docs: API auth paths changed

Signed-off-by: mbshields <mshields@alum.mit.edu>
project-zot · Nov 16, 2023 · 73988d1 · 73988d1
1 parent 3eba490
commit 73988d1
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 16 deletions.
diff --git a/.wordlist.txt b/.wordlist.txt
@@ -70,6 +70,7 @@ Dockerfile
 dryRun
 ExpandedRepoInfo
 ExtensionList
+ExpandedRepoInfo
 ExternalName
 Filebeat
 filesystem
@@ -107,6 +108,10 @@ ImageListForDigest
 ImagesListForCVE
 ImagesListWithCVEFixed
 ImageIndex
+ImageList
+ImageListForDigest
+ImagesListForCVE
+ImagesListWithCVEFixed
 ImageManifest
 ImageTags
 ImageTrust

diff --git a/docs/developer-guide/api-reference.md b/docs/developer-guide/api-reference.md
@@ -7,9 +7,9 @@ The information presented here is adapted from the interactive OpenAPI (formerly
 For instructions and examples of how to use the zot API, see [Using the zot API](../developer-guide/api-user-guide.md).
 
 
-## /auth/apikey
+## /zot/auth/apikey
 
-### DELETE `/auth/apikey`
+### DELETE `/zot/auth/apikey`
 
 Revokes one current user API key based on given key ID
 
@@ -38,7 +38,7 @@ Revokes one current user API key based on given key ID
 
 This operation does not require authentication
 
-### GET `/auth/apikey`
+### GET `/zot/auth/apikey`
 
 Get list of all API keys for a logged in user
 
@@ -61,7 +61,7 @@ Get list of all API keys for a logged in user
 This operation does not require authentication
 
 
-### POST `/auth/apikey`
+### POST `/zot/auth/apikey`
 
 Can create an api key for a logged in user, based on the provided label and scopes.
 
@@ -102,9 +102,9 @@ Can create an api key for a logged in user, based on the provided label and scop
 
 This operation does not require authentication
 
-## `/auth/logout`
+## `/zot/auth/logout`
 
-### POST `/auth/logout`
+### POST `/zot/auth/logout`
 
 Logout by removing current session
 

diff --git a/docs/developer-guide/api-user-guide.md b/docs/developer-guide/api-user-guide.md
@@ -47,10 +47,10 @@ For comprehensive details of the API endpoints, see [Viewing the complete zot AP
 
 | Endpoint | Actions | Description | Availability |
 | -------- | ------- | ----------- | -------------|
-| /auth/apikey| DELETE, GET, POST | Creates, lists, or deletes API keys | Available when API key authentication is enabled in the configuration file (`"apikey": true`). |
-| /auth/login | POST  | Opens an API session | Available when authentication is available. This includes not only OpenID, but all session-based authentication. |
-| /auth/logout| POST  | Ends an API session | Available when authentication is available. This includes not only OpenID, but all session-based authentication. 
-| /auth/callback/\<provider\> | POST | Specifies a social authentication service provider for redirecting logins, such as Google or dex. | Enabled when an OpenID authentication service provider is specified in the configuration file. |
+| /zot/auth/apikey| DELETE, GET, POST | Creates, lists, or deletes API keys | Available when API key authentication is enabled in the configuration file (`"apikey": true`). |
+| /zot/auth/login | POST  | Opens an API session | Available when authentication is available. This includes not only OpenID, but all session-based authentication. |
+| /zot/auth/logout| POST  | Ends an API session | Available when authentication is available. This includes not only OpenID, but all session-based authentication. 
+| /zot/auth/callback/\<provider\> | POST | Specifies a social authentication service provider for redirecting logins, such as Google or dex. | Enabled when an OpenID authentication service provider is specified in the configuration file. |
 
 
 ### other zot endpoints
@@ -113,11 +113,11 @@ To enable the use of API keys, you must set the `apikey` attribute to `true` in
 
 Before you can create or revoke an API key, you must first log in using a different authentication mechanism, such as logging in through the zot GUI. When you are logged in, you can create an API key for your identity using the following API command:
 
-    POST /auth/apikey
+    POST /zot/auth/apikey
 
 _cURL command example:_
 
-    curl -u user:password -X POST http://localhost:8080/auth/apikey -d '{"label": "myAPIKEY", "scopes": ["repo1", "repo2"], "expirationDate": "2023-08-28T17:10:05+03:00"}'
+    curl -u user:password -X POST http://localhost:8080/zot/auth/apikey -d '{"label": "myAPIKEY", "scopes": ["repo1", "repo2"], "expirationDate": "2023-08-28T17:10:05+03:00"}'
 
 > :pencil2: The scopes and expiration date in this example are optional. By default, an API key has the same permissions as the user who created it.
 
@@ -155,22 +155,22 @@ The API key replaces a password in the API command, as shown in the following cU
 
 When logged in, you can revoke your own API key with the following API command:
 
-    DELETE /auth/apikey?id=$uuid
+    DELETE /zot/auth/apikey?id=$uuid
 
 _cURL command example:_
 
-    curl -u user:password -X DELETE http://localhost:8080/v2/auth/apikey?id=46a45ce7-5d92-498a-a9cb-9654b1da3da1
+    curl -u user:password -X DELETE http://localhost:8080/v2/zot/auth/apikey?id=46a45ce7-5d92-498a-a9cb-9654b1da3da1
 
 
 #### Listing your current API keys
 
 When logged in, you can display a list of your API keys with the following API command:
 
-    GET /auth/apikey
+    GET /zot/auth/apikey
 
 _cURL command example:_
 
-    curl -u user:password -X GET http://localhost:8080/auth/apikey 
+    curl -u user:password -X GET http://localhost:8080/zot/auth/apikey 
 
 _Command output:_