Identity API v3¶
For details on how to use identity, see Using OpenStack Identity
The Identity v3 Class¶
The identity high-level interface is available through the identity
member of a Connection
object. The
identity
member will only be added if the service is detected.
Credential Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- create_credential(**attrs)
Create a new credential from attributes
- Parameters:
attrs (dict) – Keyword arguments which will be used to create a
Credential
, comprised of the properties on the Credential class.- Returns:
The results of credential creation
- Return type:
- delete_credential(credential, ignore_missing=True)
Delete a credential
- Parameters:
credential – The value can be either the ID of a credential or a
Credential
instance.ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the credential does not exist. When set toTrue
, no exception will be set when attempting to delete a nonexistent credential.
- Returns:
None
- find_credential(name_or_id, ignore_missing=True)
Find a single credential
- Parameters:
name_or_id – The name or ID of a credential.
ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the resource does not exist. When set toTrue
, None will be returned when attempting to find a nonexistent resource.
- Returns:
One
Credential
or None
- get_credential(credential)
Get a single credential
- Parameters:
credential – The value can be the ID of a credential or a
Credential
instance.- Returns:
One
Credential
- Raises:
NotFoundException
when no resource can be found.
- credentials(**query)
Retrieve a generator of credentials
- Parameters:
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
- Returns:
A generator of credentials instances.
- Return type:
- update_credential(credential, **attrs)
Update a credential
- Parameters:
credential – Either the ID of a credential or a
Credential
instance.attrs – The attributes to update on the credential represented by
credential
.
- Returns:
The updated credential
- Return type:
Domain Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- create_domain(**attrs)
Create a new domain from attributes
- delete_domain(domain, ignore_missing=True)
Delete a domain
- Parameters:
domain – The value can be either the ID of a domain or a
Domain
instance.ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the domain does not exist. When set toTrue
, no exception will be set when attempting to delete a nonexistent domain.
- Returns:
None
- find_domain(name_or_id, ignore_missing=True)
Find a single domain
- Parameters:
name_or_id – The name or ID of a domain.
ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the resource does not exist. When set toTrue
, None will be returned when attempting to find a nonexistent resource.
- Returns:
One
Domain
or None
- get_domain(domain)
Get a single domain
- Parameters:
domain – The value can be the ID of a domain or a
Domain
instance.- Returns:
One
Domain
- Raises:
NotFoundException
when no resource can be found.
- domains(**query)
Retrieve a generator of domains
- Parameters:
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
- Returns:
A generator of domain instances.
- Return type:
Domain Config Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- create_domain_config(domain, **attrs)
Create a new config for a domain from attributes.
- Parameters:
domain – The value can be the ID of a domain or a
Domain
instance.attrs (dict) – Keyword arguments which will be used to create a
DomainConfig
comprised of the properties on the DomainConfig class.
- Returns:
The results of domain config creation
- Return type:
- delete_domain_config(domain, ignore_missing=True)
Delete a config for a domain
- Parameters:
domain – The value can be the ID of a domain or a a
Domain
instance.ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the identity provider does not exist. When set toTrue
, no exception will be set when attempting to delete a nonexistent config for a domain.
- Returns:
None
- get_domain_config(domain)
Get a single config for a domain
- Parameters:
domain_id – The value can be the ID of a domain or a
Domain
instance.- Returns:
One
DomainConfig
- Raises:
NotFoundException
when no resource can be found.
- update_domain_config(domain, **attrs)
Update a config for a domain
- Parameters:
domain_id – The value can be the ID of a domain or a
Domain
instance.attrs – The attributes to update on the config for a domain represented by
domain_id
.
- Returns:
The updated config for a domain
- Return type:
Endpoint Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- create_endpoint(**attrs)
Create a new endpoint from attributes
- delete_endpoint(endpoint, ignore_missing=True)
Delete an endpoint
- Parameters:
endpoint – The value can be either the ID of an endpoint or a
Endpoint
instance.ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the endpoint does not exist. When set toTrue
, no exception will be set when attempting to delete a nonexistent endpoint.
- Returns:
None
- find_endpoint(name_or_id, ignore_missing=True)
Find a single endpoint
- Parameters:
name_or_id – The name or ID of a endpoint.
ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the resource does not exist. When set toTrue
, None will be returned when attempting to find a nonexistent resource.
