6.5 KiB
Executable File
+++ title = "DTR User and Org API" description = "Docker Trusted Registry 1.3 User and Organization Accounts API" keywords = ["API, Docker, index, REST, documentation, Docker Trusted Registry, registry"] weight = 62 [menu.main] parent = "smn_dtrapi" +++
Docker Trusted Registry 1.3 Teams
As with Docker HUb, DTR teams of users can only exist within an Organization.
List Teams in an Organization
GET /api/v0/accounts/{name}/teams
$ curl --insecure -v --user admin:password https://dtr.domain.com/api/v0/accounts/engineering/teams
Example Response:
{
"teams": [
{
"id": 4,
"orgID": 4,
"type": "managed",
"name": "owners",
"description": ""
},
{
"id": 5,
"orgID": 4,
"type": "managed",
"name": "testers",
"description": "i have altered the description, pray that i do not alter it any further"
}
]
}
Authorization
Client must be authenticated as a member of the organization containing the team(s).
Status Codes
- 403 the client is not authorized.
- 404 the Organization has no teams.
- 200 success.
View Details of a Team
GET /api/v0/accounts/{name}/teams/{teamname}
$ curl --insecure -v --user admin:password https://dtr.domain.com/api/v0/accounts/engineering/teams/qa
Example Response:
{
"id": 5,
"orgID": 4,
"type": "managed",
"name": "testers",
"description": "I have altered the description, pray that I do not alter it any further"
}
Authorization
Client must be authenticated as a member of the organization containing the team(s).
Status Codes
- 403 the client is not authorized.
- 404 no such team exists.
- 200 success.
List a Team's Members
GET /api/v0/accounts/{name}/teams/{teamname}/members
$ curl --insecure -v --user admin:password https://dtr.domain.com/api/v0/accounts/engineering/teams/qa/members
Example Response:
{
"members": [
{
"id": 8,
"type": "user",
"name": "midei",
"isActive": true
},
{
"id": 10,
"type": "user",
"name": "rajat",
"isActive": true
},
{
"id": 12,
"type": "user",
"name": "banjot",
"isActive": true
},
{
"id": 15,
"type": "user",
"name": "jon",
"isActive": true
}
]
}
Authorization
Client must be authenticated as a system admin, a member of the "owners" team in the organization, or a member of the team in question.
Status Codes
- 403 the client is not authorized.
- 404 no such team exists.
- 200 success.
Check if a User is a Member of a Team
GET /api/v0/accounts/{name}/teams/{teamname}/members/{member}
$ curl --insecure -v --user admin:password -X GET https://dtr.domain.com/api/v0/accounts/engineering/teams/qa/members/test
Authorization
Client must be authenticated as a user who has visibility into the team (i.e., a member of the team or an owner of the organization).
Status Codes
- 403 the client is not authorized.
- 404 no such teams exists or user is not a member.
- 204 success (user is a member).
Create a Team in an Organization
POST /api/v0/accounts/{name}/teams
$ curl --insecure -v --user admin:password -X POST --data '{"name": "qa", "type": "managed"}' --header "Content-type: application/json" https://dtr.domain.com/api/v0/accounts/engineering/teams
Example Request:
POST /api/v0/accounts/engineering/teams HTTP/1.1
Content-Type: application/json
{
"name": "qa",
"description": "QA Engineering Team",
"type": "ldap",
"ldapDN": "cn=qatesters,ou=engineering,ou=groups,dc=example,dc=com",
"ldapGroupMemberAttribute": "member"
}
Example Response:
{
"id": 5,
"orgID": 4,
"type": "ldap",
"name": "qa",
"description": "QA Engineering Team",
"ldapDN": "cn=qatesters,ou=engineering,ou=groups,dc=example,dc=com",
"ldapGroupMemberAttribute": "member"
}
Authorization
Client must be authenticated as a system admin or a member of the "owners" team in the organization.
Status Codes
- 403 the client is not authorized.
- 400 invalid team name or LDAP filter.
- 201 success.
Update a Teams's Details
PATCH /api/v0/accounts/{name}/teams/{teamname}
$ curl --insecure -v --user admin:password -X PATCH --data '{"description":"add one"}' --header "Content-type: application/json" https://dtr.domain.com/api/v0/accounts/engineering/teams/qa
Example Request:
POST /api/v0/accounts/engineering/teams/5 HTTP/1.1
Content-Type: application/json
{
"name": "qualityassurance",
"description": "Quality Assurance Engineers"
}
Example Response:
{
"id": 5,
"orgID": 4,
"type": "ldap",
"name": "qualityassurance",
"description": "Quality Assurance Engineers",
"ldapDN": "cn=qatesters,ou=engineering,ou=groups,dc=example,dc=com",
"ldapGroupMemberAttribute": "member"
}
Authorization
Client must be authenticated as a system admin or a member of the "owners" team in the organization.
Status Codes
- 404 no such team exists.
- 403 the client is not authorized.
- 400 invalid updated detail values.
- 200 success.
Add a User to a Team (if not LDAP synced).
PUT /api/v0/accounts/{name}/teams/{teamname}/members/{member}
$ curl --insecure -v --user admin:password -X PUT https://dtr.domain.com/api/v0/accounts/engineering/teams/qa/members/alice
Authorization
Client must be authenticated as a system admin or a member of the "owners" team in the organization.
Status Codes
- 403 the client is not authorized.
- 404 no such team or user.
- 200 success.
Remove a User from a Team (if not LDAP synced).
DELETE /api/v0/accounts/{name}/teams/{teamname}/members/{member}
$ curl --insecure -v --user admin:password -X DELETE https://dtr.domain.com/api/v0/accounts/engineering/teams/qa/members/alice
Authorization
Client must be authenticated as a system admin or a member of the "owners" team in the organization.
Status Codes
- 403 the client is not authorized.
- 404 no such team exists.
- 204 (
No Content) success - or user is not in the team.
Remove a Team.
DELETE /api/v0/accounts/{name}/teams/{teamname}
$ curl --insecure -v --user admin:password -X DELETE https://dtr.domain.com/api/v0/accounts/engineering/teams/qa
Authorization
Client must be authenticated as a system admin or a member of the "owners" team in the organization.
Status Codes
- 403 the client is not authorized.
- 204 (
No Content) success - or team does not exist.