Help Center > > API Reference> Before You Start

Before You Start

Updated at: Nov 04, 2019 GMT+08:00

Overview

Welcome to Identity and Access Management (IAM). IAM provides identity authentication, permissions management, and access control. With IAM, you can create and manage users and grant them permissions to allow or deny their access to cloud resources.

You can use IAM through the console or application programming interfaces (APIs). This document describes how to use APIs to perform operations on IAM, such as creating users and user groups and obtaining tokens. If you plan to access IAM through APIs, ensure that you are familiar with IAM concepts. For details, see Service Overview.

Parameters

The following table lists a few special API parameters and their names displayed on the console.

Table 1 Parameters

API Parameter

Name Displayed on the Console

How to Obtain on the Console

domain

Account

Obtaining the Username, User ID, Project Name, and Project ID

domain_id/Tenant ID

Account ID

domain_name/Tenant name

Account name

user

IAM user

group

User group

Viewing User Group Information

group_id

User group ID

Endpoints

An endpoint is the request address for calling an API. Endpoints vary depending on services and regions. For the endpoint of each service, see Regions and Endpoints.

Table 2 lists IAM endpoints. IAM is a global service with all data stored in the Global project. All APIs of IAM can be called using the endpoint of the Global region. To facilitate access to region-specific services using APIs or the CLI, some of IAM's APIs are also provided for specific regions. Call APIs using the endpoint of the region (see Constraints) closest to you.

Table 2 IAM endpoints

Region Name

Region

Endpoint

Global service

Global

iam.myhuaweicloud.com

CN Northeast-Dalian

cn-northeast-1

iam.cn-northeast-1.myhuaweicloud.com

CN North-Beijing4

cn-north-4

iam.cn-north-4.myhuaweicloud.com

CN North-Beijng1

cn-north-1

iam.cn-north-1.myhuaweicloud.com

CN East-Shanghai2

cn-east-2

iam.cn-east-2.myhuaweicloud.com

CN South-Guangzhou

cn-south-1

iam.cn-south-1.myhuaweicloud.com

AF-Johannesburg

af-south-1

iam.af-south-1.myhuaweicloud.com

EU-Paris

eu-west-0

iam.eu-west-0.myhuaweicloud.com

AP-Hong Kong

ap-southeast-1

iam.ap-southeast-1.myhwclouds.com

AP-Singapore

ap-southeast-3

iam.ap-southeast-3.myhuaweicloud.com

Constraints

There are limitations on the regions where IAM APIs can be called.

  • Tokens or temporary access key IDs/secret access keys (AKs/SKs) obtained using the global domain name cannot be used for service access in Paris, Singapore, and Atlanta.
  • Tokens or temporary AKs/SKs obtained using region-specific domain names can only be used to access services in the same region.

Did you find this page helpful?

Submit successfully!

Thank you for your feedback. Your feedback helps make our documentation better.

Failed to submit the feedback. Please try again later.

Which of the following issues have you encountered?







Please complete at least one feedback item.

Content most length 200 character

Content is empty.

OK Cancel