- Returns:
One
Endpoint
or None
- get_endpoint(endpoint)
Get a single endpoint
- Parameters:
endpoint – The value can be the ID of an endpoint or a
Endpoint
instance.- Returns:
One
Endpoint
- Raises:
NotFoundException
when no resource can be found.
- endpoints(**query)
Retrieve a generator of endpoints
- Parameters:
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
- Returns:
A generator of endpoint instances.
- Return type:
Group Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- create_group(**attrs)
Create a new group from attributes
- delete_group(group, ignore_missing=True)
Delete a group
- Parameters:
group – The value can be either the ID of a group or a
Group
instance.ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the group does not exist. When set toTrue
, no exception will be set when attempting to delete a nonexistent group.
- Returns:
None
- find_group(name_or_id, ignore_missing=True, **query)
Find a single group
- Parameters:
name_or_id – The name or ID of a group.
ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the resource does not exist. When set toTrue
, None will be returned when attempting to find a nonexistent resource.
- Returns:
One
Group
or None
- get_group(group)
Get a single group
- Parameters:
group – The value can be the ID of a group or a
Group
instance.- Returns:
One
Group
- Raises:
NotFoundException
when no resource can be found.
- groups(**query)
Retrieve a generator of groups
- Parameters:
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
- Returns:
A generator of group instances.
- Return type:
- update_group(group, **attrs)
Update a group
- add_user_to_group(user, group)
Add user to group
- remove_user_from_group(user, group)
Remove user to group
- check_user_in_group(user, group)
Check whether user belongsto group
Policy Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- create_policy(**attrs)
Create a new policy from attributes
- delete_policy(policy, ignore_missing=True)
Delete a policy
- Parameters:
policy – The value can be either the ID of a policy or a
Policy
instance.ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the policy does not exist. When set toTrue
, no exception will be set when attempting to delete a nonexistent policy.
- Returns:
None
- find_policy(name_or_id, ignore_missing=True)
Find a single policy
- Parameters:
name_or_id – The name or ID of a policy.
ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the resource does not exist. When set toTrue
, None will be returned when attempting to find a nonexistent resource.
- Returns:
One
Policy
or None
- get_policy(policy)
Get a single policy
- Parameters:
policy – The value can be the ID of a policy or a
Policy
instance.- Returns:
One
Policy
- Raises:
NotFoundException
when no resource can be found.
- policies(**query)
Retrieve a generator of policies
- Parameters:
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
- Returns:
A generator of policy instances.
- Return type:
Project Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- create_project(**attrs)
Create a new project from attributes
- delete_project(project, ignore_missing=True)
Delete a project
- Parameters:
project – The value can be either the ID of a project or a
Project
instance.ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the project does not exist. When set toTrue
, no exception will be set when attempting to delete a nonexistent project.
- Returns:
None
- find_project(name_or_id, ignore_missing=True, **query)
Find a single project
- Parameters:
name_or_id – The name or ID of a project.
ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the resource does not exist. When set toTrue
, None will be returned when attempting to find a nonexistent resource.
- Returns:
One
Project
or None
- get_project(project)
Get a single project
- Parameters:
project – The value can be the ID of a project or a
Project
instance.- Returns:
One
Project
- Raises:
NotFoundException
when no resource can be found.
- projects(**query)
Retrieve a generator of projects
- Parameters:
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
- Returns:
A generator of project instances.
- Return type:
- user_projects(user, **query)
- Retrieve a generator of projects to which the user has authorization
to access.
- Parameters:
user – Either the user id or an instance of
User
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
- Returns:
A generator of project instances.
- Return type:
UserProject
Service Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- create_service(**attrs)
Create a new service from attributes
- delete_service(service, ignore_missing=True)
Delete a service
- Parameters:
service – The value can be either the ID of a service or a
Service
instance.ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the service does not exist. When set toTrue
, no exception will be set when attempting to delete a nonexistent service.
- Returns:
None
- find_service(name_or_id, ignore_missing=True)
Find a single service
- Parameters:
name_or_id – The name or ID of a service.
ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the resource does not exist. When set toTrue
, None will be returned when attempting to find a nonexistent resource.
- Returns:
One
Service
or None
- get_service(service)
Get a single service
- Parameters:
service – The value can be the ID of a service or a
Service
instance.- Returns:
One
Service
- Raises:
NotFoundException
when no resource can be found.
