Knowledge base

Information about vpsFree.org, manuals and FAQs.

User Tools

Site Tools

You are here: Knowledge Base of vpsFree.org » manuals » vps » API
Trace:
manuals:vps:api

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Last revisionBoth sides next revision
manuals:vps:api [2024/01/02 20:44] – Update auth methods aithermanuals:vps:api [2024/01/02 20:52] – Scopes aither
Line 65: Line 65:
 The type of token and time period by which its validity is extended is chosen The type of token and time period by which its validity is extended is chosen
 by the client. by the client.
 +
 +===== Scopes =====
 +Authentication tokens can be restricted to selected actions. Each action has its own scope,
 +you can find the available scopes in the documentation. You can configure scopes when you're
 +requesting a new authentication token.
 +
 +Example scopes:
 +
 +  * ''all'' allow access to all actions, this is used by the web interface and it is the default scope
 +  *  an empty scope will allow access only to ''user#current'', which gives information about the current user; this is used for logins from Discourse and KB
 +  * ''vps#show'' allow access to action show on vps resource
 +  * ''vps#show:vps_id=123'' allow access to action show on a specific VPS
 +  * ''vps#*'' allow all actions on vps resource
 +  * ''vps#*:vps_id=123'' all actions on vps resource, but only with VPS ID 123
 +  * ''{vps,dataset}#{index,show}'' list and show info about VPS and datasets
 +
 +Scopes can contain globs for resource and action names. Action name is separated from resource name by a hash (''#''). Optional object IDs are separated from action name by a colon ('':'') and cannot contain globs. You can find a list of available scopes and their parameters in the [[https://api.vpsfree.cz/|documentation]]. Each token can have multiple scopes separated by spaces. At least one scope must match the called action in order for access to be granted.
  
 ===== CLI ===== ===== CLI =====
Line 295: Line 312:
         --user USER                  User name         --user USER                  User name
         --password PASSWORD          Password         --password PASSWORD          Password
 +        --scope [SCOPE]              Scope
         --token TOKEN                Token         --token TOKEN                Token
         --token-lifetime LIFETIME    Token lifetime, defaults to renewable_auto         --token-lifetime LIFETIME    Token lifetime, defaults to renewable_auto
Line 339: Line 357:
 access to ''~/.haveapi-client.yml'' can access and use the token. access to ''~/.haveapi-client.yml'' can access and use the token.
 </note> </note>
 +
 +Specify a scope:
 +
 +<code>
 +$ vpsfreectl --auth token --scope 'vps#*:vps_id=123' --save vps show 123
 +</code>
 +
 +The command above will ask for an authentication token that will only be allowed to call actions on the vps resource and only on VPS with ID 123.
  
 ==== Actions and Parameters ==== ==== Actions and Parameters ====
manuals/vps/api.txt · Last modified: 2024/01/02 21:05 by aither

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki