELETE /v3/domains/{domain_id}/config/{group}/{option}

methods = {'DELETE', 'GET', 'PATCH'}

A list of methods this view can handle.

class keystone.api.domains.DomainConfigResource[source]

Bases: keystone.api.domains.DomainConfigBase

Provides config routing functionality.

This class leans on DomainConfigBase to provide the following APIs:

GET/HEAD /v3/domains/{domain_id}/config PATCH /v3/domains/{domain_id}/config DELETE /v3/domains/{domain_id}/config

methods = {'DELETE', 'GET', 'PATCH', 'PUT'}

A list of methods this view can handle.

put(domain_id)[source]

Create domain config.

PUT /v3/domains/{domain_id}/config

class keystone.api.domains.DomainGroupListResource[source]

Bases: flask_restful.Resource

get(domain_id=None, group_id=None)[source]

List all domain grats for a specific group.

GET/HEAD /v3/domains/{domain_id}/groups/{group_id}/roles

methods = {'GET'}

A list of methods this view can handle.

class keystone.api.domains.DomainGroupResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'grants'
delete(domain_id=None, group_id=None, role_id=None)[source]

Revoke a role from a group on a domain.

DELETE /v3/domains/{domain_id}/groups/{group_id}/roles/{role_id}

get(domain_id=None, group_id=None, role_id=None)[source]

Check if a group has a specific role on a domain.

GET/HEAD /v3/domains/{domain_id}/groups/{group_id}/roles/{role_id}

member_key = 'grant'
methods = {'DELETE', 'GET', 'PUT'}

A list of methods this view can handle.

put(domain_id=None, group_id=None, role_id=None)[source]

Grant a role to a group on a domain.

PUT /v3/domains/{domain_id}/groups/{group_id}/roles/{role_id}

class keystone.api.domains.DomainResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'domains'
delete(domain_id)[source]

Delete domain.

DELETE /v3/domains/{domain_id}

get(domain_id=None)[source]

Get domain or list domains.

GET/HEAD /v3/domains GET/HEAD /v3/domains/{domain_id}

get_member_from_driver
member_key = 'domain'
methods = {'DELETE', 'GET', 'PATCH', 'POST'}

A list of methods this view can handle.

patch(domain_id)[source]

Update domain.

PATCH /v3/domains/{domain_id}

post()[source]

Create domain.

POST /v3/domains

class keystone.api.domains.DomainUserListResource[source]

Bases: flask_restful.Resource

get(domain_id=None, user_id=None)[source]

Get user grant.

GET/HEAD /v3/domains/{domain_id}/users/{user_id}/roles

methods = {'GET'}

A list of methods this view can handle.

class keystone.api.domains.DomainUserResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'grants'
delete(domain_id=None, user_id=None, role_id=None)[source]

Revoke a role from user on a domain.

DELETE /v3/domains/{domain_id}/users/{user_id}/roles/{role_id}

get(domain_id=None, user_id=None, role_id=None)[source]

Check if a user has a specific role on the domain.

GET/HEAD /v3/domains/{domain_id}/users/{user_id}/roles/{role_id}

member_key = 'grant'
methods = {'DELETE', 'GET', 'PUT'}

A list of methods this view can handle.

put(domain_id=None, user_id=None, role_id=None)[source]

Create a role to a user on a domain.

PUT /v3/domains/{domain_id}/users/{user_id}/roles/{role_id}

keystone.api.ec2tokens module

class keystone.api.ec2tokens.EC2TokensAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.ec2tokens.EC2TokensResource'>, url='/ec2tokens', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-EC2/1.0/rel/ec2tokens', status='stable', path_vars={}))]
resources = []
class keystone.api.ec2tokens.EC2TokensResource[source]

Bases: keystone.api._shared.EC2_S3_Resource.ResourceBase

methods = {'GET', 'POST'}

A list of methods this view can handle.

post()[source]

Authenticate ec2 token.

POST /v3/ec2tokens

keystone.api.endpoints module

class keystone.api.endpoints.EndpointAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.endpoints.EndpointPolicyEndpointResource'>, url='/endpoints/<string:endpoint_id>/OS-ENDPOINT-POLICY/policy', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-ENDPOINT-POLICY/1.0/rel/endpoint_policy', status='stable', path_vars={'endpoint_id': 'https://docs.openstack.org/api/openstack-identity/3/param/endpoint_id'}))]
resources = [<class 'keystone.api.endpoints.EndpointResource'>]
class keystone.api.endpoints.EndpointPolicyEndpointResource[source]

Bases: flask_restful.Resource

get(endpoint_id)[source]
methods = {'GET'}

A list of methods this view can handle.

class keystone.api.endpoints.EndpointResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'endpoints'
delete(endpoint_id)[source]
get(endpoint_id=None)[source]
get_member_from_driver
member_key = 'endpoint'
methods = {'DELETE', 'GET', 'PATCH', 'POST'}

A list of methods this view can handle.

patch(endpoint_id)[source]
post()[source]

keystone.api.groups module

class keystone.api.groups.GroupAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.groups.GroupUsersResource'>, url='/groups/<string:group_id>/users', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/group_users', status='stable', path_vars={'group_id': 'https://docs.openstack.org/api/openstack-identity/3/param/group_id'})), resource_map(resource=<class 'keystone.api.groups.UserGroupCRUDResource'>, url='/groups/<string:group_id>/users/<string:user_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/group_user', status='stable', path_vars={'group_id': 'https://docs.openstack.org/api/openstack-identity/3/param/group_id', 'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id'}))]
resources = [<class 'keystone.api.groups.GroupsResource'>]
class keystone.api.groups.GroupUsersResource[source]

Bases: keystone.server.flask.common.ResourceBase

get(group_id)[source]

Get list of users in group.

GET/HEAD /groups/{group_id}/users

methods = {'GET'}

A list of methods this view can handle.

class keystone.api.groups.GroupsResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'groups'
delete(group_id)[source]

Delete group.

DELETE /groups/{group_id}

get(group_id=None)[source]
get_member_from_driver
member_key = 'group'
methods = {'DELETE', 'GET', 'PATCH', 'POST'}

A list of methods this view can handle.

patch(group_id)[source]

Update group.

PATCH /groups/{group_id}

post()[source]

Create group.

POST /groups

class keystone.api.groups.UserGroupCRUDResource[source]

Bases: flask_restful.Resource

delete(group_id, user_id)[source]

Remove user from group.

DELETE /groups/{group_id}/users/{user_id}

get(group_id, user_id)[source]

Check if a user is in a group.

GET/HEAD /groups/{group_id}/users/{user_id}

methods = {'DELETE', 'GET', 'PUT'}

A list of methods this view can handle.

put(group_id, user_id)[source]

Add user to group.

PUT /groups/{group_id}/users/{user_id}

keystone.api.limits module

class keystone.api.limits.LimitModelResource[source]

Bases: flask_restful.Resource

get()[source]
methods = {'GET'}

A list of methods this view can handle.

class keystone.api.limits.LimitsAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.limits.LimitModelResource'>, url='/limits/model', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/limit_model', status='experimental', path_vars={}))]
resources = [<class 'keystone.api.limits.LimitsResource'>]
class keystone.api.limits.LimitsResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'limits'
delete(limit_id)[source]
get(limit_id=None)[source]
get_member_from_driver
json_home_resource_status = 'experimental'
member_key = 'limit'
methods = {'DELETE', 'GET', 'PATCH', 'POST'}

A list of methods this view can handle.

patch(limit_id)[source]
post()[source]

keystone.api.os_ep_filter module

class keystone.api.os_ep_filter.EPFilterAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.os_ep_filter.EPFilterEndpointProjectsResource'>, url='/endpoints/<string:endpoint_id>/projects', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-EP-FILTER/1.0/rel/endpoint_projects', status='stable', path_vars={'endpoint_id': 'https://docs.openstack.org/api/openstack-identity/3/param/endpoint_id'})), resource_map(resource=<class 'keystone.api.os_ep_filter.EPFilterProjectsEndpointsResource'>, url='/projects/<string:project_id>/endpoints/<string:endpoint_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-EP-FILTER/1.0/rel/project_endpoint', status='stable', path_vars={'endpoint_id': 'https://docs.openstack.org/api/openstack-identity/3/param/endpoint_id', 'project_id': 'https://docs.openstack.org/api/openstack-identity/3/param/project_id'})), resource_map(resource=<class 'keystone.api.os_ep_filter.EPFilterProjectEndpointsListResource'>, url='/projects/<string:project_id>/endpoints', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-EP-FILTER/1.0/rel/project_endpoints', status='stable', path_vars={'project_id': 'https://docs.openstack.org/api/openstack-identity/3/param/project_id'})), resource_map(resource=<class 'keystone.api.os_ep_filter.EndpointFilterProjectEndpointGroupsListResource'>, url='/projects/<string:project_id>/endpoint_groups', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-EP-FILTER/1.0/rel/project_endpoint_groups', status='stable', path_vars={'project_id': 'https://docs.openstack.org/api/openstack-identity/3/param/project_id'})), resource_map(resource=<class 'keystone.api.os_ep_filter.EndpointFilterEPGroupsEndpoints'>, url='/endpoint_groups/<string:endpoint_group_id>/endpoints', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-EP-FILTER/1.0/rel/endpoints_in_endpoint_group', status='stable', path_vars={'endpoint_group_id': 'https://docs.openstack.org/api/openstack-identity/3/ext/OS-EP-FILTER/1.0/param/endpoint_group_id'})), resource_map(resource=<class 'keystone.api.os_ep_filter.EndpointFilterEPGroupsProjects'>, url='/endpoint_groups/<string:endpoint_group_id>/projects', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-EP-FILTER/1.0/rel/projects_associated_with_endpoint_group', status='stable', path_vars={'endpoint_group_id': 'https://docs.openstack.org/api/openstack-identity/3/ext/OS-EP-FILTER/1.0/param/endpoint_group_id'})), resource_map(resource=<class 'keystone.api.os_ep_filter.EPFilterGroupsProjectsResource'>, url='/endpoint_groups/<string:endpoint_group_id>/projects/<string:project_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-EP-FILTER/1.0/rel/endpoint_group_to_project_association', status='stable', path_vars={'project_id': 'https://docs.openstack.org/api/openstack-identity/3/param/project_id', 'endpoint_group_id': 'https://docs.openstack.org/api/openstack-identity/3/ext/OS-EP-FILTER/1.0/param/endpoint_group_id'}))]
resources = [<class 'keystone.api.os_ep_filter.EndpointGroupsResource'>]
class keystone.api.os_ep_filter.EPFilterEndpointProjectsResource[source]

Bases: flask_restful.Resource

get(endpoint_id)[source]

“Return a list of projects associated with the endpoint.

methods = {'GET'}

A list of methods this view can handle.

class keystone.api.os_ep_filter.EPFilterGroupsProjectsResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'project_endpoint_groups'
delete(endpoint_group_id, project_id)[source]
get(endpoint_group_id, project_id)[source]
member_key = 'project_endpoint_group'
methods = {'DELETE', 'GET', 'PUT'}

A list of methods this view can handle.

put(endpoint_group_id, project_id)[source]
class keystone.api.os_ep_filter.EPFilterProjectEndpointsListResource[source]

Bases: flask_restful.Resource

get(project_id)[source]
methods = {'GET'}

A list of methods this view can handle.

class keystone.api.os_ep_filter.EPFilterProjectsEndpointsResource[source]

Bases: flask_restful.Resource

delete(project_id, endpoint_id)[source]
get(project_id, endpoint_id)[source]
methods = {'DELETE', 'GET', 'PUT'}

A list of methods this view can handle.

put(project_id, endpoint_id)[source]
class keystone.api.os_ep_filter.EndpointFilterEPGroupsEndpoints[source]

Bases: flask_restful.Resource

get(endpoint_group_id)[source]
methods = {'GET'}

A list of methods this view can handle.

class keystone.api.os_ep_filter.EndpointFilterEPGroupsProjects[source]

Bases: flask_restful.Resource

get(endpoint_group_id)[source]
methods = {'GET'}

A list of methods this view can handle.

class keystone.api.os_ep_filter.EndpointFilterProjectEndpointGroupsListResource[source]

Bases: flask_restful.Resource

get(project_id)[source]
methods = {'GET'}

A list of methods this view can handle.

class keystone.api.os_ep_filter.EndpointGroupsResource[source]

Bases: keystone.server.flask.common.ResourceBase

api_prefix = '/OS-EP-FILTER'
collection_key = 'endpoint_groups'
delete(endpoint_group_id)[source]
get(endpoint_group_id=None)[source]
json_home_parameter_rel_func(*, extension_version='1.0', parameter_name)
json_home_resource_rel_func(*, extension_version='1.0', resource_name)
member_key = 'endpoint_group'
methods = {'DELETE', 'GET', 'PATCH', 'POST'}

A list of methods this view can handle.

patch(endpoint_group_id)[source]
post()[source]

keystone.api.os_federation module

class keystone.api.os_federation.IDPProtocolsCRUDResource[source]

Bases: keystone.api.os_federation._IdentityProvidersProtocolsResourceBase

delete(idp_id, protocol_id)[source]

Delete a protocol from an IDP.

DELETE /OS-FEDERATION/identity_providers/

{idp_id}/protocols/{protocol_id}

get(idp_id, protocol_id)[source]

Get protocols for an IDP.

HEAD/GET /OS-FEDERATION/identity_providers/

{idp_id}/protocols/{protocol_id}

methods = {'DELETE', 'GET', 'PATCH', 'PUT'}

A list of methods this view can handle.

patch(idp_id, protocol_id)[source]

Update protocol for an IDP.

PATCH /OS-FEDERATION/identity_providers/

{idp_id}/protocols/{protocol_id}

put(idp_id, protocol_id)[source]

Create protocol for an IDP.

PUT /OS-Federation/identity_providers/{idp_id}/protocols/{protocol_id}

class keystone.api.os_federation.IDPProtocolsListResource[source]

Bases: keystone.api.os_federation._IdentityProvidersProtocolsResourceBase

get(idp_id)[source]

List protocols for an IDP.

HEAD/GET /OS-FEDERATION/identity_providers/{idp_id}/protocols

methods = {'GET'}

A list of methods this view can handle.

class keystone.api.os_federation.IdentityProvidersResource[source]

Bases: keystone.api.os_federation._ResourceBase

api_prefix = '/OS-FEDERATION'
collection_key = 'identity_providers'
delete(idp_id)[source]
get(idp_id=None)[source]
member_key = 'identity_provider'
methods = {'DELETE', 'GET', 'PATCH', 'PUT'}

A list of methods this view can handle.

patch(idp_id)[source]
put(idp_id)[source]

Create an idp resource for federated authentication.

