Authentication

Overview

The RightScale API supports the use of a cookie/session. The first step in using the RightScale API is to login and get an authentication cookie which can then be used with subsequent requests within the session duration.

Note: API 1.0 uses GET (with HTTP Basic Authentication) and API 1.5 uses POST for authentication requests.

Login in to the API

Basic Example

#!/bin/sh -e

RS_USER="name@example.com"
RS_PASS="J3peleFoe983h"
RS_ACCOUNT="1234"

# login to API 1.0
curl -H 'X-API-VERSION:1.0' -c mySavedCookies -u $RS_USER:$RS_PASS https://my.rightscale.com/api/acct/$RS_ACCOUNT/login

Your session cookie should be saved now in the file, mySavedCookies, e.g.:

# Netscape HTTP Cookie File
# http://curl.haxx.se/rfc/cookie_spec.html
# This file was generated by libcurl! Edit at your own risk.

#HttpOnly_.rightscale.com	TRUE	/	FALSE	0	rs_gbl	eNotkGtugkAUrX-lmWfHMMNwTZq0WBXxApJ6CS8Gh0HGchOGCBr_vZD27SRn7Z3s9QQhMEHWgRGIamA-QVOzCphIIwi9RkDQ_pYVpCiGQcgI8Kin6Rkbukx0iDGOIUIMQz0yVIiwjORIIhpV475PsP-sqqEh29cDvyNXZMeo9TqxV9P6C4tqTgIvEof9Dqs5vBVOXmysm_WdPKpuuTuK4n5nSqb-XEI4EzetObVHxHi7ho-FfEYosK9suAoE7qZ1Jd9r0Gd8N7RIDpY-61x1Ej9Ci5y4S9b6PLYKp7zr9nYqaY53Y1JJp-TC54d0ZVsdv55d3zmVnrYtp7h4H5S0g5I8zPopYJJUvH6bFVWUhFn_DCktmlwAUzOUfh7LQp4OdgZsHP9hHxW_JKKmYcrGtMjA6_UL_-ZxNA%3D%3D

Now the cookie file can be used with subsequent API calls, e.g. query a server:

# use the cookie to query server 223252001
curl -H 'X-API-VERSION:1.0' -b mySavedCookies  https://my.rightscale.com/api/acct/$RS_ACCOUNT/servers/223252001

Advanced Example

#! /bin/sh -e

# rs-login.sh

# by default API 1.0 is used unless rs_api_version=1.5 is set in env or ~/.rightscale/rs_api_config.sh
# e.g. rs_api_config=1.5 rs-login.sh

# References
# http://support.rightscale.com/12-Guides/03-RightScale_API/RightScale_API_Examples/Authentication
# http://reference.rightscale.com/api1.0/ApiR1V0/Docs/ApiLogins.html
# http://support.rightscale.com/12-Guides/RightScale_API_1.5/Authentication
# http://reference.rightscale.com/api1.5/index.html

[ -e "$HOME"/.rightscale ] || ( mkdir -p "$HOME"/.rightscale && chmod -R 700 "$HOME"/.rightscale )

. "$HOME/.rightscale/rs_api_config.sh"
. "$HOME/.rightscale/rs_api_creds.sh"

# get and store the cookie
if [ "$rs_api_version" = "1.5" ]; then
	url="https://my.rightscale.com/api/session"
	echo "[API 1.5] POST: $url"
	result=$(curl -s -S -v -H 'X_API_VERSION: 1.5' -c "$rs_api_cookie" -X POST -d email="$rs_api_user" -d password="$rs_api_password" -d account_href=/api/accounts/$rs_api_account_id "$url" 2>&1)
else
	url="https://my.rightscale.com/api/acct/$rs_api_account_id/login?api_version=$rs_api_version"
	echo "[API 1.0] GET: $url"
	result=$(curl -s -S -v -c "$rs_api_cookie" -u "$rs_api_user":"$rs_api_password" "$url" 2>&1)
fi

case $result in
	*'204 No Content'*)
		echo 'Login successful.'
		exit
	;;
	*)
		echo 'Login failed!'
		echo "$result"
		exit 1
	;;
esac

Ruby Wrapper example

Each one of your Ruby programs will need to include the wrapper code, and a few other lines of code to create a new object, set your user, password and account. Optionally, you can turn logging on or off. For example:

#!/usr/bin/ruby
require 'RightAPI.rb'
api = RightAPI.new
api.log = true 
api.login(:username => 'user', :password => 'pass', :account => '1234')

Where username, password and account are substituted for their actual values.

Support