An API session is bound to a given Rightscale account and not to an authenticated Rightscale user. This means that the login call must specify which account to log into. The login call takes an account href as one of the session parameters. If a client needs to interact with multiple accounts it will have to create multiple login sessions.
The API can be accessed as an "Account facing API" or "Instance facing API". The principal in the account facing API is a user who can log in with an user(email)/password. For the instance facing API, the principal is an instance which needs to provide an "instance_token" to login. See the "Sessions" resource in the API online reference for more details. The instance facing API (which is a subset of the current API) allows instances to manage certain resources like backups, volumes and snapshots. The login call returns 2 cookies which must be passed into each subsequent request.
To differentiate between different versions of the API, all calls need to pass a header "X-API-Version". For API 1.5, the value of the header needs to be "1.5". For example: X-API-Version:1.5
Note: The Examples section of this guide consists of "account facing API" examples.
© 2006-2014 RightScale, Inc. All rights reserved.
RightScale is a registered trademark of RightScale, Inc. All other products and services may be trademarks or servicemarks of their respective owners.