PUT /OS-FEDERATION/identity_providers/{idp_id}

class keystone.api.os_federation.MappingResource[source]

Bases: keystone.api.os_federation._ResourceBase

api_prefix = '/OS-FEDERATION'
collection_key = 'mappings'
delete(mapping_id)[source]

Delete a mapping.

DELETE /OS-FEDERATION/mappings/{mapping_id}

get(mapping_id=None)[source]
member_key = 'mapping'
methods = {'DELETE', 'GET', 'PATCH', 'PUT'}

A list of methods this view can handle.

patch(mapping_id)[source]

Update a mapping.

PATCH /OS-FEDERATION/mappings/{mapping_id}

put(mapping_id)[source]

Create a mapping.

PUT /OS-FEDERATION/mappings/{mapping_id}

class keystone.api.os_federation.OSFederationAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.os_federation.SAML2MetadataResource'>, url='/saml2/metadata', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-FEDERATION/1.0/rel/metadata', status='stable', path_vars={})), resource_map(resource=<class 'keystone.api.os_federation.OSFederationAuthResource'>, url='/identity_providers/<string:idp_id>/protocols/<string:protocol_id>/auth', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-FEDERATION/1.0/rel/identity_provider_protocol_auth', status='stable', path_vars={'idp_id': 'https://docs.openstack.org/api/openstack-identity/3/ext/OS-FEDERATION/1.0/param/idp_id', 'protocol_id': 'https://docs.openstack.org/api/openstack-identity/3/ext/OS-FEDERATION/1.0/param/protocol_id'}))]
resources = []
class keystone.api.os_federation.OSFederationAuthResource[source]

Bases: flask_restful.Resource

get(idp_id, protocol_id)[source]

Authenticate from dedicated uri endpoint.

GET/HEAD /OS-FEDERATION/identity_providers/

{idp_id}/protocols/{protocol_id}/auth

methods = {'GET', 'POST'}

A list of methods this view can handle.

post(idp_id, protocol_id)[source]

Authenticate from dedicated uri endpoint.

POST /OS-FEDERATION/identity_providers/

{idp_id}/protocols/{protocol_id}/auth

class keystone.api.os_federation.OSFederationIdentityProvidersAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = []
resources = [<class 'keystone.api.os_federation.IdentityProvidersResource'>]
class keystone.api.os_federation.OSFederationIdentityProvidersProtocolsAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.os_federation.IDPProtocolsCRUDResource'>, url='/OS-FEDERATION/identity_providers/<string:idp_id>/protocols/<string:protocol_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-FEDERATION/1.0/rel/identity_provider_protocol', status='stable', path_vars={'idp_id': 'https://docs.openstack.org/api/openstack-identity/3/ext/OS-FEDERATION/1.0/param/idp_id', 'protocol_id': 'https://docs.openstack.org/api/openstack-identity/3/ext/OS-FEDERATION/1.0/param/protocol_id'})), resource_map(resource=<class 'keystone.api.os_federation.IDPProtocolsListResource'>, url='/OS-FEDERATION/identity_providers/<string:idp_id>/protocols', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-FEDERATION/1.0/rel/identity_provider_protocols', status='stable', path_vars={'idp_id': 'https://docs.openstack.org/api/openstack-identity/3/ext/OS-FEDERATION/1.0/param/idp_id'}))]
resources = []
class keystone.api.os_federation.OSFederationMappingsAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = []
resources = [<class 'keystone.api.os_federation.MappingResource'>]
class keystone.api.os_federation.OSFederationServiceProvidersAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = []
resources = [<class 'keystone.api.os_federation.ServiceProvidersResource'>]
class keystone.api.os_federation.SAML2MetadataResource[source]

Bases: flask_restful.Resource

get()[source]

Get SAML2 metadata.

GET/HEAD /OS-FEDERATION/saml2/metadata

methods = {'GET'}

A list of methods this view can handle.

class keystone.api.os_federation.ServiceProvidersResource[source]

Bases: keystone.api.os_federation._ResourceBase

api_prefix = '/OS-FEDERATION'
collection_key = 'service_providers'
delete(sp_id)[source]

Delete a service provider.

DELETE /OS-FEDERATION/service_providers/{sp_id}

get(sp_id=None)[source]
member_key = 'service_provider'
methods = {'DELETE', 'GET', 'PATCH', 'PUT'}

A list of methods this view can handle.

patch(sp_id)[source]

Update a service provider.

PATCH /OS-FEDERATION/service_providers/{sp_id}

put(sp_id)[source]

Create a service provider.

PUT /OS-FEDERATION/service_providers/{sp_id}

keystone.api.os_inherit module

class keystone.api.os_inherit.OSInheritAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.os_inherit.OSInheritDomainGroupRolesResource'>, url='/domains/<string:domain_id>/groups/<string:group_id>/roles/<string:role_id>/inherited_to_projects', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-INHERIT/1.0/rel/domain_group_role_inherited_to_projects', status='stable', path_vars={'domain_id': 'https://docs.openstack.org/api/openstack-identity/3/param/domain_id', 'group_id': 'https://docs.openstack.org/api/openstack-identity/3/param/group_id', 'role_id': 'https://docs.openstack.org/api/openstack-identity/3/param/role_id'})), resource_map(resource=<class 'keystone.api.os_inherit.OSInheritDomainGroupRolesListResource'>, url='/domains/<string:domain_id>/groups/<string:group_id>/roles/inherited_to_projects', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-INHERIT/1.0/rel/domain_group_roles_inherited_to_projects', status='stable', path_vars={'domain_id': 'https://docs.openstack.org/api/openstack-identity/3/param/domain_id', 'group_id': 'https://docs.openstack.org/api/openstack-identity/3/param/group_id'})), resource_map(resource=<class 'keystone.api.os_inherit.OSInheritDomainUserRolesResource'>, url='/domains/<string:domain_id>/users/<string:user_id>/roles/<string:role_id>/inherited_to_projects', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-INHERIT/1.0/rel/domain_user_role_inherited_to_projects', status='stable', path_vars={'domain_id': 'https://docs.openstack.org/api/openstack-identity/3/param/domain_id', 'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id', 'role_id': 'https://docs.openstack.org/api/openstack-identity/3/param/role_id'})), resource_map(resource=<class 'keystone.api.os_inherit.OSInheritDomainUserRolesListResource'>, url='/domains/<string:domain_id>/users/<string:user_id>/roles/inherited_to_projects', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-INHERIT/1.0/rel/domain_user_roles_inherited_to_projects', status='stable', path_vars={'domain_id': 'https://docs.openstack.org/api/openstack-identity/3/param/domain_id', 'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id'})), resource_map(resource=<class 'keystone.api.os_inherit.OSInheritProjectUserResource'>, url='/projects/<string:project_id>/users/<string:user_id>/roles/<string:role_id>/inherited_to_projects', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-INHERIT/1.0/rel/project_user_role_inherited_to_projects', status='stable', path_vars={'project_id': 'https://docs.openstack.org/api/openstack-identity/3/param/project_id', 'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id', 'role_id': 'https://docs.openstack.org/api/openstack-identity/3/param/role_id'})), resource_map(resource=<class 'keystone.api.os_inherit.OSInheritProjectGroupResource'>, url='/projects/<string:project_id>/groups/<string:group_id>/roles/<string:role_id>/inherited_to_projects', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-INHERIT/1.0/rel/project_group_role_inherited_to_projects', status='stable', path_vars={'project_id': 'https://docs.openstack.org/api/openstack-identity/3/param/project_id', 'group_id': 'https://docs.openstack.org/api/openstack-identity/3/param/group_id', 'role_id': 'https://docs.openstack.org/api/openstack-identity/3/param/role_id'}))]
resources = []
class keystone.api.os_inherit.OSInheritDomainGroupRolesListResource[source]

Bases: flask_restful.Resource

get(domain_id, group_id)[source]

List roles (inherited) for a group on a domain.