- services(**query)
Retrieve a generator of services
- Parameters:
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
- Returns:
A generator of service instances.
- Return type:
User Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- create_user(**attrs)
Create a new user from attributes
- delete_user(user, ignore_missing=True)
Delete a user
- Parameters:
user – The value can be either the ID of a user or a
User
instance.ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the user does not exist. When set toTrue
, no exception will be set when attempting to delete a nonexistent user.
- Returns:
None
- find_user(name_or_id, ignore_missing=True, **query)
Find a single user
- Parameters:
name_or_id – The name or ID of a user.
ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the resource does not exist. When set toTrue
, None will be returned when attempting to find a nonexistent resource.
- Returns:
One
User
or None
- get_user(user)
Get a single user
- Parameters:
user – The value can be the ID of a user or a
User
instance.- Returns:
One
User
- Raises:
NotFoundException
when no resource can be found.
- users(**query)
Retrieve a generator of users
- Parameters:
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
- Returns:
A generator of user instances.
- Return type:
Trust Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- create_trust(**attrs)
Create a new trust from attributes
- delete_trust(trust, ignore_missing=True)
Delete a trust
- Parameters:
trust – The value can be either the ID of a trust or a
Trust
instance.ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the credential does not exist. When set toTrue
, no exception will be set when attempting to delete a nonexistent credential.
- Returns:
None
- find_trust(name_or_id, ignore_missing=True)
Find a single trust
- Parameters:
name_or_id – The name or ID of a trust.
ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the resource does not exist. When set toTrue
, None will be returned when attempting to find a nonexistent resource.
- Returns:
One
Trust
or None
- get_trust(trust)
Get a single trust
- Parameters:
trust – The value can be the ID of a trust or a
Trust
instance.- Returns:
One
Trust
- Raises:
NotFoundException
when no resource can be found.
- trusts(**query)
Retrieve a generator of trusts
- Parameters:
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
- Returns:
A generator of trust instances.
- Return type:
Region Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- create_region(**attrs)
Create a new region from attributes
- delete_region(region, ignore_missing=True)
Delete a region
- Parameters:
region – The value can be either the ID of a region or a
Region
instance.ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the region does not exist. When set toTrue
, no exception will be thrown when attempting to delete a nonexistent region.
- Returns:
None
- find_region(name_or_id, ignore_missing=True)
Find a single region
- Parameters:
name_or_id – The name or ID of a region.
ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the region does not exist. When set toTrue
, None will be returned when attempting to find a nonexistent region.
- Returns:
One
Region
or None
- get_region(region)
Get a single region
- Parameters:
region – The value can be the ID of a region or a
Region
instance.- Returns:
One
Region
- Raises:
NotFoundException
when no matching region can be found.
- regions(**query)
Retrieve a generator of regions
- Parameters:
query (kwargs) – Optional query parameters to be sent to limit the regions being returned.
- Returns:
A generator of region instances.
- Return type:
Role Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- create_role(**attrs)
Create a new role from attributes
- delete_role(role, ignore_missing=True)
Delete a role
- Parameters:
role – The value can be either the ID of a role or a
Role
instance.ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the role does not exist. When set toTrue
, no exception will be thrown when attempting to delete a nonexistent role.
- Returns:
None
- find_role(name_or_id, ignore_missing=True, **query)
Find a single role
- Parameters:
name_or_id – The name or ID of a role.
ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the role does not exist. When set toTrue
, None will be returned when attempting to find a nonexistent role.
- Returns:
One
Role
or None
- get_role(role)
Get a single role
- Parameters:
role – The value can be the ID of a role or a
Role
instance.- Returns:
One
Role
- Raises:
NotFoundException
when no matching role can be found.
- roles(**query)
Retrieve a generator of roles
- Parameters:
query (kwargs) – Optional query parameters to be sent to limit the resources being returned. The options are: domain_id, name.
- Returns:
A generator of role instances.
- Return type:
Role Assignment Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- role_assignments_filter(domain=None, project=None, system=None, group=None, user=None)
Retrieve a generator of roles assigned to user/group
- Parameters:
- Returns:
A generator of role instances.
- Return type:
- role_assignments(**query)
Retrieve a generator of role assignments
- Parameters:
query (kwargs) – Optional query parameters to be sent to limit the resources being returned. The options are: group_id, role_id, scope_domain_id, scope_project_id, inherited_to, user_id, include_names, include_subtree.
