Authentication¶
- POST /login¶
Start an OpsCenter session. A example using cURL is provided.
Returns a json object with a token for the session. This token can be passed as an opscenter-session header to authenticate future requests in the session. A cookie for the same purpose will also be set for clients that support them.
Example:
curl -X POST -d '{"username":"admin","password":"test"}' 'http://localhost:8888/login'
Output:
{"sessionid": "d6c5e198b9b5ffeab9fd8dea6fb012aa"}
Example with SSL:
curl -X POST -d '{"username":"admin","password":"admin"}' \ -k --cert /var/lib/opscenter/ssl/opscenter.pem \ --key /var/lib/opscenter/ssl/opscenter.key 'https://localhost:8443/login'
Output:
{"sessionid": "d6c5e198b9b5ffeab9fd8dea6fb012aa"}
- GET /logout¶
End an OpsCenter session. A example using cURL is provided.
Example:
curl -X GET -H 'opscenter-session: 1948fa886a91a1905a29192cf209114d' 'http://localhost:8888/logout'
Output:
{}
User Administration Methods¶
- GET /permissions/user¶
Get a map of permissions for the currently authenticated user.
Returns a json object with a mapping of permissions for every cluster.
Example:
Note: The value for opscenter-session comes from the /login method.
curl -H 'opscenter-session: 12345ABC' http://127.0.0.1:8888/permissions/user
Output:
{"Test_Cluster": {"View Cluster": true}}
- GET /permissions/roles¶
Get a list of all roles in opscenter (requires permissions).
Example:
Note: The value for opscenter-session comes from the /login method.
curl -H 'opscenter-session: 12345ABC' http://127.0.0.1:8888/permissions/roles
Output:
{"roles": ["user"]}
- GET /permissions/roles/{role_id}¶
Get all permissions for a specific role.
Example:
Note: The value for opscenter-session comes from the /login method.
curl -H 'opscenter-session: 12345ABC' http://127.0.0.1:8888/permissions/roles/test_role
Output:
{"Test_Cluster": {"View Cluster": true}
- PUT /permissions/roles/{role_id}¶
Update all permissions for a specific role.
No output.
Example:
Note: The value for opscenter-session comes from the /login method.
curl -H 'Accept: application/json' -H 'opscenter-session: 12345ABC' \ -X PUT -d '{"Test_Cluster": {"View Cluster": true}}' http://127.0.0.1:8888/permissions/roles/test_role
- POST /permissions/roles/{role_id}¶
Create permissions for a specific role.
No output.
Example:
Note: The value for opscenter-session comes from the /login method.
curl -H 'opscenter-session: 12345ABC' -H 'Accept: application/json' \ -X POST -d '{"Test_Cluster": {"View Cluster": true}}' http://127.0.0.1:8888/permissions/roles/test_role
- DELETE /permissions/roles/{role_id}¶
Delete all permissions for a specific role.
No output.
Example:
Note: The value for opscenter-session comes from the /login method.
curl -H 'opscenter-session: 12345ABC' \ -X DELETE http://127.0.0.1:8888/permissions/roles/test_role
- GET /users¶
Get the list of all users.
Example:
Note: The value for opscenter-session comes from the /login method. Also in addition to the
roles
property, therole
property will be present in the response if the given user has 0 or 1 roles for backwards compatibility. Therole
property will be removed in future versions of OpsCenter.curl -H 'opscenter-session: 12345ABC' http://127.0.0.1:8888/users
Output:
[ { "roles": ["power_user"], "username": "testuser" } ]
- GET /users/{username}¶
Gets the role of a user.
Returns username/role.
Example:
Note: The value for opscenter-session comes from the /login method.
curl -H 'opscenter-session: 12345ABC' http://127.0.0.1:8888/users/testuser
Output:
{"username": "testuser", "role": "power_user", "roles": ["power_user"]}
- POST /users/{username}¶
Creates a new user, accepts a json map with password and role.
No Output.
Example:
Note: The value for opscenter-session comes from the /login method.
curl -H 'opscenter-session: 12345ABC' \ -H 'Accept: application/json' \ -d '{"password": "test", "role": "test_role"}' \ -X POST http://127.0.0.1:8888/users/testuser
- PUT /users/{username}¶
Updates an existing user, accepts a json map with a password, a role, or both.
Users can update their own password - they must supply the additional “old_password” param which must match their current password. Users can update their own role only if they are an admin user.
No Output.
Example:
Note: The value for opscenter-session comes from the /login method.
curl -H 'opscenter-session: 12345ABC' \ -H 'Accept: application/json' \ -d '{"password": "test", "old_password": "changeme" }' \ -X PUT http://127.0.0.1:8888/users/testuser
curl -H 'opscenter-session: 12345ABC' \ -H 'Accept: application/json' \ -d '{"password": "test", "role": "test_role"}' \ -X PUT http://127.0.0.1:8888/users/otheruser
- DELETE /users/{username}
Deletes an existing user
No Output.
Example:
Note: The value for opscenter-session comes from the /login method.
curl -X DELETE -H 'opscenter-session: 12345ABC' http://127.0.0.1:8888/users/testuser