GET/HEAD /OS-INHERIT/domains/{domain_id}/groups/{group_id}

/roles/inherited_to_projects

methods = {'GET'}

A list of methods this view can handle.

class keystone.api.os_inherit.OSInheritDomainGroupRolesResource[source]

Bases: flask_restful.Resource

delete(domain_id, group_id, role_id)[source]

Revoke an inherited grant for a group on a domain.

DELETE /OS-INHERIT/domains/{domain_id}/groups/{group_id}

/roles/{role_id}/inherited_to_projects

get(domain_id, group_id, role_id)[source]

Check for an inherited grant for a group on a domain.

GET/HEAD /OS-INHERIT/domains/{domain_id}/groups/{group_id}

/roles/{role_id}/inherited_to_projects

methods = {'DELETE', 'GET', 'PUT'}

A list of methods this view can handle.

put(domain_id, group_id, role_id)[source]

Create an inherited grant for a group on a domain.

PUT /OS-INHERIT/domains/{domain_id}/groups/{group_id}

/roles/{role_id}/inherited_to_projects

class keystone.api.os_inherit.OSInheritDomainUserRolesListResource[source]

Bases: flask_restful.Resource

get(domain_id, user_id)[source]

List roles (inherited) for a user on a domain.

GET/HEAD /OS-INHERIT/domains/{domain_id}/users/{user_id}

/roles/inherited_to_projects

methods = {'GET'}

A list of methods this view can handle.

class keystone.api.os_inherit.OSInheritDomainUserRolesResource[source]

Bases: flask_restful.Resource

delete(domain_id, user_id, role_id)[source]

Revoke a grant from a user on a domain.

DELETE /OS-INHERIT/domains/{domain_id}/users/{user_id}/roles

/{role_id}/inherited_to_projects

get(domain_id, user_id, role_id)[source]

Check for an inherited grant for a user on a domain.

GET/HEAD /OS-INHERIT/domains/{domain_id}/users/{user_id}/roles

/{role_id}/inherited_to_projects

methods = {'DELETE', 'GET', 'PUT'}

A list of methods this view can handle.

put(domain_id, user_id, role_id)[source]

Create an inherited grant for a user on a domain.

PUT /OS-INHERIT/domains/{domain_id}/users/{user_id}/roles/{role_id}

/inherited_to_projects

class keystone.api.os_inherit.OSInheritProjectGroupResource[source]

Bases: flask_restful.Resource

delete(project_id, group_id, role_id)[source]

Revoke an inherited grant for a group on a project.

DELETE /OS-INHERIT/projects/{project_id}/groups/{group_id}

/roles/{role_id}/inherited_to_projects

get(project_id, group_id, role_id)[source]

Check for an inherited grant for a group on a project.

GET/HEAD /OS-INHERIT/projects/{project_id}/groups/{group_id}

/roles/{role_id}/inherited_to_projects

methods = {'DELETE', 'GET', 'PUT'}

A list of methods this view can handle.

put(project_id, group_id, role_id)[source]

Create an inherited grant for a group on a project.

PUT /OS-INHERIT/projects/{project_id}/groups/{group_id}

/roles/{role_id}/inherited_to_projects

class keystone.api.os_inherit.OSInheritProjectUserResource[source]

Bases: flask_restful.Resource

delete(project_id, user_id, role_id)[source]

Revoke an inherited grant for a user on a project.

DELETE /OS-INHERIT/projects/{project_id}/users/{user_id}

/roles/{role_id}/inherited_to_projects

get(project_id, user_id, role_id)[source]

Check for an inherited grant for a user on a project.

GET/HEAD /OS-INHERIT/projects/{project_id}/users/{user_id}

/roles/{role_id}/inherited_to_projects

methods = {'DELETE', 'GET', 'PUT'}

A list of methods this view can handle.

put(project_id, user_id, role_id)[source]

Create an inherited grant for a user on a project.

PUT /OS-INHERIT/projects/{project_id}/users/{user_id}

/roles/{role_id}/inherited_to_projects

keystone.api.os_oauth1 module

class keystone.api.os_oauth1.AccessTokenResource[source]

Bases: keystone.api.os_oauth1._OAuth1ResourceBase

methods = {'GET', 'POST'}

A list of methods this view can handle.

post()[source]
class keystone.api.os_oauth1.AuthorizeResource[source]

Bases: keystone.api.os_oauth1._OAuth1ResourceBase

methods = {'GET', 'PUT'}

A list of methods this view can handle.

put(request_token_id)[source]
class keystone.api.os_oauth1.ConsumerResource[source]

Bases: keystone.server.flask.common.ResourceBase

api_prefix = '/OS-OAUTH1'
collection_key = 'consumers'
delete(consumer_id)[source]
get(consumer_id=None)[source]
json_home_parameter_rel_func(*, extension_version='1.0', parameter_name)
json_home_resource_rel_func(*, extension_version='1.0', resource_name)
member_key = 'consumer'
methods = {'DELETE', 'GET', 'PATCH', 'POST'}

A list of methods this view can handle.

patch(consumer_id)[source]
post()[source]
class keystone.api.os_oauth1.OSAuth1API(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.os_oauth1.RequestTokenResource'>, url='/request_token', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-OAUTH1/1.0/rel/request_tokens', status='stable', path_vars={})), resource_map(resource=<class 'keystone.api.os_oauth1.AccessTokenResource'>, url='/access_token', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-OAUTH1/1.0/rel/access_tokens', status='stable', path_vars={})), resource_map(resource=<class 'keystone.api.os_oauth1.AuthorizeResource'>, url='/authorize/<string:request_token_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-OAUTH1/1.0/rel/authorize_request_token', status='stable', path_vars={'request_token_id': 'https://docs.openstack.org/api/openstack-identity/3/ext/OS-OAUTH1/1.0/param/request_token_id'}))]
resources = [<class 'keystone.api.os_oauth1.ConsumerResource'>]
class keystone.api.os_oauth1.RequestTokenResource[source]

Bases: keystone.api.os_oauth1._OAuth1ResourceBase

methods = {'GET', 'POST'}

A list of methods this view can handle.

post()[source]

keystone.api.os_revoke module

class keystone.api.os_revoke.OSRevokeAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.os_revoke.OSRevokeResource'>, url='/events', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-REVOKE/1.0/rel/events', status='stable', path_vars={}))]
resources = []
class keystone.api.os_revoke.OSRevokeResource[source]

Bases: flask_restful.Resource

get()[source]
methods = {'GET'}

A list of methods this view can handle.

keystone.api.os_simple_cert module

class keystone.api.os_simple_cert.SimpleCertAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.os_simple_cert.SimpleCertCAResource'>, url='/OS-SIMPLE-CERT/ca', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-SIMPLE-CERT/1.0/rel/ca_certificate', status='stable', path_vars={})), resource_map(resource=<class 'keystone.api.os_simple_cert.SimpleCertListResource'>, url='/OS-SIMPLE-CERT/certificates', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-SIMPLE-CERT/1.0/rel/certificates', status='stable', path_vars={}))]
resources = []
class keystone.api.os_simple_cert.SimpleCertCAResource[source]