- Returns:
- assign_domain_role_to_user(domain, user, role, *, inherited=False)
Assign role to user on a domain
- unassign_domain_role_from_user(domain, user, role, *, inherited=False)
Unassign role from user on a domain
- validate_user_has_domain_role(domain, user, role, *, inherited=False)
Validates that a user has a role on a domain
- assign_domain_role_to_group(domain, group, role, *, inherited=False)
Assign role to group on a domain
- unassign_domain_role_from_group(domain, group, role, *, inherited=False)
Unassign role from group on a domain
- validate_group_has_domain_role(domain, group, role, *, inherited=False)
Validates that a group has a role on a domain
- assign_project_role_to_user(project, user, role, *, inherited=False)
Assign role to user on a project
- unassign_project_role_from_user(project, user, role, *, inherited=False)
Unassign role from user on a project
- validate_user_has_project_role(project, user, role, *, inherited=False)
Validates that a user has a role on a project
- assign_project_role_to_group(project, group, role, *, inherited=False)
Assign role to group on a project
- unassign_project_role_from_group(project, group, role, *, inherited=False)
Unassign role from group on a project
- validate_group_has_project_role(project, group, role, *, inherited=False)
Validates that a group has a role on a project
- assign_system_role_to_user(user, role, system)
Assign a role to user on a system
- unassign_system_role_from_user(user, role, system)
Unassign a role from user on a system
- validate_user_has_system_role(user, role, system)
Validates that a user has a role on a system
- assign_system_role_to_group(group, role, system)
Assign a role to group on a system
- unassign_system_role_from_group(group, role, system)
Unassign a role from group on a system
Registered Limit Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- registered_limits(**query)
Retrieve a generator of registered_limits
- Parameters:
query (kwargs) – Optional query parameters to be sent to limit the registered_limits being returned.
- Returns:
A generator of registered_limits instances.
- Return type:
- get_registered_limit(registered_limit)
Get a single registered_limit
- Parameters:
registered_limit – The value can be the ID of a registered_limit or a
RegisteredLimit
instance.- Returns:
One
RegisteredLimit
- Raises:
NotFoundException
when no resource can be found.
- create_registered_limit(**attrs)
Create a new registered_limit from attributes
- Parameters:
attrs (dict) – Keyword arguments which will be used to create a
RegisteredLimit
, comprised of the properties on the RegisteredLimit class.- Returns:
The results of registered_limit creation.
- Return type:
- update_registered_limit(registered_limit, **attrs)
Update a registered_limit
- Parameters:
registered_limit – Either the ID of a registered_limit. or a
RegisteredLimit
instance.kwargs (dict) – The attributes to update on the registered_limit represented by
value
.
- Returns:
The updated registered_limit.
- Return type:
- delete_registered_limit(registered_limit, ignore_missing=True)
Delete a registered_limit
- Parameters:
registered_limit – The value can be either the ID of a registered_limit or a
RegisteredLimit
instance.ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the registered_limit does not exist. When set toTrue
, no exception will be thrown when attempting to delete a nonexistent registered_limit.
- Returns:
None
Limit Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- limits(**query)
Retrieve a generator of limits
- Parameters:
query (kwargs) – Optional query parameters to be sent to limit the limits being returned.
- Returns:
A generator of limits instances.
- Return type:
- get_limit(limit)
Get a single limit
- Parameters:
limit – The value can be the ID of a limit or a
Limit
instance.- Returns:
One
Limit
- Raises:
NotFoundException
when no resource can be found.
- create_limit(**attrs)
Create a new limit from attributes
- update_limit(limit, **attrs)
Update a limit
- delete_limit(limit, ignore_missing=True)
Delete a limit
- Parameters:
limit – The value can be either the ID of a limit or a
Limit
instance.ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the limit does not exist. When set toTrue
, no exception will be thrown when attempting to delete a nonexistent limit.
- Returns:
None
Application Credential Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- application_credentials(user, **query)
Retrieve a generator of application credentials
- Parameters:
user – Either the ID of a user or a
User
instance.query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
- Returns:
A generator of application credentials instances.
- Return type:
- get_application_credential(user, application_credential)
Get a single application credential
- Parameters:
user – Either the ID of a user or a
User
instance.application_credential – The value can be the ID of a application credential or a
ApplicationCredential
instance.
- Returns:
- Raises:
NotFoundException
when no resource can be found.
