For details on how to use identity, see Using OpenStack Identity
The identity high-level interface is available through the identity
member of a Connection
object. The
identity
member will only be added if the service is detected.
Create a new credential from attributes
attrs (dict) – Keyword arguments which will be used to create
a Credential
,
comprised of the properties on the Credential class.
The results of credential creation
Delete a credential
credential – The value can be either the ID of a credential or a
Credential
instance.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the credential does not exist.
When set to True
, no exception will be set when
attempting to delete a nonexistent credential.
None
Find a single credential
name_or_id – The name or ID of a credential.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the resource does not exist.
When set to True
, None will be returned when
attempting to find a nonexistent resource.
One Credential
or None
Get a single credential
credential – The value can be the ID of a credential or a
Credential
instance.
One Credential
NotFoundException
when no resource can be found.
Retrieve a generator of credentials
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
A generator of credentials instances.
Update a credential
credential – Either the ID of a credential or a
Credential
instance.
attrs – The attributes to update on the credential represented
by credential
.
The updated credential
Create a new domain from attributes
Delete a domain
domain – The value can be either the ID of a domain or a
Domain
instance.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the domain does not exist.
When set to True
, no exception will be set when
attempting to delete a nonexistent domain.
None
Find a single domain
name_or_id – The name or ID of a domain.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the resource does not exist.
When set to True
, None will be returned when
attempting to find a nonexistent resource.
One Domain
or None
Get a single domain
domain – The value can be the ID of a domain or a
Domain
instance.
One Domain
NotFoundException
when no resource can be found.
Retrieve a generator of domains
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
A generator of domain instances.
Create a new config for a domain from attributes.
domain – The value can be the ID of a domain or
a Domain
instance.
attrs (dict) – Keyword arguments which will be used to create a
DomainConfig
comprised of the properties on the DomainConfig class.
The results of domain config creation
Delete a config for a domain
domain – The value can be the ID of a domain or a
a Domain
instance.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the identity provider does not exist.
When set to True
, no exception will be set when
attempting to delete a nonexistent config for a domain.
None
Get a single config for a domain
domain_id – The value can be the ID of a domain or a
Domain
instance.
One
DomainConfig
NotFoundException
when no
resource can be found.
Update a config for a domain
domain_id – The value can be the ID of a domain or a
Domain
instance.
attrs – The attributes to update on the config for a domain
represented by domain_id
.
The updated config for a domain
Create a new endpoint from attributes
Delete an endpoint
endpoint – The value can be either the ID of an endpoint or a
Endpoint
instance.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the endpoint does not exist.
When set to True
, no exception will be set when
attempting to delete a nonexistent endpoint.
None
Find a single endpoint
name_or_id – The name or ID of a endpoint.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the resource does not exist.
When set to True
, None will be returned when
attempting to find a nonexistent resource.
One Endpoint
or None
Get a single endpoint
endpoint – The value can be the ID of an endpoint or a
Endpoint
instance.
One Endpoint
NotFoundException
when no resource can be found.
Retrieve a generator of endpoints
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
A generator of endpoint instances.
Create a new group from attributes
Delete a group
group – The value can be either the ID of a group or a
Group
instance.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the group does not exist.
When set to True
, no exception will be set when
attempting to delete a nonexistent group.
None
Find a single group
name_or_id – The name or ID of a group.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the resource does not exist.
When set to True
, None will be returned when
attempting to find a nonexistent resource.
One Group
or None
Get a single group
group – The value can be the ID of a group or a
Group
instance.
One Group
NotFoundException
when no resource can be found.
Retrieve a generator of groups
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
A generator of group instances.
Update a group
Add user to group
Remove user to group
Check whether user belongsto group
Create a new policy from attributes
Delete a policy
policy – The value can be either the ID of a policy or a
Policy
instance.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the policy does not exist.
When set to True
, no exception will be set when
attempting to delete a nonexistent policy.
None
Find a single policy
name_or_id – The name or ID of a policy.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the resource does not exist.
When set to True
, None will be returned when
attempting to find a nonexistent resource.
One Policy
or None
Get a single policy
policy – The value can be the ID of a policy or a
Policy
instance.
One Policy
NotFoundException
when no resource can be found.
