You can perform system management tasks using the Tenant Management REST API instead of the Tenant Manager user interface. For example, you might want to use the API to automate operations or to create multiple entities, such as users, more quickly.
The Tenant Management API uses the Swagger open source API platform. Swagger provides an intuitive user interface that allows developers and non-developers to interact with the API. The Swagger user interface provides complete details and documentation for each API operation.
To access the Swagger documentation for the Tenant Management API:
- Sign in to the Tenant Manager.
- Select from the web application header.
API operations
The Tenant Management API organizes the available API operations into the following sections:
account – Operations on the current tenant account, including getting storage usage information.
auth – Operations to perform user session authentication.
The Tenant Management API supports the Bearer Token Authentication Scheme. For a tenant login, you provide a username, password, and accountId in the JSON body of the authentication request (that is, POST /api/v3/authorize). If the user is successfully authenticated, a security token is returned. This token must be provided in the header of subsequent API requests ("Authorization: Bearer token").
See "Protecting against Cross-Site Request Forgery" for information on improving authentication security.
Note: If single sign-on (SSO) is enabled for the StorageGRID system, you must perform different steps to authenticate. See "Authenticating in to the API if single sign-on is enabled" in the instructions for administering StorageGRID.compliance – Operations to determine how global compliance is configured for the StorageGRID system.
- config – Operations related to the product release and versions of the Tenant Management API. You can list the product release version and the major versions of the API supported by that release.
containers – Operations on S3 buckets or Swift containers. For S3, you can create compliant and non-compliant buckets; modify compliance settings; set the consistency control for operations performed on objects; create, update, and delete a bucket's CORS configuration; enable and disable last access time updates for objects; and manage the configuration settings for platform services, including CloudMirror replication, notifications, and search integration (metadata-notification). For Swift, you can set the consistency level used for containers.
deactivated-features – Operations to view features that might have been deactivated.
- endpoints – Operations to manage an endpoint. Endpoints allow an S3 bucket to use an external service for StorageGRID CloudMirror replication, notifications, or search integration.
groups – Operations to manage local tenant groups and to retrieve federated tenant groups from an external identity source.
identity-source – Operations to configure an external identity source and to manually synchronize federated group and user information.
regions – Operations to determine which regions have been configured for the StorageGRID system.
s3 – Operations to manage S3 access keys for tenant users.
users – Operations to view and manage tenant users.
Operation details
When you expand each API operation, you can see its HTTP action, endpoint URL, a list of any required or optional parameters, an example of the request body (when required), and the possible responses.
Issuing API requests
- Click the HTTP action to see the request details.
- Determine if the request requires additional parameters, such as a group or user ID. Then, obtain these values. You might need to issue a different API request first to get the information you need.
- Determine if you need to modify the example request body. If so, you can click Model to learn the requirements for each field.
- Click Try it out.
- Provide any required parameters, or modify the request body as required.
- Click Execute.
- Review the response code to determine if the request was successful.