- create_application_credential(user, name, **attrs)
Create a new application credential from attributes
- Parameters:
user – Either the ID of a user or a
User
instance.name – The name of the application credential which is unique to the user.
attrs (dict) – Keyword arguments which will be used to create a
ApplicationCredential
, comprised of the properties on the ApplicationCredential class.
- Returns:
The results of application credential creation.
- Return type:
- find_application_credential(user, name_or_id, ignore_missing=True, **query)
Find a single application credential
- Parameters:
user – Either the ID of a user or a
User
instance.name_or_id – The name or ID of an application credential.
ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the resource does not exist. When set toTrue
, None will be returned when attempting to find a nonexistent resource.
- Returns:
One
ApplicationCredential
or None
- delete_application_credential(user, application_credential, ignore_missing=True)
Delete an application credential
- Parameters:
user – Either the ID of a user or a
User
instance.credential (application) – The value can be either the ID of an application credential or a
ApplicationCredential
instance.ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the application credential does not exist. When set toTrue
, no exception will be thrown when attempting to delete a nonexistent application credential.
- Returns:
None
Federation Protocol Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- create_federation_protocol(idp_id, **attrs)
Create a new federation protocol from attributes
- Parameters:
idp_id – The ID of the identity provider or a
IdentityProvider
representing the identity provider the protocol is to be attached to.attrs (dict) – Keyword arguments which will be used to create a
FederationProtocol
, comprised of the properties on the FederationProtocol class.
- Returns:
The results of federation protocol creation
- Return type:
- delete_federation_protocol(idp_id, protocol, ignore_missing=True)
Delete a federation protocol
- Parameters:
idp_id – The ID of the identity provider or a
IdentityProvider
representing the identity provider the protocol is attached to. Can be None if protocol is aFederationProtocol
instance.protocol – The ID of a federation protocol or a
FederationProtocol
instance.ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the federation protocol does not exist. When set toTrue
, no exception will be set when attempting to delete a nonexistent federation protocol.
- Returns:
None
- find_federation_protocol(idp_id, protocol, ignore_missing=True)
Find a single federation protocol
- Parameters:
idp_id – The ID of the identity provider or a
IdentityProvider
representing the identity provider the protocol is attached to.protocol – The name or ID of a federation protocol.
ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the resource does not exist. When set toTrue
, None will be returned when attempting to find a nonexistent resource.
- Returns:
One federation protocol or None
- Return type:
- get_federation_protocol(idp_id, protocol)
Get a single federation protocol
- Parameters:
idp_id – The ID of the identity provider or a
IdentityProvider
representing the identity provider the protocol is attached to. Can be None if protocol is aFederationProtocol
protocol – The value can be the ID of a federation protocol or a
FederationProtocol
instance.
- Returns:
One federation protocol
- Return type:
- Raises:
NotFoundException
when no resource can be found.
- federation_protocols(idp_id, **query)
Retrieve a generator of federation protocols
- Parameters:
idp_id – The ID of the identity provider or a
IdentityProvider
representing the identity provider the protocol is attached to.query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
- Returns:
A generator of federation protocol instances.
- Return type:
- update_federation_protocol(idp_id, protocol, **attrs)
Update a federation protocol
- Parameters:
idp_id – The ID of the identity provider or a
IdentityProvider
representing the identity provider the protocol is attached to. Can be None if protocol is aFederationProtocol
protocol – Either the ID of a federation protocol or a
FederationProtocol
instance.attrs – The attributes to update on the federation protocol represented by
protocol
.
- Returns:
The updated federation protocol
- Return type:
Mapping Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- create_mapping(**attrs)
Create a new mapping from attributes
- delete_mapping(mapping, ignore_missing=True)
Delete a mapping
- Parameters:
mapping – The ID of a mapping or a
Mapping
instance.ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the mapping does not exist. When set toTrue
, no exception will be set when attempting to delete a nonexistent mapping.
- Returns:
None
- find_mapping(name_or_id, ignore_missing=True)
Find a single mapping
- Parameters:
name_or_id – The name or ID of a mapping.
ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the resource does not exist. When set toTrue
, None will be returned when attempting to find a nonexistent resource.
- Returns:
One
Mapping
or None
- get_mapping(mapping)
Get a single mapping
- Parameters:
mapping – The value can be the ID of a mapping or a
Mapping
instance.- Returns:
One
Mapping
- Raises:
NotFoundException
when no resource can be found.
