Available in Classic and VPC
Review the support information for the Archive Storage API, which is compatible with the OpenStack Swift API, and verify the common API calls and authentication methods. Archive Storage supports version 2.15.1 (Pike), and this guide describes operations based on 2.15.1 (Pike).
Supported API
The Archive Storage API enables control over various features necessary for storage management and usage. See the Archive Storage API guide for the list of supported operations.
Call API
The Archive Storage API call steps are as follows:
1. Create authentication key.
2. Check calling domain
3. Create token
4. Delete token
1. Create authentication key.
The method for creating an authentication key to use the Archive Storage API is identical to the authentication key creation method for the Ncloud API. See 1. Create authentication key of Ncoud API.
2. Check calling domain
While it supports both HTTP and HTTPS protocols, we recommend using HTTPS for data protection. The region-specific calling domain information is as follows:
| Region | Authentication URL | Service URL |
|---|---|---|
| Korea | https://kr.archive.ncloudstorage.com:5000 | https://kr.archive.ncloudstorage.com |
3. Create token
NAVER Cloud Platform Archive Storage utilizes the OpenStack Keystone V3 API for authentication and token generation. The generated token is used by entering it as the X-Auth-Token header value when performing account, container, or object operations.
For more information on OpenStack Keystone V3 API, see https://developer.openstack.org/api-ref/identity/v3/.
Use the password authentication method to generate a token. Use the access key ID as the username and the secret key as the password from the API key information created in the NAVER Cloud Platform console under My Account > Manage account and security > Manage security > Manage access > API authentication key.
When generating the token, limiting the scope to the project is mandatory. The project ID and domain ID can be found by clicking [Check API usage information] after subscribing from the Archive Storage console.
The token's validity period is 24 hours, and its usage can be stopped by requesting token deletion.
Syntax
The syntax is as follows:
POST /v3/auth/tokens
Request
The following are request parameters.
| Name | In | Type | Description |
|---|---|---|---|
| auth | body | object | auth object |
| identity | body | object | Identity object |
| methods | body | array | Authentication method. Password authentication method is used. |
| password | body | object | password object |
| user | body | object | user object. ID, password, domain are required. |
| domain | body | object | domain object. Use by entering the ID, and check the domain ID by clicking [Check API usage information] in the Archive Storage console. |
| scope | body | object | scope object. Specify the token scope as project. |
| project | body | object | project object. Use by entering the ID, and check the project ID by clicking [Check API usage information] in the Archive Storage console. |
The request example is as follows:
curl -i -X POST -H "Content-Type: application/json" https://kr.archive.ncloudstorage.com:5000/v3/auth/tokens -d '
{
"auth": {
"identity": {
"methods": [
"password"
],
"password": {
"user": {
"name": "{access_key_id}",
"password": "{secret_key}",
"domain": {
"id": "{domain_id}"
}
}
}
},
"scope": {
"project": {
"id": "{project_id}"
}
}
}
}'
Response
The following are response parameters.
