Authenticating against Rackspace Cloud Identity Service v2.0

As the product portfolio of Rackspace Cloud continued to grow, it became evident that it was necessary to revamp the authentication process to provide better information about service endpoints through the API. If you’re familiar with the first version of the authentication process, you may recall that it doesn’t return any information regarding service endpoints beyond legacy Cloud Servers and Cloud Files, and you had to search through the API documentation locate your service endpoint. The new Cloud Identity Service API returns all information about service endpoints available to a customer.

The Identity Services API has two endpoints, https://auth.api.rackspacecloud.com for USA based accounts, and https://lon.auth.api.rackspacecloud.com for UK based accounts. To authenticate, you simply send a POST to /v2.0/tokens with your credentials. You can use your username and API key, as you would with the old authentication method, or a variety of newer methods that are comprehensively outlined in the API documentation. Here’s an example of authenticating using the username (this_is_an_example) and API key (23034ef200c35bbc907c928e657e3ea2):

$ curl -s -X POST https://auth.api.rackspacecloud.com/v2.0/tokens -d '{ "auth":{ "RAX-KSKEY:apiKeyCredentials":{ "username":"this_is_an_example", "apiKey":"23034ef200c35bbc907c928e657e3ea2" } } }' -H "Content-type: application/json" | python -mjson.tool

This call will return the following data:

{
 "access": {
  "serviceCatalog": [
   {
    "endpoints": [
     {
      "publicURL": "https://cdn2.clouddrive.com/v1/MossoCloudFS_00b60dc9-a8b3-4e6d-90fa-5e545583ee9", 
      "region": "ORD", 
      "tenantId": "MossoCloudFS_00b60dc9-a8b3-4e6d-90fa-5e545583ee9"
     }
    ], 
    "name": "cloudFilesCDN", 
    "type": "rax:object-cdn"
   }, 
   {
    "endpoints": [
     {
      "internalURL": "https://snet-storage101.ord1.clouddrive.com/v1/MossoCloudFS_00b60dc9-a8b3-4e6d-90fa-5e545583ee9", 
      "publicURL": "https://storage101.ord1.clouddrive.com/v1/MossoCloudFS_00b60dc9-a8b3-4e6d-90fa-5e545583ee9", 
      "region": "ORD", 
      "tenantId": "MossoCloudFS_00b60dc9-a8b3-4e6d-90fa-5e545583ee9"
     }
    ], 
    "name": "cloudFiles", 
    "type": "object-store"
   }, 
   {
    "endpoints": [
     {
      "publicURL": "https://servers.api.rackspacecloud.com/v1.0/99999999", 
      "tenantId": "99999999", 
      "versionId": "1.0", 
      "versionInfo": "https://servers.api.rackspacecloud.com/v1.0", 
      "versionList": "https://servers.api.rackspacecloud.com/"
     }
    ], 
    "name": "cloudServers", 
    "type": "compute"                                       
   },                                           
   {                                            
    "endpoints": [                                       
     {                                          
      "publicURL": "https://monitoring.api.rackspacecloud.com/v1.0/99999999",                        
      "tenantId": "99999999"                                  
     }                                          
    ],                                          
    "name": "cloudMonitoring",                                    
    "type": "rax:monitor"                                      
   },                                           
   {                                            
    "endpoints": [                                       
     {                                          
      "publicURL": "https://ord.loadbalancers.api.rackspacecloud.com/v1.0/99999999",                    
      "region": "ORD",                                   
      "tenantId": "99999999"                                  
     },                                         
     {                                          
      "publicURL": "https://dfw.loadbalancers.api.rackspacecloud.com/v1.0/99999999",                    
      "region": "DFW", 
      "tenantId": "99999999"
     }
    ], 
    "name": "cloudLoadBalancers", 
    "type": "rax:load-balancer"
   }, 
   {
    "endpoints": [
     {
      "publicURL": "https://dfw.databases.api.rackspacecloud.com/v1.0/99999999", 
      "region": "DFW", 
      "tenantId": "99999999"
     }, 
     {
      "publicURL": "https://ord.databases.api.rackspacecloud.com/v1.0/99999999", 
      "region": "ORD", 
      "tenantId": "99999999"
     }
    ], 
    "name": "cloudDatabases", 
    "type": "rax:database"
   }, 
   {
    "endpoints": [
     {
      "publicURL": "https://dfw.servers.api.rackspacecloud.com/v2/99999999", 
      "region": "DFW", 
      "tenantId": "99999999", 
      "versionId": "2", 
      "versionInfo": "https://dfw.servers.api.rackspacecloud.com/v2", 
      "versionList": "https://dfw.servers.api.rackspacecloud.com/"
     }, 
     {
      "publicURL": "https://ord.servers.api.rackspacecloud.com/v2/99999999", 
      "region": "ORD", 
      "tenantId": "99999999", 
      "versionId": "2", 
      "versionInfo": "https://ord.servers.api.rackspacecloud.com/v2", 
      "versionList": "https://ord.servers.api.rackspacecloud.com/"
     }
    ], 
    "name": "cloudServersOpenStack", 
    "type": "compute"
   }, 
   {
    "endpoints": [
     {
      "publicURL": "https://dns.api.rackspacecloud.com/v1.0/99999999", 
      "tenantId": "99999999"
     }
    ], 
    "name": "cloudDNS", 
    "type": "rax:dns"
   }
  ], 
  "token": {
   "expires": "2012-08-18T17:29:54.000-05:00", 
   "id": "dcfsdfd-8d40-4a7d-8245-1e2782e545fa", 
   "tenant": {
    "id": "99999999", 
    "name": "99999999"
   }
  }, 
  "user": {
   "RAX-AUTH:defaultRegion": "", 
   "id": "12345466", 
   "name": "this_is_an_example", 
   "roles": [
    {
     "description": "User Admin Role.", 
     "id": "3", 
     "name": "identity:user-admin"
    }
   ]
  }
 }
}

As you can see, this returns information about all the service endpoints that this account has access to. The auth token is also returned as the “id” field in the “token” data structure. You can then use the token as you normally would with the various other APIs available. For convenience, you can add a function to your bashrc to do this process for you:

function rs-auth {
    RS_USERNAME="this_is_an_example"
    RS_APIKEY="23034ef200c35bbc907c928e657e3ea2"
    curl -s -X POST -H "Content-type: application/json" -d \
    "{                      
        \"auth\":               
        {                       
            \"RAX-KSKEY:apiKeyCredentials\": {
                \"username\": \"$RS_USERNAME\",   
                \"apiKey\": \"$RS_APIKEY\"      
            }                       
        }                       
    }" \
    https://identity.api.rackspacecloud.com/v2.0/tokens | python -mjson.tool
}

Happy hacking!

Leave a Comment


NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>