Bases: flask_restful.Resource

get()[source]
methods = {'GET'}

A list of methods this view can handle.

class keystone.api.os_simple_cert.SimpleCertListResource[source]

Bases: flask_restful.Resource

get()[source]
methods = {'GET'}

A list of methods this view can handle.

keystone.api.policy module

class keystone.api.policy.EndpointPolicyAssociations[source]

Bases: flask_restful.Resource

delete(policy_id, endpoint_id)[source]
get(policy_id, endpoint_id)[source]
methods = {'DELETE', 'GET', 'PUT'}

A list of methods this view can handle.

put(policy_id, endpoint_id)[source]
class keystone.api.policy.EndpointPolicyResource[source]

Bases: flask_restful.Resource

get(policy_id)[source]
methods = {'GET'}

A list of methods this view can handle.

class keystone.api.policy.PolicyAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.policy.EndpointPolicyResource'>, url='/policies/<string:policy_id>/OS-ENDPOINT-POLICY/endpoints', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-ENDPOINT-POLICY/1.0/rel/policy_endpoints', status='stable', path_vars={'policy_id': 'https://docs.openstack.org/api/openstack-identity/3/param/policy_id'})), resource_map(resource=<class 'keystone.api.policy.EndpointPolicyAssociations'>, url='/policies/<string:policy_id>/OS-ENDPOINT-POLICY/endpoints/<string:endpoint_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-ENDPOINT-POLICY/1.0/rel/endpoint_policy_association', status='stable', path_vars={'policy_id': 'https://docs.openstack.org/api/openstack-identity/3/param/policy_id', 'endpoint_id': 'https://docs.openstack.org/api/openstack-identity/3/param/endpoint_id'})), resource_map(resource=<class 'keystone.api.policy.ServicePolicyAssociations'>, url='/policies/<string:policy_id>/OS-ENDPOINT-POLICY/services/<string:service_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-ENDPOINT-POLICY/1.0/rel/service_policy_association', status='stable', path_vars={'policy_id': 'https://docs.openstack.org/api/openstack-identity/3/param/policy_id', 'service_id': 'https://docs.openstack.org/api/openstack-identity/3/param/service_id'})), resource_map(resource=<class 'keystone.api.policy.ServiceRegionPolicyAssociations'>, url='/policies/<string:policy_id>/OS-ENDPOINT-POLICY/services/<string:service_id>/regions/<string:region_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-ENDPOINT-POLICY/1.0/rel/region_and_service_policy_association', status='stable', path_vars={'policy_id': 'https://docs.openstack.org/api/openstack-identity/3/param/policy_id', 'service_id': 'https://docs.openstack.org/api/openstack-identity/3/param/service_id', 'region_id': 'https://docs.openstack.org/api/openstack-identity/3/param/region_id'}))]
resources = [<class 'keystone.api.policy.PolicyResource'>]
class keystone.api.policy.PolicyResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'policies'
delete(policy_id)[source]
get(policy_id=None)[source]
member_key = 'policy'
methods = {'DELETE', 'GET', 'PATCH', 'POST'}

A list of methods this view can handle.

patch(policy_id)[source]
post()[source]
class keystone.api.policy.ServicePolicyAssociations[source]

Bases: flask_restful.Resource

delete(policy_id, service_id)[source]
get(policy_id, service_id)[source]
methods = {'DELETE', 'GET', 'PUT'}

A list of methods this view can handle.

put(policy_id, service_id)[source]
class keystone.api.policy.ServiceRegionPolicyAssociations[source]

Bases: flask_restful.Resource

delete(policy_id, service_id, region_id)[source]
get(policy_id, service_id, region_id)[source]
methods = {'DELETE', 'GET', 'PUT'}

A list of methods this view can handle.

put(policy_id, service_id, region_id)[source]

keystone.api.projects module

class keystone.api.projects.ProjectAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.projects.ProjectTagsResource'>, url='/projects/<string:project_id>/tags', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/project_tags', status='stable', path_vars={'project_id': 'https://docs.openstack.org/api/openstack-identity/3/param/project_id'})), resource_map(resource=<class 'keystone.api.projects.ProjectTagResource'>, url='/projects/<string:project_id>/tags/<string:value>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/project_tags', status='stable', path_vars={'project_id': 'https://docs.openstack.org/api/openstack-identity/3/param/project_id', 'value': 'https://docs.openstack.org/api/openstack-identity/3/param/tag_value'})), resource_map(resource=<class 'keystone.api.projects.ProjectUserGrantResource'>, url='/projects/<string:project_id>/users/<string:user_id>/roles/<string:role_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/project_user_role', status='stable', path_vars={'project_id': 'https://docs.openstack.org/api/openstack-identity/3/param/project_id', 'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id', 'role_id': 'https://docs.openstack.org/api/openstack-identity/3/param/role_id'})), resource_map(resource=<class 'keystone.api.projects.ProjectUserListGrantResource'>, url='/projects/<string:project_id>/users/<string:user_id>/roles', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/project_user_roles', status='stable', path_vars={'project_id': 'https://docs.openstack.org/api/openstack-identity/3/param/project_id', 'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id'})), resource_map(resource=<class 'keystone.api.projects.ProjectGroupGrantResource'>, url='/projects/<string:project_id>/groups/<string:group_id>/roles/<string:role_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/project_group_role', status='stable', path_vars={'project_id': 'https://docs.openstack.org/api/openstack-identity/3/param/project_id', 'group_id': 'https://docs.openstack.org/api/openstack-identity/3/param/group_id', 'role_id': 'https://docs.openstack.org/api/openstack-identity/3/param/role_id'})), resource_map(resource=<class 'keystone.api.projects.ProjectGroupListGrantResource'>, url='/projects/<string:project_id>/groups/<string:group_id>/roles', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/project_group_roles', status='stable', path_vars={'project_id': 'https://docs.openstack.org/api/openstack-identity/3/param/project_id', 'group_id': 'https://docs.openstack.org/api/openstack-identity/3/param/group_id'}))]
resources = [<class 'keystone.api.projects.ProjectResource'>]
class keystone.api.projects.ProjectGroupGrantResource[source]

Bases: keystone.api.projects._ProjectGrantResourceBase

delete(project_id, group_id, role_id)[source]

Delete grant of role for group on project.

DELETE /v3/projects/{project_id}/groups/{group_id}/roles/{role_id}

get(project_id, group_id, role_id)[source]

Check grant for project, group, role.

GET/HEAD /v3/projects/{project_id/groups/{group_id}/roles/{role_id}

methods = {'DELETE', 'GET', 'PUT'}

A list of methods this view can handle.

put(project_id, group_id, role_id)[source]

Grant role for group on project.

PUT /v3/projects/{project_id}/groups/{group_id}/roles/{role_id}

class keystone.api.projects.ProjectGroupListGrantResource[source]

Bases: keystone.api.projects._ProjectGrantResourceBase

get(project_id, group_id)[source]

List grants for group on project.

GET/HEAD /v3/projects/{project_id}/groups/{group_id}

methods = {'GET'}

A list of methods this view can handle.

class keystone.api.projects.ProjectResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'projects'
delete(project_id)[source]

Delete project.

