This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
manuals:vps:api [2019/05/17 14:03] – Aither | manuals:vps:api [2024/01/02 20:52] – Scopes aither | ||
---|---|---|---|
Line 8: | Line 8: | ||
===== API Documentation ===== | ===== API Documentation ===== | ||
The API documentation, | The API documentation, | ||
- | parameters can be found at https:// | + | parameters can be found at https:// |
Even without logging in, you can see a list of all objects, i.e. even those that only | Even without logging in, you can see a list of all objects, i.e. even those that only | ||
Line 26: | Line 26: | ||
* JavaScript - https:// | * JavaScript - https:// | ||
* Go - https:// | * Go - https:// | ||
- | * The HaveAPI web interface - https:// | + | * The HaveAPI web interface - https:// |
- | * A file system based on FUSE - https:// | + | * A file system based on FUSE - https:// |
Usage examples can always be found in the '' | Usage examples can always be found in the '' | ||
Line 38: | Line 38: | ||
===== Authentication===== | ===== Authentication===== | ||
- | There are two authentication methods | + | There are two authentication methods: |
- | basic. The name and password must be sent along with every API request. This is a good | + | |
- | choice for one-off actions. However, if you need to call the API several times or | + | |
- | automatically, | + | |
- | Another method is authentication using tokens. The way this method works is that | + | * [[# |
- | the client first requests a token to be created, one for which the client needs | + | * [[#tokens|Using tokens]] |
- | the name, password | + | |
- | the name and password | + | Example usage in different programming languages can be found in [[https:// |
- | for further | + | |
+ | ==== HTTP Basic ==== | ||
+ | The name and password must be sent along with every API request in HTTP header // | ||
+ | This is a good choice for one-off actions. However, if you need to call the API repeatedly or | ||
+ | automatically, | ||
+ | HTTP Basic cannot be used if two-factor authentication is enabled on your account. | ||
+ | |||
+ | ==== Tokens ==== | ||
+ | The client first requests a token using your credentials | ||
+ | As soon as the client receives the token, the credentials | ||
+ | is used for authentication. | ||
There can be several types of tokens with different lifetimes: | There can be several types of tokens with different lifetimes: | ||
- | * fixed - token validity is fixed | + | * //fixed// - token validity is fixed |
- | * renewable_manual - token validity can be manually extended | + | * //renewable_manual// - token validity can be manually extended |
- | * renewable_auto - token validity is extended after every request | + | * //renewable_auto// - token validity is extended after every request |
- | * permament - the token is valid permanently, | + | * //permament// - the token is valid permanently, |
The type of token and time period by which its validity is extended is chosen | The type of token and time period by which its validity is extended is chosen | ||
by the client. | by the client. | ||
+ | |||
+ | ===== Scopes ===== | ||
+ | Authentication tokens can be restricted to selected actions. Each action has its own scope, | ||
+ | you can find the available scopes in the documentation. You can configure scopes when you're | ||
+ | requesting a new authentication token. | ||
+ | |||
+ | Example scopes: | ||
+ | |||
+ | * '' | ||
+ | * an empty scope will allow access only to '' | ||
+ | * '' | ||
+ | * '' | ||
+ | * '' | ||
+ | * '' | ||
+ | * '' | ||
+ | |||
+ | Scopes can contain globs for resource and action names. Action name is separated from resource name by a hash (''#'' | ||
===== CLI ===== | ===== CLI ===== | ||
Line 288: | Line 312: | ||
--user USER User name | --user USER User name | ||
--password PASSWORD | --password PASSWORD | ||
+ | --scope [SCOPE] | ||
--token TOKEN Token | --token TOKEN Token | ||
--token-lifetime LIFETIME | --token-lifetime LIFETIME | ||
Line 332: | Line 357: | ||
access to '' | access to '' | ||
</ | </ | ||
+ | |||
+ | Specify a scope: | ||
+ | |||
+ | < | ||
+ | $ vpsfreectl --auth token --scope ' | ||
+ | </ | ||
+ | |||
+ | The command above will ask for an authentication token that will only be allowed to call actions on the vps resource and only on VPS with ID 123. | ||
==== Actions and Parameters ==== | ==== Actions and Parameters ==== |