Authenticating with IBM Cloud® Infrastructure Center

After you install and run the IBM Cloud Infrastructure Center services on a managing management node, the first step that an application must do is to authenticate with the Keystone service.

Initial authentication returns an access token and a service catalog. The service catalog defines the URLs that can be used to access various services. You can use the public URL for the wanted service when you construct further API requests. The access token is specified in the
Note: X-Auth-Token
header for each of those requests.
Note: Note
: Access tokens are valid for 6 hours by default.

You need the following minimal information to successfully run this API:

  • IP address or hostname of management node (where IBM Cloud Infrastructure Center services are running).

  • API URI, which default is: https://<IP address or host name of management node>:5000.

  • Username.

  • User password.

  • Tenant or Project name.

  • Domain name (Default is the only supported value).

A sample request:

POST https://ip-hostname:5000/v3/auth/tokens

headers=
{

	'Content-Type': 'application/json',

	'Vary': 'X-Auth-Token, X-Subject-Token',

	'Accept': 'application/json'

}

body=

{

	"auth": {

		"scope": {

			"project": {

				"domain": {

					"name": "Default"

				},

				"name": "ibm-default"

			}

		},

		"identity": {

			"password": {

				"user": {

					"domain": {

						"name": "Default"

					},

					"password": "mypassword",

					"name": "myuserid"

				}

			},

			"methods": [

				"password"

			]

		}

	}

}

A sample request for multi-factor authentication:

POST https://ip-hostname:5000/v3/auth/tokens

headers=
{
	'Content-Type': 'application/json',
	'Vary': 'X-Auth-Token, X-Subject-Token',
	'Accept': 'application/json'
}

body=
{
	"auth": {
		"scope": {
			"project": {
				"domain": {
					"name": "Default"
				},
				"name": "ibm-default"
			}
		},
		"identity": {
			"password": {
				"user": {
					"domain": {
						"name": "Default"
					},
					"password": "mypassword",
					"name": "myuserid"
				}
			},
			"totp": {
				"user": {
					"domain": {
						"name": "Default"
					},
					"passcode": "mytotp",
					"name": "myuserid"
				}
			},
			"methods": [
				"password", "totp"
			]
		}
	}
}