From 19ba28ae497b120497f4fa661ca2376f57a1ce95 Mon Sep 17 00:00:00 2001
From: Diane Fleming <diflemin@cisco.com>
Date: Fri, 2 Oct 2015 15:04:13 -0500
Subject: [PATCH] Update Identity v3 to match spec

Match the spec here:
http://specs.openstack.org/openstack/keystone-specs/api/v3/identity-api-v3.html#openstack-identity-api-v3

Updated calls, parameters, faults, descriptions, and samples for

* API versions
* Credentials
* Domains
* Endpoints
* Groups
* Policies
* Projects
* Regions
* Roles
* Role assignments
& Services
* Tokens
* Users

Code samples: Removed unused code samples.

Change-Id: Ida11399456a4fa6ccff6336a02005192e1897a54
Closes-Bug: #1448602
Closes-Bug: #1513587
Closes-Bug: #1512305
---
 api-ref/src/docbkx/ch_identity-v3.xml         |  948 ++-
 api-ref/src/docbkx/preface.xml                |   28 +-
 api-ref/src/wadls/common_project.ent          |   62 +-
 .../samples/CRUDCreateRequest-json-http.txt   |    1 -
 .../src/v3/samples/CRUDCreateRequest.json     |    7 -
 .../src/v3/samples/CRUDCreateResponse.json    |   11 -
 .../samples/CRUDDeleteRequest-json-http.txt   |    1 -
 .../samples/CRUDDeleteResponse-json-http.txt  |    1 -
 .../src/v3/samples/CRUDGetNestedResponse.json |   27 -
 .../v3/samples/CRUDGetRequest-json-http.txt   |    1 -
 .../src/v3/samples/CRUDGetResponse.json       |   11 -
 .../samples/CRUDListAllRequest-json-http.txt  |    1 -
 .../src/v3/samples/CRUDListAllResponse.json   |   27 -
 .../CRUDListFilterRequest-json-http.txt       |    1 -
 .../v3/samples/CRUDListFilterResponse.json    |   18 -
 .../samples/CRUDUpdateRequest-json-http.txt   |    1 -
 .../src/v3/samples/CRUDUpdateRequest.json     |    5 -
 .../src/v3/samples/CRUDUpdateResponse.json    |   11 -
 .../v3/samples/CredentialCreateRequest.json   |    6 -
 .../v3/samples/CredentialCreateResponse.json  |   10 -
 .../src/v3/samples/CredentialGetResponse.json |   10 -
 .../v3/samples/CredentialUpdateRequest.json   |    6 -
 .../v3/samples/CredentialUpdateResponse.json  |   10 -
 .../v3/samples/CredentialsListResponse.json   |   22 -
 .../src/v3/samples/DomainGetResponse.json     |   11 -
 .../src/v3/samples/DomainUpdateRequest.json   |    7 -
 .../src/v3/samples/DomainUpdateResponse.json  |   11 -
 .../src/v3/samples/DomainsListResponse.json   |   22 -
 .../v3/samples/EndpointCreateResponse.json    |   13 -
 .../src/v3/samples/EndpointsListResponse.json |   21 -
 .../src/v3/samples/GroupCreateRequest.json    |    7 -
 .../src/v3/samples/GroupCreateResponse.json   |   11 -
 .../src/v3/samples/GroupGetResponse.json      |   11 -
 .../v3/samples/GroupListUsersResponse.json    |   33 -
 .../src/v3/samples/GroupUpdateRequest.json    |    6 -
 .../src/v3/samples/GroupUpdateResponse.json   |   11 -
 .../src/v3/samples/GroupsListResponse.json    |   36 -
 .../src/v3/samples/PoliciesListResponse.json  |   17 -
 .../src/v3/samples/ProjectCreateResponse.json |   12 -
 .../src/v3/samples/ProjectGetResponse.json    |   12 -
 .../samples/ProjectListUserRolesResponse.json |   23 -
 .../src/v3/samples/ProjectUpdateResponse.json |   13 -
 .../src/v3/samples/ProjectsListResponse.json  |   29 -
 .../src/v3/samples/RESCredential.json         |   12 -
 .../src/v3/samples/RESDomain.json             |   10 -
 .../src/v3/samples/RESEndpoint.json           |   13 -
 .../identity-api/src/v3/samples/RESGroup.json |   11 -
 .../src/v3/samples/RESPolicy.json             |   10 -
 .../src/v3/samples/RESProject.json            |   12 -
 .../identity-api/src/v3/samples/RESRole.json  |    9 -
 .../src/v3/samples/RESService.json            |   11 -
 .../identity-api/src/v3/samples/RESToken.json |   24 -
 .../identity-api/src/v3/samples/RESUser.json  |   13 -
 .../src/v3/samples/RegionCreateRequest.json   |    6 -
 .../src/v3/samples/RegionCreateResponse.json  |   11 -
 .../src/v3/samples/RegionGetResponse.json     |   11 -
 .../src/v3/samples/RegionUpdateRequest.json   |    6 -
 .../src/v3/samples/RegionUpdateResponse.json  |   11 -
 .../src/v3/samples/RegionsListResponse.json   |   18 -
 .../src/v3/samples/RevokedListResponse.json   |    3 -
 .../src/v3/samples/RoleCreateResponse.json    |    9 -
 .../src/v3/samples/RoleGetResponse.json       |    7 -
 .../src/v3/samples/RoleUpdateRequest.json     |    5 -
 .../src/v3/samples/RoleUpdateResponse.json    |    7 -
 .../src/v3/samples/RolesListResponse.json     |   23 -
 .../src/v3/samples/ServiceCreateRequest.json  |    5 -
