Overview
Gozunga Cloud uses token-based authentication for API access. Before making API calls, you need to obtain an authentication token.
There are several ways to authenticate with our API:
- Application Credentials (Recommended)
- EC2-style Credentials (for S3/Swift compatibility)
Application Credentials
Creating Application Credentials
- Log in to the Cloud Management Portal
- Navigate to Access → Application Credentials
- Click "Create an Application Credential"
- Enter the Name, and Description (optional)
- Click "Create an Application Credential"
Important : Save the credential ID and secret. The secret will only be shown once.
Using Application Credentials
# Using curl
curl -X POST \
https://cloud.fsd1.gozunga.com:5000/v3/auth/tokens \
-H 'Content-Type: application/json' \
-d '{
"auth": {
"identity": {
"methods": ["application_credential"],
"application_credential": {
"id": "YOUR_CREDENTIAL_ID",
"secret": "YOUR_CREDENTIAL_SECRET"
}
}
}
}'
Installing Python OpenStack SDK
To use the Python OpenStack SDK, install it using pip:
# Create a virtual environment
python3 -m venv .venv
# Activate the virtual environment
source .venv/bin/activate
# Install the Python OpenStack SDK
pip install python-openstackclient
Using Python OpenStack SDK
# Using Python OpenStack SDK
from openstack import connection
conn = connection.Connection(
auth_url='https://cloud.fsd1.gozunga.com:5000/v3',
auth_type='v3applicationcredential',
application_credential_id='YOUR_CREDENTIAL_ID',
application_credential_secret='YOUR_CREDENTIAL_SECRET'
)
S3/EC2 Credentials
For S3/EC2 API access:
- In our Cloud Management Portal:
- Navigate to Access → EC2/S3 Credentials
- Click "Create S3/EC2 Credential"
- Save both the Access Key and Secret Key
# Example using AWS CLI
aws configure set aws_access_key_id YOUR_ACCESS_KEY
aws configure set aws_secret_access_key YOUR_SECRET_KEY
aws configure set region SiouxFalls
aws configure set endpoint_url https://cloud.fsd1.gozunga.com:6780
# Test access
aws --endpoint-url https://cloud.fsd1.gozunga.com:6780 s3 ls
aws --endpoint-url https://cloud.fsd1.gozunga.com:6780 s3 ls s3://bucketname/folder
aws --endpoint-url https://cloud.fsd1.gozunga.com:6780 s3 cp s3://bucketname/folder/file.zip .
Token Management
Token Expiration
- Application Credential tokens: Valid for 24 hours by default
- Password-based tokens: Valid for 4 hours
- EC2 credentials: Do not expire unless revoked
Revoking Tokens
- Through the Cloud Management Portal:
- Navigate to Identity → Application Credentials
- Select the credential
- Click "Delete Credential"
- Using the API:
curl -X DELETE \
https://cloud.fsd1.gozunga.com:5000/v3/auth/tokens \
-H 'X-Auth-Token: YOUR_TOKEN' \
-H 'X-Subject-Token: TOKEN_TO_REVOKE'
Best Practices
- Use Application Credentials
- More secure than password authentication
- Can be easily revoked without affecting other credentials
- Supports fine-grained access control
- Secure Storage
- Never commit credentials to source control
- Use environment variables or secure vaults
- Rotate credentials regularly
- Scope Limitation
- Create different credentials for different applications
- Limit permissions to only what's needed
- Set expiration dates when possible
- Monitoring
- Regularly audit active credentials
- Monitor for unusual API activity
- Remove unused credentials
Troubleshooting
Common Issues
- Authentication Failed
- Verify credential ID and secret
- Check if credential has expired
- Ensure correct endpoint URLs
- Token Expired
- Request a new token
- Implement token refresh in your application
- Permission Denied
- Verify credential roles
- Check project quotas
- Ensure correct project scope