Retrieve a generator of policies
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
A generator of policy instances.
Create a new project from attributes
Delete a project
project – The value can be either the ID of a project or a
Project
instance.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the project does not exist.
When set to True
, no exception will be set when
attempting to delete a nonexistent project.
None
Find a single project
name_or_id – The name or ID of a project.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the resource does not exist.
When set to True
, None will be returned when
attempting to find a nonexistent resource.
One Project
or None
Get a single project
project – The value can be the ID of a project or a
Project
instance.
One Project
NotFoundException
when no resource can be found.
Retrieve a generator of projects
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
A generator of project instances.
to access.
user – Either the user id or an instance of
User
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
A generator of project instances.
UserProject
Create a new service from attributes
Delete a service
service – The value can be either the ID of a service or a
Service
instance.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the service does not exist.
When set to True
, no exception will be set when
attempting to delete a nonexistent service.
None
Find a single service
name_or_id – The name or ID of a service.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the resource does not exist.
When set to True
, None will be returned when
attempting to find a nonexistent resource.
One Service
or None
Get a single service
service – The value can be the ID of a service or a
Service
instance.
One Service
NotFoundException
when no resource can be found.
Retrieve a generator of services
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
A generator of service instances.
Create a new user from attributes
Delete a user
user – The value can be either the ID of a user or a
User
instance.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the user does not exist.
When set to True
, no exception will be set when
attempting to delete a nonexistent user.
None
Find a single user
name_or_id – The name or ID of a user.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the resource does not exist.
When set to True
, None will be returned when
attempting to find a nonexistent resource.
One User
or None
Get a single user
user – The value can be the ID of a user or a
User
instance.
One User
NotFoundException
when no resource can be found.
Retrieve a generator of users
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
A generator of user instances.
Create a new trust from attributes
Delete a trust
trust – The value can be either the ID of a trust or a
Trust
instance.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the credential does not exist.
When set to True
, no exception will be set when
attempting to delete a nonexistent credential.
None
Find a single trust
name_or_id – The name or ID of a trust.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the resource does not exist.
When set to True
, None will be returned when
attempting to find a nonexistent resource.
One Trust
or None
Get a single trust
trust – The value can be the ID of a trust or a
Trust
instance.
One Trust
NotFoundException
when no resource can be found.
Retrieve a generator of trusts
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
A generator of trust instances.
Create a new region from attributes
Delete a region
region – The value can be either the ID of a region or a
Region
instance.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the region does not exist.
When set to True
, no exception will be thrown when
attempting to delete a nonexistent region.
None
Find a single region
name_or_id – The name or ID of a region.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the region does not exist.
When set to True
, None will be returned when
attempting to find a nonexistent region.
One Region
or None
Get a single region
region – The value can be the ID of a region or a
Region
instance.
One Region
NotFoundException
when no matching region can be found.
Retrieve a generator of regions
query (kwargs) – Optional query parameters to be sent to limit the regions being returned.
A generator of region instances.
Create a new role from attributes
Delete a role
role – The value can be either the ID of a role or a
Role
instance.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the role does not exist.
When set to True
, no exception will be thrown when
attempting to delete a nonexistent role.
None
Find a single role
name_or_id – The name or ID of a role.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the role does not exist.
When set to True
, None will be returned when
attempting to find a nonexistent role.
One Role
or None
Get a single role
role – The value can be the ID of a role or a
Role
instance.
One Role
NotFoundException
when no matching role can be found.
Retrieve a generator of roles
query (kwargs) – Optional query parameters to be sent to limit the resources being returned. The options are: domain_id, name.
A generator of role instances.
Retrieve a generator of roles assigned to user/group
A generator of role instances.
Retrieve a generator of role assignments
query (kwargs) – Optional query parameters to be sent to limit the resources being returned. The options are: group_id, role_id, scope_domain_id, scope_project_id, inherited_to, user_id, include_names, include_subtree.
Assign role to user on a domain
Unassign role from user on a domain
Validates that a user has a role on a domain
Assign role to group on a domain
Unassign role from group on a domain
Validates that a group has a role on a domain
Assign role to user on a project
Unassign role from user on a project
Validates that a user has a role on a project
Assign role to group on a project
Unassign role from group on a project
Validates that a group has a role on a project
Assign a role to user on a system
Unassign a role from user on a system
Validates that a user has a role on a system
Assign a role to group on a system
Unassign a role from group on a system
Retrieve a generator of registered_limits
query (kwargs) – Optional query parameters to be sent to limit the registered_limits being returned.