DELETE /v3/projects/{project_id}

get(project_id=None)[source]

Get project or list projects.

GET/HEAD /v3/projects GET/HEAD /v3/projects/{project_id}

get_member_from_driver
member_key = 'project'
methods = {'DELETE', 'GET', 'PATCH', 'POST'}

A list of methods this view can handle.

patch(project_id)[source]

Update project.

PATCH /v3/projects/{project_id}

post()[source]

Create project.

POST /v3/projects

class keystone.api.projects.ProjectTagResource[source]

Bases: keystone.api.projects._ProjectTagResourceBase

delete(project_id, value)[source]

Delete a single tag from a project.

/v3/projects/{project_id}/tags/{value}

get(project_id, value)[source]

Get information for a single tag associated with a given project.

GET /v3/projects/{project_id}/tags/{value}

methods = {'DELETE', 'GET', 'PUT'}

A list of methods this view can handle.

put(project_id, value)[source]

Add a single tag to a project.

PUT /v3/projects/{project_id}/tags/{value}

class keystone.api.projects.ProjectTagsResource[source]

Bases: keystone.api.projects._ProjectTagResourceBase

delete(project_id)[source]

Delete all tags associated with a given project.

DELETE /v3/projects/{project_id}/tags

get(project_id)[source]

List tags associated with a given project.

GET /v3/projects/{project_id}/tags

methods = {'DELETE', 'GET', 'PUT'}

A list of methods this view can handle.

put(project_id)[source]

Update all tags associated with a given project.

PUT /v3/projects/{project_id}/tags

class keystone.api.projects.ProjectUserGrantResource[source]

Bases: keystone.api.projects._ProjectGrantResourceBase

delete(project_id, user_id, role_id)[source]

Delete grant of role for user on project.

DELETE /v3/projects/{project_id}/users/{user_id}/roles/{role_id}

get(project_id, user_id, role_id)[source]

Check grant for project, user, role.

GET/HEAD /v3/projects/{project_id/users/{user_id}/roles/{role_id}

methods = {'DELETE', 'GET', 'PUT'}

A list of methods this view can handle.

put(project_id, user_id, role_id)[source]

Grant role for user on project.

PUT /v3/projects/{project_id}/users/{user_id}/roles/{role_id}

class keystone.api.projects.ProjectUserListGrantResource[source]

Bases: keystone.api.projects._ProjectGrantResourceBase

get(project_id, user_id)[source]

List grants for user on project.

GET/HEAD /v3/projects/{project_id}/users/{user_id}

methods = {'GET'}

A list of methods this view can handle.

keystone.api.regions module

class keystone.api.regions.RegionAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = []
resources = [<class 'keystone.api.regions.RegionResource'>]
class keystone.api.regions.RegionResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'regions'
delete(region_id)[source]
get(region_id=None)[source]
member_key = 'region'
methods = {'DELETE', 'GET', 'PATCH', 'POST', 'PUT'}

A list of methods this view can handle.

patch(region_id)[source]
post()[source]
put(region_id)[source]

keystone.api.registered_limits module

class keystone.api.registered_limits.RegisteredLimitResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'registered_limits'
delete(registered_limit_id)[source]
get(registered_limit_id=None)[source]
json_home_resource_status = 'experimental'
member_key = 'registered_limit'
methods = {'DELETE', 'GET', 'PATCH', 'POST'}

A list of methods this view can handle.

patch(registered_limit_id)[source]
post()[source]
class keystone.api.registered_limits.RegisteredLimitsAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = []
resources = [<class 'keystone.api.registered_limits.RegisteredLimitResource'>]

keystone.api.role_assignments module

class keystone.api.role_assignments.RoleAssignmentsAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.role_assignments.RoleAssignmentsResource'>, url='/role_assignments', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/role_assignments', status='stable', path_vars={}))]
resources = []
class keystone.api.role_assignments.RoleAssignmentsResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'role_assignments'
get()[source]

List all role assignments.

GET/HEAD /v3/role_assignments

member_key = 'role_assignment'
methods = {'GET'}

A list of methods this view can handle.

keystone.api.role_inferences module

class keystone.api.role_inferences.RoleInferencesAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.role_inferences.RoleInferencesResource'>, url='/role_inferences', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/role_inferences', status='stable', path_vars={}))]
resources = []
class keystone.api.role_inferences.RoleInferencesResource[source]

Bases: flask_restful.Resource

get()[source]

List role inference rules.

GET/HEAD /v3/role_inferences

methods = {'GET'}

A list of methods this view can handle.

keystone.api.roles module

class keystone.api.roles.RoleAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.roles.RoleImplicationListResource'>, url='/roles/<string:prior_role_id>/implies', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/implied_roles', status='stable', path_vars={'prior_role_id': 'https://docs.openstack.org/api/openstack-identity/3/param/role_id'})), resource_map(resource=<class 'keystone.api.roles.RoleImplicationResource'>, url='/roles/<string:prior_role_id>/implies/<string:implied_role_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/implied_role', status='stable', path_vars={'prior_role_id': 'https://docs.openstack.org/api/openstack-identity/3/param/role_id', 'implied_role_id': 'https://docs.openstack.org/api/openstack-identity/3/param/role_id'}))]
resources = [<class 'keystone.api.roles.RoleResource'>]
class keystone.api.roles.RoleImplicationListResource[source]

Bases: flask_restful.Resource

get(prior_role_id)[source]

List Implied Roles.

GET/HEAD /v3/roles/{prior_role_id}/implies

methods = {'GET'}

A list of methods this view can handle.

class keystone.api.roles.RoleImplicationResource[source]

Bases: flask_restful.Resource

delete(prior_role_id, implied_role_id)[source]

Delete implied role.

DELETE /v3/roles/{prior_role_id}/implies/{implied_role_id}

get(prior_role_id, implied_role_id)[source]

Get implied role.

GET/HEAD /v3/roles/{prior_role_id}/implies/{implied_role_id}

head(prior_role_id, implied_role_id=None)[source]
methods = {'DELETE', 'GET', 'HEAD', 'PUT'}

A list of methods this view can handle.

put(prior_role_id, implied_role_id)[source]

Create implied role.

PUT /v3/roles/{prior_role_id}/implies/{implied_role_id}

class keystone.api.roles.RoleResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'roles'
delete(role_id)[source]

Delete role.

DELETE /v3/roles/{role_id}

get(role_id=None)[source]

Get role or list roles.

GET/HEAD /v3/roles GET/HEAD /v3/roles/{role_id}

get_member_from_driver
member_key = 'role'
methods = {'DELETE', 'GET', 'PATCH', 'POST'}

A list of methods this view can handle.

patch(role_id)[source]

Update role.

PATCH /v3/roles/{role_id}

post()[source]

Create role.

POST /v3/roles

keystone.api.s3tokens module

class keystone.api.s3tokens.S3Api(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.s3tokens.S3Resource'>, url='/s3tokens', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/s3tokens/1.0/rel/s3tokens', status='stable', path_vars={}))]
resources = []
class keystone.api.s3tokens.S3Resource[source]

Bases: keystone.api._shared.EC2_S3_Resource.ResourceBase

methods = {'GET', 'POST'}

A list of methods this view can handle.

post()[source]

Authenticate s3token.