- mappings(**query)
Retrieve a generator of mappings
- Parameters:
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
- Returns:
A generator of mapping instances.
- Return type:
Identity Provider Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- create_identity_provider(**attrs)
Create a new identity provider from attributes
- Parameters:
attrs (dict) – Keyword arguments which will be used to create a
IdentityProvider
comprised of the properties on the IdentityProvider class.- Returns:
The results of identity provider creation
- Return type:
- delete_identity_provider(identity_provider, ignore_missing=True)
Delete an identity provider
- Parameters:
mapping – The ID of an identity provoder or a
IdentityProvider
instance.ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the identity provider does not exist. When set toTrue
, no exception will be set when attempting to delete a nonexistent identity provider.
- Returns:
None
- find_identity_provider(name_or_id, ignore_missing=True)
Find a single identity provider
- Parameters:
name_or_id – The name or ID of an identity provider
ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the resource does not exist. When set toTrue
, None will be returned when attempting to find a nonexistent resource.
- Returns:
The details of an identity provider or None.
- Return type:
- get_identity_provider(identity_provider)
Get a single mapping
- Parameters:
mapping – The value can be the ID of an identity provider or a
IdentityProvider
instance.- Returns:
The details of an identity provider.
- Return type:
- Raises:
NotFoundException
when no resource can be found.
- identity_providers(**query)
Retrieve a generator of identity providers
- Parameters:
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
- Returns:
A generator of identity provider instances.
- Return type:
- update_identity_provider(identity_provider, **attrs)
Update a mapping
- Parameters:
mapping – Either the ID of an identity provider or a
IdentityProvider
instance.attrs – The attributes to update on the identity_provider represented by
identity_provider
.
- Returns:
The updated identity provider.
- Return type:
Access Rule Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- access_rules(user, **query)
Retrieve a generator of access rules
- Parameters:
user – Either the ID of a user or a
User
instance.query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
- Returns:
A generator of access rules instances.
- Return type:
AccessRule
- access_rules(user, **query)
Retrieve a generator of access rules
- Parameters:
user – Either the ID of a user or a
User
instance.query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
- Returns:
A generator of access rules instances.
- Return type:
AccessRule
- delete_access_rule(user, access_rule, ignore_missing=True)
Delete an access rule
- Parameters:
user – Either the ID of a user or a
User
instance.rule (access) – The value can be either the ID of an access rule or a
AccessRule
instance.ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the access rule does not exist. When set toTrue
, no exception will be thrown when attempting to delete a nonexistent access rule.
- Returns:
None
Service Provider Operations¶
- class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)
- create_service_provider(**attrs)
Create a new service provider from attributes
- Parameters:
attrs (dict) – Keyword arguments which will be used to create a
ServiceProvider
, comprised of the properties on the ServiceProvider class.- Returns:
The results of service provider creation
- Return type:
ServiceProvider
- delete_service_provider(service_provider, ignore_missing=True)
Delete a service provider
- Parameters:
service_provider – The ID of a service provider or a
ServiceProvider
instance.ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the service provider does not exist. When set toTrue
, no exception will be set when attempting to delete a nonexistent service provider.
- Returns:
None
- find_service_provider(name_or_id, ignore_missing=True)
Find a single service provider
- Parameters:
name_or_id – The name or ID of a service provider
ignore_missing (bool) – When set to
False
NotFoundException
will be raised when the resource does not exist. When set toTrue
, None will be returned when attempting to find a nonexistent resource.
- Returns:
The details of an service provider or None.
- Return type:
ServiceProvider
- get_service_provider(service_provider)
Get a single service provider
- Parameters:
service_provider – The value can be the ID of a service provider or a
ServiceProvider
instance.- Returns:
The details of an service provider.
- Return type:
ServiceProvider
- Raises:
NotFoundException
when no resource can be found.
- service_providers(**query)
Retrieve a generator of service providers
- Parameters:
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
- Returns:
A generator of service provider instances.
- Return type:
ServiceProvider
- update_service_provider(service_provider, **attrs)
Update a service provider
- Parameters:
service_provider – Either the ID of an service provider or a
ServiceProvider
instance.attrs – The attributes to update on the service provider represented by
service_provider
.
- Returns:
The updated service provider.
- Return type:
ServiceProvider