A generator of registered_limits instances.
Get a single registered_limit
registered_limit – The value can be the ID of a registered_limit
or a
RegisteredLimit
instance.
One RegisteredLimit
NotFoundException
when no resource can be found.
Create a new registered_limit from attributes
attrs (dict) – Keyword arguments which will be used to create a
RegisteredLimit
,
comprised of the properties on the RegisteredLimit class.
The results of registered_limit creation.
Update a registered_limit
registered_limit – Either the ID of a registered_limit. or a
RegisteredLimit
instance.
kwargs (dict) – The attributes to update on the registered_limit
represented by value
.
The updated registered_limit.
Delete a registered_limit
registered_limit – The value can be either the ID of a
registered_limit or a
RegisteredLimit
instance.
ignore_missing (bool) – When set to False
NotFoundException
will be raised when
the registered_limit does not exist. When set to True
, no
exception will be thrown when attempting to delete a nonexistent
registered_limit.
None
Retrieve a generator of limits
query (kwargs) – Optional query parameters to be sent to limit the limits being returned.
A generator of limits instances.
Get a single limit
limit – The value can be the ID of a limit
or a Limit
instance.
One Limit
NotFoundException
when no
resource can be found.
Create a new limit from attributes
Update a limit
Delete a limit
limit – The value can be either the ID of a limit or a
Limit
instance.
ignore_missing (bool) – When set to False
NotFoundException
will be raised when
the limit does not exist. When set to True
, no exception will
be thrown when attempting to delete a nonexistent limit.
None
Retrieve a generator of application credentials
user – Either the ID of a user or a
User
instance.
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
A generator of application credentials instances.
Get a single application credential
user – Either the ID of a user or a
User
instance.
application_credential – The value can be the ID of a
application credential or a
ApplicationCredential
instance.
NotFoundException
when no
resource can be found.
Create a new application credential from attributes
user – Either the ID of a user or a
User
instance.
name – The name of the application credential which is unique to the user.
attrs (dict) – Keyword arguments which will be used to create a
ApplicationCredential
,
comprised of the properties on the ApplicationCredential class.
The results of application credential creation.
Find a single application credential
user – Either the ID of a user or a
User
instance.
name_or_id – The name or ID of an application credential.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the resource does not exist.
When set to True
, None will be returned when
attempting to find a nonexistent resource.
One
ApplicationCredential
or None
Delete an application credential
user – Either the ID of a user or a
User
instance.
credential (application) – The value can be either the ID of an
application credential or a
ApplicationCredential
instance.
ignore_missing (bool) – When set to False
NotFoundException
will be raised
when the application credential does not exist. When set to
True
, no exception will be thrown when attempting to delete
a nonexistent application credential.
None
Create a new federation protocol from attributes
idp_id – The ID of the identity provider or a
IdentityProvider
representing the identity provider the protocol is to be
attached to.
attrs (dict) – Keyword arguments which will be used to create a
FederationProtocol
,
comprised of the properties on the
FederationProtocol class.
The results of federation protocol creation
Delete a federation protocol
idp_id – The ID of the identity provider or a
IdentityProvider
representing the identity provider the protocol is attached to.
Can be None if protocol is a
FederationProtocol
instance.
protocol – The ID of a federation protocol or a
FederationProtocol
instance.
ignore_missing (bool) – When set to False
NotFoundException
will be raised
when the federation protocol does not exist. When set to
True
, no exception will be set when attempting to delete a
nonexistent federation protocol.
None
Find a single federation protocol
idp_id – The ID of the identity provider or a
IdentityProvider
representing the identity provider the protocol is attached to.
protocol – The name or ID of a federation protocol.
ignore_missing (bool) – When set to False
NotFoundException
will be raised
when the resource does not exist. When set to True
, None will
be returned when attempting to find a nonexistent resource.
One federation protocol or None
Get a single federation protocol
idp_id – The ID of the identity provider or a
IdentityProvider
representing the identity provider the protocol is attached to.