| Name | In | Type | Description |
|---|---|---|---|
| X-Subject-Token | header | string | Generated token. The token value is passed in the header, not the request body. |
| token | body | object | token object |
| methods | body | array | Authentication method. Password authentication method is used. |
| roles | body | array | List of role information, including ID and name information |
| expires_at | body | string | Token expiration date and time. YYYY-MM-DDThh:mm:ss.sssZ (ISO 8601). If null, the token never expires. |
| issued_at | body | string | Token creation date and time. YYYY-MM-DDThh:mm:ss.sssZ (ISO 8601) |
| project | body | object | project object, including domain, ID, and name information |
| catalog | body | array | catalog object |
| endpoints | body | array | endpoint information list |
| region_id | body | string | Region information where the service endpoint resides |
| url | body | string | endpoint URL. |
| interface | body | string | Interface type. The "admin" type is only available to users with admin permissions. |
| type | body | string | endpoint type |
| audit_ids | body | array | Randomly generated unique values used when querying token information |
The response example is as follows:
HTTP/1.1 201 Created
Date: Mon, 17 Sep 2018 23:46:11 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_wsgi/3.4 Python/2.7.5
X-Subject-Token: gAAAAABboDzDOzds2V_2uzR9xn-AQkg5RRejRkGD9L5NuhwezSqqxpmY8ZNl48vYnC1GCn21AiffNtRrDedbvVq2usnPDH2qIp-Cq2Rx54fnH406NhhW9OiaKMzFwRzS7-js3j4xGMvEk2bPErmolAT4E1Du0vsF2azycC6sNcIMsVWcvd
Vary: X-Auth-Token
x-openstack-request-id: req-40a163b1-1fcc-423d-8ec3-3f40fd413ab6
Content-Length: 1759
Content-Type: application/json
{
"token": {
"is_domain": false,
"methods": [
"password"
],
"roles": [
{
"id": "488fac210a714fcc91b61a32525b5693",
"name": "user"
}
],
"expires_at": "2018-09-18T23:46:11.000000Z",
"project": {
"domain": {
"id": "default",
"name": "Default"
},
"id": "0a11d053d4804b4c86d26ae1ff48dc1e",
"name": "ncp-test-0"
},
"catalog": [
{
"endpoints": [
{
"region_id": null,
"url": "https://kr.archive.ncloudstorage.com:5000/v3",
"region": null,
"interface": "public",
"id": "3bf62632266c4be0880cd7170ca90f55"
},
{
"region_id": null,
"url": "https://kr.archive.ncloudstorage.com:35357/v3",
"region": null,
"interface": "admin",
"id": "a29ce505b6cb429ea9ca15cb126251f7"
},
{
"region_id": null,
"url": "https://kr.archive.ncloudstorage.com:35357/v3",
"region": null,
"interface": "internal",
"id": "e524bcde8c5a4eec8750acf3e5819d69"
}
],
"type": "identity",
"id": "ae1a92e6b64f4e9886517aaca2540b26",
"name": "keystone"
},
{
"endpoints": [
{
"region_id": "RegionOne",
"url": "https://kr.archive.ncloudstorage.com/v1/AUTH_0a11d053d4804b4c86d26ae1ff48dc1e",
"region": "RegionOne",
"interface": "internal",
"id": "80773860110449b9b78dc3a05f3f6360"
},
{
"region_id": "RegionOne",
"url": "https://kr.archive.ncloudstorage.com/v1/AUTH_0a11d053d4804b4c86d26ae1ff48dc1e",
"region": "RegionOne",
"interface": "public",
"id": "40f7102a57024603a53f41c4d8cb7cf3"
},
{
"region_id": "RegionOne",
"url": "https://kr.archive.ncloudstorage.com",
"region": "RegionOne",
"interface": "admin",
"id": "5297ae442163478e82f6f9630919b93f"
}
],
"type": "object-store",
"id": "fb4cbd0bf18f4beb9ac29b09f0862ce2",
"name": "swift"
}
],
"user": {
"password_expires_at": null,
"domain": {
"id": "default",
"name": "Default"
},
"id": "ac1eca9c1b9f4900a0b1c4a82be49686",
"name": "qQXiRLju7XHMXpmEskHn"
},
"audit_ids": [
"U-O5n4rBSoO5jBykNXYNsw"
],
"issued_at": "2018-09-17T23:46:11.000000Z"
}
}
4. Delete token
You can delete generated tokens.
Syntax
The syntax is as follows:
DELETE /v3/auth/tokens
Request
The following are request parameters.
| Name | In | Type | Description |
|---|---|---|---|
| X-Auth-Token | header | string | Valid token for authentication |
| X-Subject-Token | header | string | Token to be deleted. It becomes unavailable immediately upon successful completion of the request. |
The request example is as follows:
curl -i -X DELETE -H "X-Auth-Token: $token" -H "X-Subject-Token: $token_to_delete" https://kr.archive.ncloudstorage.com:5000/v3/auth/tokens
Response
Upon successful request, it returns the No Content (204) status code. The response example is as follows:
HTTP/1.1 204 No Content
Date: Tue, 18 Sep 2018 05:44:00 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_wsgi/3.4 Python/2.7.5
Vary: X-Auth-Token
x-openstack-request-id: req-b6e8efbe-c3f2-41bc-8ca5-1067753318d4
Content-Type: text/plain; charset=UTF-8