Versions Compared

Old Version 16

changes.mady.by.user MS (Unlicensed)

Saved on

compared with

New Version 17

changes.mady.by.user Lou M (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Author: Ignasi Barrera

...

OAuth v1.0 Version A

...

authentication

You can use OAuth to authenticate against the Abiquo API. With OAuth, users can create their own applications and connect them to the Abiquo API in a controlled and standard way.

...

Abiquo has chosen to implement OAuth 1 because it is more secure and interoperable than OAuth 2. See  https://hueniverse.com/oauth-2-0-and-the-road-to-hell-8eec45921529

...

When you use SAML 2.0 you can disable basic authentication, but you can still use OAuth or a session token to access the API as before. See SAML integration.

Basic HTTP

...

authentication

Authentication following the Basic HTTP Authentication standard. The client must provide its credentials in base64 format, sending them in a request header in the form:

...

Request a resource without providing credentials

Request Headersheaders: Accept, Content-Type.
Request Parametersparameters: N/A.
Request Message Bodymessage body: N/A.
Request example: Retrieve all the datacenters


Code Block
titleGET Datacenters Requestdatacenters request
% curl --verbose 'http://example.com/api/admin/datacenters/' \
        -X GET \
        -H "Accept:application/vnd.abiquo.datacenters+xml"

> GET /api/admin/datacenters HTTP/1.1
> User-Agent: curl/7.19.5 (x86_64-pc-linux-gnu) libcurl/7.19.5 OpenSSL/0.9.8g zlib/1.2.3.3 libidn/1.15
> Host: exmaple.com
> Accept: application/vnd.abiquo.datacenters+xml


Response Headersheaders: Content-Length, Content-Type, WWW-Authenticate, Date.
Response Message Bodymessage body: N/A.
Response Statusstatus: 200, 401, 403.
Example Responseresponse: Response of the unauthenticated GET over a Datacenters resource


xml
Code Block
xml
titleGET Datacenters Responsedatacenters response
< HTTP/1.1 401 Unauthorized
< Server: Apache-Coyote/1.1
< WWW-Authenticate: Basic realm="Abiquo"
< Content-Type: text/html;charset=utf-8
< Content-Length: 1152
< Date: Fri, 02 Jul 2010 09:40:14 GMT

...

Request a resource providing valid credentials

Request Headersheaders: Accept, Content-Type, Authentication.
Request Parametersparameters: N/A.
Request Message Bodymessage body: N/A.
Request example: Retrieve all the datacenters


Code Block
titleGET Datacenters Requestdatacenters request
% curl --verbose 'http://example.com/api/admin/datacenters/' \
        -X GET \
        -H "Accept:application/vnd.abiquo.datacenters+xml" \
        -H "Authorization: Basic ZXhhbXBsZTpleGFtcGxl"

> GET /api/admin/datacenters HTTP/1.1
> User-Agent: curl/7.19.5 (x86_64-pc-linux-gnu) libcurl/7.19.5 OpenSSL/0.9.8g zlib/1.2.3.3 libidn/1.15
> Host: example.com
> Authorization: Basic ZXhhbXBsZTpleGFtcGxl
> Accept: application/vnd.abiquo.datacenters+xml


Response Headersheaders: Content-Length, Content-Type, Date, X-Abiquo-Token.
Response Message Bodymessage body: N/A.
Response Statusstatus: 200, 401, 403.
Example Responseresponse: Response of the authenticated GET over a Datacenters resource


xml
Code Block
xml
titleGET Datacenters Responsedatacenters response
< HTTP/1.1 200 OK
< Server: Apache-Coyote/1.1
< X-Abiquo-Token: 1169dbbca2c1123455ab6b5a06b2b38756fb
< Content-Type: application/vnd.abiquo.datacenters+xml
< Content-Length: 420
< Date: Fri, 02 Jul 2010 09:50:52 GMT
<
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<datacenters>
    <datacenter>
        <link href="http://example.com/api/admin/datacenters/1" rel="edit"/>
        <link href="http://example.com/api/admin/datacenters/1/racks" rel="racks"/>
        <link href="http://example.com/api/admin/datacenters/1/remoteServices" rel="remoteServices"/>
        <id>1</id>
        <location>Redwood city</location>
        <name>myDatacenter</name>
    </datacenter>
</datacenters>

...

Request a resource providing valid credentials but with insufficient privileges

Request Headersheaders: Accept, Content-Type, Authentication.
Request Parametersparameters: N/A.
Request Message Bodymessage body: N/A.
Request example: Retrieve all the datacenters


Code Block
titleGET Datacenters Requestdatacenters request
% curl --verbose 'http://example.com/api/admin/datacenters/' \
        -X GET \
        -H "Accept: application/vnd.abiquo.datacenters+xml" \
        -H "Authorization: Basic ZXhhbXBsZTpleGFtcGxl"

> GET /api/admin/datacenters HTTP/1.1
> User-Agent: curl/7.19.5 (x86_64-pc-linux-gnu) libcurl/7.19.5 OpenSSL/0.9.8g zlib/1.2.3.3 libidn/1.15
> Host: example.com
> Authorization: Basic ZXhhbXBsZTpleGFtcGxl
> Accept: application/vnd.abiquo.datacenters+xml

...

Response Headers: Content-Length, Content-Type, Date, X-Abiquo-Token.
Response Message Body: N/A.
Response Status: 200, 401, 403.
Example Response: Response of the authenticated GET over a Datacenters resource

...