Knowledge Base


« OpenStack

Authenticating with the OpenStack API

Authentication Alternatives
 
Algemene HTTP + basic authentication (Object Store only):

Url   https://<$project_id>.objectstore.eu/
Gebruikersnaam   <$username>
Wachtwoord <$password>

Openstack token-based authentication:

Auth url: https://identity.stack.cloudvps.com/v2.0
Project id: <your project id>
Tenant id: <your project id>
Username: <your username>
Password: <your password>

Rackspace CloudFiles (Object Store only):

Authenticatie host  <$project_id>.objectstore.eu>
Gebruikersnaam  <$username>
Wachtwoord <$password>

Amazon S3 (Object Store only):

Hostname  <$project_id>.objectstore.eu
Access key  <$ec2.access>
Secret Key  <$ec2.secret>

See our docmentation on more information on creating Amazon S3 access tokens.

Authentication methods described
 
HTTP basic access authentication (Object Store only)

HTTP basic access authentication is the simplest form of authentication, making it the most reliable option available. CloudVPS recommends using this method to access our object store. HTTP basic access authentication is supported by virtually every HTTP client and library.

You can send your basic authenticated swift requests to the following urls:
- https://<project_id>.objectstore.eu/
- https://<project_id>.internal.objecstore.eu/ (internal access only)

When using authentication in requests, it is recommended you use HTTPS to protect your credentials. Read more about HTTP basic access authentication.

Openstack token-based authentication

To authenticate access to OpenStack services, you must first issue an authentication request to the OpenStack Identity Service to acquire an authentication token. To request an authentication token, you must send a authentication request with the following contents to the Identity Service at http://identity.stack.cloudvps.com/v2.0/tokens:

{
"auth":{
"passwordCredentials":{
"username": "yourusername",
"password": "verySecretPassw0rd"},
"tenantId": "abcdef0123456789abcdef0123456789"
}
}

The token server will respond with a json document with the following contents:
(some data is not shown, for brevity)

{
    "access":{
        "token":{
            "expires":"2012-02-05T00:00:00",
            "id":"aaabbbcccddd1039182938192"
        },
        "serviceCatalog":[{
            "endpoints":[{
                "region":"RegionOne",
                "internalURL":"http://00112233.objectstore.eu/",
                "publicURL":"http://00112233.objectstore.eu/",
            }
],
            "type":"object-store",
            "name":"swift"
        }]
    }
}

After you authenticate through the Identity Service, you can use the other OpenStack endpoint URLs to create and manage resources in your OpenStack cloud.

When you send API requests, you include the token in the X-Auth-Token header. If you access multiple OpenStack services, you must get a token for each service. A token is typically valid for24 hours before it expires. The exact expiration date is provided in the response from the Identity service. We recommend you cache the token, and reuse it until its expiry.

The base URL to use can be found in the ServiceCatalog. For the object-store, you'll want to use the entry named "swift" with type "object-store". Use internalURL if you want to access the object store from within our infrastructure, use publicURL if you want to access the object store from elsewhere.

Further details can be read in the Keystone Documentation

AWS authentication (Object Store only)

AWS authentication is provided as part of our S3 emulation. The details of its working can be found at the official documentation site.

The hostname for our S3 emulation is <projectid>.objectstore.eu

Cloudfiles authentication (Object Store only)

Cloudfiles authentication method is provided as a compatibility measure. The authentication url for cloudfiles authentication is "https://cloudfiles.objectstore.eu".

For your username use <projectid>:<username>, use your password as-is.

VPS Bestellen
VPS Bestellen