Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

How to authenticate to the CSO keystone API

0

0

Article ID: KB37441 KB Last Updated: 24 Sep 2021Version: 1.0
Summary:

This article explains how to authenticate to the CSO keystone API in order to obtain access keys for CSO API calls.

Symptoms:

Using the guidance in the document, Contrail Service Orchestration (CSO) HTTP API Reference and Developer Guide, connectivity was attempted to both:

  • http://<ipaddress>:5000/v3/auth/tokens - There is no response, the Cloud CSO does not appear to be listening on Port 5000 as per the standard Juniper API documentation.
And
  • https://<ipaddress>/v3/auth/tokens - The CSO returns a 500 error.

Both posts were using the JSON format:

{
    "auth": {
        "scope": {
            "project": {
                "domain": {
                    "id": "<domain-id>"
            },
        "name": "<name>"
        }
    },
    "identity": {
        "password": {
            "user": {
                "domain": {
                    "id": "<domain-id>"
                },
            "password": "<password>",
            "name": "<name>"
        }
    },
    "methods": [
        "password"
    ]
  }
}
}
Solution:

Connectivity works on: https://<ip-address>/v3/auth/tokens

Valid JSON should look like the following:

{
    "auth": {
        "scope": {
            "project": {
                "domain": {
                    "id": "default"
                },
                "name": "{ }"
            }
        },
        "identity": {
            "password": {
                "user": {
                    "domain": {
                        "id": "default"
                    },
                    "password": "{ }",
                    "name": "{ }"
                }
            },
            "methods": [
                "password"
            ]
        }
    }
}

Where:

  • { } should be replaced with opco or tenant name
  • { } should be replaced with your password
  • { } should be replaced with your username

Check the value against Key X-Subject-Token to use as Auth token.

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search