Scyld Cloud Auth Documentation

Authentication

All Scyld Cloud Management web service APIs require users to be authenticated. Users acquire an authentication token from Scyld Cloud Auth and then include that token, specified as the “X-Auth-Token” HTTP header, in all subsequent calls.

To obtain an authentication token for use with the APIs, a user issues a call to /auth/request_token using their API key and API secret utilizing HTTP-header based OAuth. Using OAuth requires some manipulation of the HTTP headers and is generally done using a library in the user’s programming language of choice.

An authentication token is provided along with its expiration timestamp after which a new token should be acquired.

Authorization

Some Scyld Cloud Management Services calls also require authorization. Scyld Cloud Auth maintains user ACLs and provides a centralized authorization authority for the Scyld Cloud domain. The data model for Scyld Cloud Auth consists of roles, permissions, and user-resource ACLs.