POST /v3/s3tokens

keystone.api.services module

class keystone.api.services.ServiceAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = []
resources = [<class 'keystone.api.services.ServicesResource'>]
class keystone.api.services.ServicesResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'services'
delete(service_id)[source]
get(service_id=None)[source]
member_key = 'service'
methods = {'DELETE', 'GET', 'PATCH', 'POST'}

A list of methods this view can handle.

patch(service_id)[source]
post()[source]

keystone.api.system module

class keystone.api.system.SystemAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.system.SystemUsersListResource'>, url='/system/users/<string:user_id>/roles', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/system_user_roles', status='stable', path_vars={'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id'})), resource_map(resource=<class 'keystone.api.system.SystemUsersResource'>, url='/system/users/<string:user_id>/roles/<string:role_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/system_user_role', status='stable', path_vars={'role_id': 'https://docs.openstack.org/api/openstack-identity/3/param/role_id', 'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id'})), resource_map(resource=<class 'keystone.api.system.SystemGroupsRolesListResource'>, url='/system/groups/<string:group_id>/roles', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/system_group_roles', status='stable', path_vars={'group_id': 'https://docs.openstack.org/api/openstack-identity/3/param/group_id'})), resource_map(resource=<class 'keystone.api.system.SystemGroupsRolestResource'>, url='/system/groups/<string:group_id>/roles/<string:role_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/system_group_role', status='stable', path_vars={'role_id': 'https://docs.openstack.org/api/openstack-identity/3/param/role_id', 'group_id': 'https://docs.openstack.org/api/openstack-identity/3/param/group_id'}))]
resources = []
class keystone.api.system.SystemGroupsRolesListResource[source]

Bases: flask_restful.Resource

get(group_id)[source]

List all system grants for a specific group.

GET/HEAD /system/groups/{group_id}/roles

methods = {'GET'}

A list of methods this view can handle.

class keystone.api.system.SystemGroupsRolestResource[source]

Bases: flask_restful.Resource

delete(group_id, role_id)[source]

Revoke a role from the group on the system.

DELETE /system/groups/{group_id}/roles/{role_id}

get(group_id, role_id)[source]

Check if a group has a specific role on the system.

GET/HEAD /system/groups/{group_id}/roles/{role_id}

methods = {'DELETE', 'GET', 'PUT'}

A list of methods this view can handle.

put(group_id, role_id)[source]

Grant a role to a group on the system.

PUT /system/groups/{group_id}/roles/{role_id}

class keystone.api.system.SystemUsersListResource[source]

Bases: flask_restful.Resource

get(user_id)[source]

List all system grants for a specific user.

GET/HEAD /system/users/{user_id}/roles

methods = {'GET'}

A list of methods this view can handle.

class keystone.api.system.SystemUsersResource[source]

Bases: flask_restful.Resource

delete(user_id, role_id)[source]

Revoke a role from user on the system.

DELETE /system/users/{user_id}/roles/{role_id}

get(user_id, role_id)[source]

Check if a user has a specific role on the system.

GET/HEAD /system/users/{user_id}/roles/{role_id}

methods = {'DELETE', 'GET', 'PUT'}

A list of methods this view can handle.

put(user_id, role_id)[source]

Grant a role to a user on the system.

PUT /system/users/{user_id}/roles/{role_id}

keystone.api.trusts module

class keystone.api.trusts.RoleForTrustResource[source]

Bases: flask_restful.Resource

get(trust_id, role_id)[source]

Get a role that has been assigned to a trust.

methods = {'GET'}

A list of methods this view can handle.

property oslo_context
class keystone.api.trusts.RolesForTrustListResource[source]

Bases: flask_restful.Resource

get(trust_id)[source]
methods = {'GET'}

A list of methods this view can handle.

property oslo_context
class keystone.api.trusts.TrustAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.trusts.RolesForTrustListResource'>, url='/trusts/<string:trust_id>/roles', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-TRUST/1.0/rel/trust_roles', status='stable', path_vars={'trust_id': 'https://docs.openstack.org/api/openstack-identity/3/ext/OS-TRUST/1.0/param/trust_id'})), resource_map(resource=<class 'keystone.api.trusts.RoleForTrustResource'>, url='/trusts/<string:trust_id>/roles/<string:role_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-TRUST/1.0/rel/trust_role', status='stable', path_vars={'trust_id': 'https://docs.openstack.org/api/openstack-identity/3/ext/OS-TRUST/1.0/param/trust_id', 'role_id': 'https://docs.openstack.org/api/openstack-identity/3/param/role_id'}))]
resources = [<class 'keystone.api.trusts.TrustResource'>]
class keystone.api.trusts.TrustResource[source]

Bases: keystone.server.flask.common.ResourceBase

api_prefix = '/OS-TRUST'
collection_key = 'trusts'
delete(trust_id)[source]
get(trust_id=None)[source]

Dispatch for GET/HEAD or LIST trusts.

json_home_parameter_rel_func(*, extension_version='1.0', parameter_name)
json_home_resource_rel_func(*, extension_version='1.0', resource_name)
member_key = 'trust'
methods = {'DELETE', 'GET', 'POST'}

A list of methods this view can handle.

post()[source]

Create a new trust.

The User creating the trust must be the trustor.

keystone.api.users module

class keystone.api.users.OAuth1AccessTokenCRUDResource[source]

Bases: keystone.api.users._OAuth1ResourceBase

delete(user_id, access_token_id)[source]

Delete specific access token.

DELETE /v3/users/{user_id}/OS-OAUTH1/access_tokens/{access_token_id}

get(user_id, access_token_id)[source]

Get specific access token.

GET/HEAD /v3/users/{user_id}/OS-OAUTH1/access_tokens/{access_token_id}

methods = {'DELETE', 'GET'}

A list of methods this view can handle.

class keystone.api.users.OAuth1AccessTokenRoleListResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'roles'
get(user_id, access_token_id)[source]

List roles for a user access token.

GET/HEAD /v3/users/{user_id}/OS-OAUTH1/access_tokens/

{access_token_id}/roles

member_key = 'role'
methods = {'GET'}

A list of methods this view can handle.

class keystone.api.users.OAuth1AccessTokenRoleResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'roles'
get(user_id, access_token_id, role_id)[source]

Get role for access token.

GET/HEAD /v3/users/{user_id}/OS-OAUTH1/access_tokens/

{access_token_id}/roles/{role_id}

member_key = 'role'
methods = {'GET'}

A list of methods this view can handle.

class keystone.api.users.OAuth1ListAccessTokensResource[source]

Bases: keystone.api.users._OAuth1ResourceBase

get(user_id)[source]

List OAuth1 Access Tokens for user.

GET /v3/users/{user_id}/OS-OAUTH1/access_tokens

methods = {'GET'}

A list of methods this view can handle.

class keystone.api.users.UserAPI(blueprint_url_prefix='', api_url_prefix='', default_mediatype='application/json', decorators=None, errors=None)[source]

Bases: keystone.server.flask.common.APIBase

resource_mapping = [resource_map(resource=<class 'keystone.api.users.UserChangePasswordResource'>, url='/users/<string:user_id>/password', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/user_change_password', status='stable', path_vars={'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id'})), resource_map(resource=<class 'keystone.api.users.UserGroupsResource'>, url='/users/<string:user_id>/groups', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/user_groups', status='stable', path_vars={'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id'})), resource_map(resource=<class 'keystone.api.users.UserProjectsResource'>, url='/users/<string:user_id>/projects', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/user_projects', status='stable', path_vars={'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id'})), resource_map(resource=<class 'keystone.api.users.UserOSEC2CredentialsResourceListCreate'>, url='/users/<string:user_id>/credentials/OS-EC2', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-EC2/1.0/rel/user_credentials', status='stable', path_vars={'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id'})), resource_map(resource=<class 'keystone.api.users.UserOSEC2CredentialsResourceGetDelete'>, url='/users/<string:user_id>/credentials/OS-EC2/<string:credential_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-EC2/1.0/rel/user_credential', status='stable', path_vars={'credential_id': 'https://docs.openstack.org/api/openstack-identity/3/param/credential_id', 'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id'})), resource_map(resource=<class 'keystone.api.users.OAuth1ListAccessTokensResource'>, url='/users/<string:user_id>/OS-OAUTH1/access_tokens', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-OAUTH1/1.0/rel/user_access_tokens', status='stable', path_vars={'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id'})), resource_map(resource=<class 'keystone.api.users.OAuth1AccessTokenCRUDResource'>, url='/users/<string:user_id>/OS-OAUTH1/access_tokens/<string:access_token_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-OAUTH1/1.0/rel/user_access_token', status='stable', path_vars={'access_token_id': 'https://docs.openstack.org/api/openstack-identity/3/ext/OS-OAUTH1/1.0/param/access_token_id', 'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id'})), resource_map(resource=<class 'keystone.api.users.OAuth1AccessTokenRoleListResource'>, url='/users/<string:user_id>/OS-OAUTH1/access_tokens/<string:access_token_id>/roles', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-OAUTH1/1.0/rel/user_access_token_roles', status='stable', path_vars={'access_token_id': 'https://docs.openstack.org/api/openstack-identity/3/ext/OS-OAUTH1/1.0/param/access_token_id', 'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id'})), resource_map(resource=<class 'keystone.api.users.OAuth1AccessTokenRoleResource'>, url='/users/<string:user_id>/OS-OAUTH1/access_tokens/<string:access_token_id>/roles/<string:role_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/ext/OS-OAUTH1/1.0/rel/user_access_token_role', status='stable', path_vars={'access_token_id': 'https://docs.openstack.org/api/openstack-identity/3/ext/OS-OAUTH1/1.0/param/access_token_id', 'role_id': 'https://docs.openstack.org/api/openstack-identity/3/param/role_id', 'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id'})), resource_map(resource=<class 'keystone.api.users.UserAppCredListCreateResource'>, url='/users/<string:user_id>/application_credentials', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/application_credentials', status='stable', path_vars={'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id'})), resource_map(resource=<class 'keystone.api.users.UserAppCredGetDeleteResource'>, url='/users/<string:user_id>/application_credentials/<string:application_credential_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/application_credential', status='stable', path_vars={'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id', 'application_credential_id': 'https://docs.openstack.org/api/openstack-identity/3/param/application_credential_id'})), resource_map(resource=<class 'keystone.api.users.UserAccessRuleListResource'>, url='/users/<string:user_id>/access_rules', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/access_rules', status='stable', path_vars={'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id'})), resource_map(resource=<class 'keystone.api.users.UserAccessRuleGetDeleteResource'>, url='/users/<string:user_id>/access_rules/<string:access_rule_id>', alternate_urls=None, kwargs={}, json_home_data=json_home_data(rel='https://docs.openstack.org/api/openstack-identity/3/rel/access_rule', status='stable', path_vars={'user_id': 'https://docs.openstack.org/api/openstack-identity/3/param/user_id', 'access_rule_id': 'https://docs.openstack.org/api/openstack-identity/3/param/access_rule_id'}))]
resources = [<class 'keystone.api.users.UserResource'>]
class keystone.api.users.UserAccessRuleGetDeleteResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'access_rules'
delete(user_id, access_rule_id)[source]

Delete access rule resource.

DELETE /v3/users/{user_id}/access_rules/{access_rule_id}

get(user_id, access_rule_id)[source]

Get access rule resource.

GET/HEAD /v3/users/{user_id}/access_rules/{access_rule_id}

member_key = 'access_rule'
methods = {'DELETE', 'GET'}

A list of methods this view can handle.

class keystone.api.users.UserAccessRuleListResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'access_rules'
get(user_id)[source]

List access rules for user.

GET/HEAD /v3/users/{user_id}/access_rules

member_key = 'access_rule'
methods = {'GET'}

A list of methods this view can handle.

class keystone.api.users.UserAppCredGetDeleteResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'application_credentials'
delete(user_id, application_credential_id)[source]

Delete application credential resource.

DELETE /v3/users/{user_id}/application_credentials/

{application_credential_id}

get(user_id, application_credential_id)[source]

Get application credential resource.

GET/HEAD /v3/users/{user_id}/application_credentials/

{application_credential_id}

member_key = 'application_credential'
methods = {'DELETE', 'GET'}

A list of methods this view can handle.

class keystone.api.users.UserAppCredListCreateResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'application_credentials'
get(user_id)[source]

List application credentials for user.

GET/HEAD /v3/users/{user_id}/application_credentials

member_key = 'application_credential'
methods = {'GET', 'POST'}

A list of methods this view can handle.

post(user_id)[source]

Create application credential.

POST /v3/users/{user_id}/application_credentials

class keystone.api.users.UserChangePasswordResource[source]

Bases: keystone.server.flask.common.ResourceBase

get(user_id)[source]
methods = {'GET', 'POST'}

A list of methods this view can handle.

post(user_id)[source]
class keystone.api.users.UserGroupsResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'groups'
get(user_id)[source]

Get groups for a user.

GET/HEAD /v3/users/{user_id}/groups

get_member_from_driver
member_key = 'group'
methods = {'GET'}

A list of methods this view can handle.

class keystone.api.users.UserOSEC2CredentialsResourceGetDelete[source]

Bases: keystone.api.users._UserOSEC2CredBaseResource

delete(user_id, credential_id)[source]

Delete a specific EC2 credential.

DELETE /users/{user_id}/credentials/OS-EC2/{credential_id}

get(user_id, credential_id)[source]

Get a specific EC2 credential.

GET/HEAD /users/{user_id}/credentials/OS-EC2/{credential_id}

methods = {'DELETE', 'GET'}

A list of methods this view can handle.

class keystone.api.users.UserOSEC2CredentialsResourceListCreate[source]

Bases: keystone.api.users._UserOSEC2CredBaseResource

get(user_id)[source]

List EC2 Credentials for user.

GET/HEAD /v3/users/{user_id}/credentials/OS-EC2

methods = {'GET', 'POST'}

A list of methods this view can handle.

post(user_id)[source]

Create EC2 Credential for user.

POST /v3/users/{user_id}/credentials/OS-EC2

class keystone.api.users.UserProjectsResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'projects'
get(user_id)[source]
get_member_from_driver
member_key = 'project'
methods = {'GET'}

A list of methods this view can handle.

class keystone.api.users.UserResource[source]

Bases: keystone.server.flask.common.ResourceBase

collection_key = 'users'
delete(user_id)[source]

Delete a user.

DELETE /v3/users/{user_id}

get(user_id=None)[source]

Get a user resource or list users.

GET/HEAD /v3/users GET/HEAD /v3/users/{user_id}

get_member_from_driver
member_key = 'user'
methods = {'DELETE', 'GET', 'PATCH', 'POST'}

A list of methods this view can handle.

patch(user_id)[source]

Update a user.

PATCH /v3/users/{user_id}

post()[source]

Create a user.

POST /v3/users

Module contents