Can be None if protocol is a
FederationProtocol
protocol – The value can be the ID of a federation protocol or a
FederationProtocol
instance.
One federation protocol
NotFoundException
when no resource can be found.
Retrieve a generator of federation protocols
idp_id – The ID of the identity provider or a
IdentityProvider
representing the identity provider the protocol is attached to.
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
A generator of federation protocol instances.
Update a federation protocol
idp_id – The ID of the identity provider or a
IdentityProvider
representing the identity provider the protocol is attached to.
Can be None if protocol is a
FederationProtocol
protocol – Either the ID of a federation protocol or a
FederationProtocol
instance.
attrs – The attributes to update on the federation protocol
represented by protocol
.
The updated federation protocol
Create a new mapping from attributes
Delete a mapping
mapping – The ID of a mapping or a
Mapping
instance.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the mapping does not exist.
When set to True
, no exception will be set when
attempting to delete a nonexistent mapping.
None
Find a single mapping
name_or_id – The name or ID of a mapping.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the resource does not exist.
When set to True
, None will be returned when
attempting to find a nonexistent resource.
One Mapping
or None
Get a single mapping
mapping – The value can be the ID of a mapping or a
Mapping
instance.
One Mapping
NotFoundException
when no resource can be found.
Retrieve a generator of mappings
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
A generator of mapping instances.
Create a new identity provider from attributes
attrs (dict) – Keyword arguments which will be used to create a
IdentityProvider
comprised of the properties on the IdentityProvider class.
The results of identity provider creation
Delete an identity provider
mapping – The ID of an identity provoder or a
IdentityProvider
instance.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the identity provider does not exist.
When set to True
, no exception will be set when
attempting to delete a nonexistent identity provider.
None
Find a single identity provider
name_or_id – The name or ID of an identity provider
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the resource does not exist.
When set to True
, None will be returned when
attempting to find a nonexistent resource.
The details of an identity provider or None.
Get a single mapping
mapping – The value can be the ID of an identity provider or a
IdentityProvider
instance.
The details of an identity provider.
NotFoundException
when no resource can be found.
Retrieve a generator of identity providers
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
A generator of identity provider instances.
Update a mapping
mapping – Either the ID of an identity provider or a
IdentityProvider
instance.
attrs – The attributes to update on the identity_provider
represented by identity_provider
.
The updated identity provider.
Retrieve a generator of access rules
user – Either the ID of a user or a
User
instance.
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
A generator of access rules instances.
AccessRule
Retrieve a generator of access rules
user – Either the ID of a user or a
User
instance.
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
A generator of access rules instances.
AccessRule
Delete an access rule
user – Either the ID of a user or a
User
instance.
rule (access) – The value can be either the ID of an
access rule or a AccessRule
instance.
ignore_missing (bool) – When set to False
NotFoundException
will be raised when
the access rule does not exist. When set to True
, no exception
will be thrown when attempting to delete a nonexistent access rule.
None
Create a new service provider from attributes
attrs (dict) – Keyword arguments which will be used to create a
ServiceProvider
,
comprised of the properties on the ServiceProvider class.
The results of service provider creation
ServiceProvider
Delete a service provider
service_provider – The ID of a service provider or a
ServiceProvider
instance.
ignore_missing (bool) – When set to False
NotFoundException
will be
raised when the service provider does not exist.
When set to True
, no exception will be set when
attempting to delete a nonexistent service provider.
None
Find a single service provider
name_or_id – The name or ID of a service provider
ignore_missing (bool) – When set to False
NotFoundException
will be raised when
the resource does not exist. When set to True
, None will be
returned when attempting to find a nonexistent resource.
The details of an service provider or None.
ServiceProvider
Get a single service provider
service_provider – The value can be the ID of a service provider
or a
ServiceProvider
instance.
The details of an service provider.
ServiceProvider
NotFoundException
when no resource can be found.
Retrieve a generator of service providers
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
A generator of service provider instances.
ServiceProvider
Update a service provider
service_provider – Either the ID of an service provider or a
ServiceProvider
instance.
attrs – The attributes to update on the service provider
represented by service_provider
.
The updated service provider.
ServiceProvider
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.