Skip to main content

Overview

The Xloud Cloud Platform exposes a comprehensive set of RESTful APIs that give you programmatic control over every infrastructure resource — compute instances, block storage volumes, networks, identity tokens, and more. All APIs use token-based authentication and return JSON-formatted responses.
Prerequisites
  • An active Xloud account with project membership
  • API access enabled (contact your administrator if not available)
  • API base URL: https://api.<your-domain> or the internal endpoint provided during deployment

API Services

Authentication

Token-based auth, application credentials, and scoped tokens

Compute API

Instances, flavors, keypairs, and console access

Storage API

Volumes, snapshots, backups, and volume types

Networking API

Networks, subnets, routers, security groups, and floating IPs

Identity API

Projects, users, roles, domains, and service catalog

Automation

Scripting patterns, SDK usage, and webhook integration

Quick Reference

ServiceBase PathCurrent Version
Identity (Keystone)/identity/v3v3
Compute (Nova)/compute/v2.1v2.1
Block Storage (Cinder)/volume/v3v3
Networking (Neutron)/networking/v2.0v2.0
Image Service (Glance)/image/v2v2
Object Storage (Swift)/object-store/v1v1
Object Storage (S3)/s3S3 v4

Authentication Overview

All API calls require a valid token in the X-Auth-Token header. Obtain a token by authenticating against the Identity service:
Obtain authentication token
curl -i -X POST https://api.<your-domain>/identity/v3/auth/tokens \
  -H "Content-Type: application/json" \
  -d '{
    "auth": {
      "identity": {
        "methods": ["password"],
        "password": {
          "user": {
            "name": "admin",
            "domain": { "name": "Default" },
            "password": "your_password"
          }
        }
      },
      "scope": {
        "project": {
          "name": "admin",
          "domain": { "name": "Default" }
        }
      }
    }
  }'
The X-Subject-Token response header contains the token value. Use it in all subsequent API calls:
Use token in API calls
export OS_TOKEN="<X-Subject-Token value>"
curl -X GET https://api.<your-domain>/compute/v2.1/servers \
  -H "X-Auth-Token: $OS_TOKEN"
See the Authentication reference for application credentials, token scoping, and token renewal.

Response Format

All API responses use JSON. Standard HTTP status codes indicate success or failure:
StatusMeaning
200 OKRequest succeeded. Response body contains the resource.
201 CreatedResource created. Response body contains the new resource.
202 AcceptedAsynchronous operation started. Poll the resource for status.
204 No ContentRequest succeeded. No response body (common for DELETE).
400 Bad RequestInvalid request body or parameters. Check the error message.
401 UnauthorizedInvalid or expired token. Re-authenticate.
403 ForbiddenValid token, but insufficient permissions for this operation.
404 Not FoundResource does not exist or is not visible to your project.
409 ConflictOperation conflicts with current resource state.
429 Too Many RequestsRate limit exceeded. Back off and retry.

Next Steps

Authentication Guide

Start here — learn how to obtain tokens and use application credentials

Automation Patterns

Scripting, SDK usage, and CI/CD pipeline integration examples