Elaborate a bit on the login and interaction cycle in the README.

This commit is contained in:
Marsell Kukuljevic 2021-02-02 16:20:21 +01:00
parent ff04edd2b8
commit df9677efe5

View File

@ -34,7 +34,7 @@ authentication; all files are public.
## GET /login ## GET /login
Call this endpoint to begin the login cycle. It will redirect you to the SSO Call this endpoint to begin the login cycle. It will redirect you to the SSO
login page. login page: an HTTP 302, with a Location header.
## GET /token ## GET /token
@ -47,3 +47,26 @@ header.
All other calls will be passed through to cloudapi. For these calls to succeed, All other calls will be passed through to cloudapi. For these calls to succeed,
they MUST provide the X-Auth-Token header that the /token endpoint returns. they MUST provide the X-Auth-Token header that the /token endpoint returns.
# Interaction cycle
client --- GET /login --------> this server
<-- 302 Location #1 ----
client --- GET <Location #1> --> SSO server
<separate SSO cycle>
<-- 302 Location #2 ----
client --- GET <Location #2> --> this server
<-- 204 X-Auth-Token ----
From now on call this server as if it were a cloudapi server (using [cloudapi
paths](https://github.com/joyent/sdc-cloudapi/blob/master/docs/index.md#api-introduction)),
always providing the X-Auth-Token. For example, to retrieve a list of packages:
client --- GET /my/packages --> this server
<-- 200 JSON body ------
The most useful cloudapi endpoints to begin with will be ListPackages,
GetPackage, ListImages, GetImage, ListMachines, GetMachine, CreateMachine and
DeleteMachine (see cloudapi docs).