 .../src/v3/samples/ServiceCreateResponse.json |   10 -
 .../src/v3/samples/ServiceUpdateRequest.json  |    3 -
 .../src/v3/samples/ServiceUpdateResponse.json |    6 -
 .../src/v3/samples/ServicesListResponse.json  |   27 -
 .../v3/samples/TokenAuthFail401aResponse.json |    7 -
 .../v3/samples/TokenAuthFail401bResponse.json |   14 -
 .../v3/samples/TokenAuthFail401cResponse.json |   16 -
 .../v3/samples/TokenAuthNoScopeResponse.json  |   66 -
 .../TokenAuthPasswordDomainRequest.json       |   18 -
 ...hPasswordIDScopeProjDomainNameRequest.json |   23 -
 ...kenAuthPasswordIDScopeProjNameRequest.json |   23 -
 .../samples/TokenAuthScopeDomainResponse.json |   58 -
 .../TokenAuthScopeProjectResponse.json        |   62 -
 .../src/v3/samples/UsersListResponse.json     |   33 -
 ...th-Password-Explicit-UnscopedRequest.json} |   10 +-
 ...th-Password-Explicit-UnscopedResponse.json |   21 +
 .../Auth-Password-Project-ScopedRequest.json} |    6 +-
 .../Auth-Password-Project-ScopedResponse.json |  401 ++
 .../Auth-Password-UnscopedRequest.json}       |    4 +-
 .../admin/Auth-Password-UnscopedResponse.json |   21 +
 ...th-Password-UserName-UnscopedRequest.json} |    6 +-
 ...assword-UserName-UnscopedResponse-HTTP.txt |    8 +
 .../admin/Auth-Token-ScopedRequest.json       |   17 +
 .../admin/Auth-Token-ScopedResponse.json      |  401 ++
 .../Auth-Token-UnscopedRequest.json}          |    0
 .../admin/Auth-Token-UnscopedResponse.json    |   21 +
 .../admin/CredentialCreateRequest.json        |    8 +
 .../admin/CredentialCreateResponse.json       |   12 +
 .../samples/admin/CredentialGetResponse.json  |   12 +
 .../admin/CredentialUpdateRequest.json        |    8 +
 .../admin/CredentialUpdateResponse.json       |   12 +
 .../admin/CredentialsListResponse.json        |  109 +
 .../admin/DomainConfigGetResponse.json        |   11 +
 .../admin/DomainConfigGroupGetResponse.json   |    6 +
 .../DomainConfigGroupOptionGetResponse.json   |    3 +
 .../DomainConfigGroupOptionUpdateRequest.json |    3 +
 ...DomainConfigGroupOptionUpdateResponse.json |   11 +
 .../admin/DomainConfigGroupUpdateRequest.json |    8 +
 .../DomainConfigGroupUpdateResponse.json      |   11 +
 .../admin/DomainConfigUpdateRequest.json      |    8 +
 .../admin/DomainConfigUpdateResponse.json     |   11 +
 .../{ => admin}/DomainCreateRequest.json      |    0
 .../{ => admin}/DomainCreateResponse.json     |    0
 .../v3/samples/admin/DomainGetResponse.json   |   11 +
 .../admin/DomainGroupUpdateRequest.json       |    8 +
 .../DomainListGroupRolesResponse.json         |    0
 .../DomainListUserRolesResponse.json          |    0
 .../v3/samples/admin/DomainUpdateRequest.json |    5 +
 .../samples/admin/DomainUpdateResponse.json   |   11 +
 .../v3/samples/admin/DomainsListResponse.json |   27 +
 .../{ => admin}/EndpointCreateRequest.json    |    6 +-
 .../samples/admin/EndpointCreateResponse.json |   15 +
 .../v3/samples/admin/EndpointGetResponse.json |   14 +
 .../{ => admin}/EndpointUpdateRequest.json    |    0
 .../{ => admin}/EndpointUpdateResponse.json   |    0
 .../samples/admin/EndpointsListResponse.json  |  333 +
 .../v3/samples/admin/GroupCreateRequest.json  |    7 +
 .../v3/samples/admin/GroupCreateResponse.json |   11 +
 .../v3/samples/admin/GroupGetResponse.json    |   11 +
 .../samples/admin/GroupListUsersResponse.json |   19 +
 .../v3/samples/admin/GroupUpdateRequest.json  |    6 +
 .../v3/samples/admin/GroupUpdateResponse.json |   11 +
 .../v3/samples/admin/GroupsListResponse.json  |   27 +
 .../samples/admin/PoliciesListResponse.json   |   37 +
 .../{ => admin}/PolicyCreateRequest.json      |    0
 .../{ => admin}/PolicyCreateResponse.json     |    0
 .../{ => admin}/PolicyGetResponse.json        |    0
 .../{ => admin}/PolicyUpdateRequest.json      |    0
 .../{ => admin}/PolicyUpdateResponse.json     |    0
 .../{ => admin}/ProjectCreateRequest.json     |    4 +-
 .../samples/admin/ProjectCreateResponse.json  |   14 +
 .../samples/admin/ProjectEnableRequest.json   |    5 +
 .../v3/samples/admin/ProjectGetResponse.json  |   13 +
 .../ProjectListGroupRolesResponse.json        |    0
 .../admin/ProjectListUserRolesResponse.json   |   16 +
 .../{ => admin}/ProjectUpdateRequest.json     |    3 +-
 .../samples/admin/ProjectUpdateResponse.json  |   17 +
 .../samples/admin/ProjectsListResponse.json   |   97 +
 .../v3/samples/admin/RegionCreateRequest.json |    7 +
 .../samples/admin/RegionCreateResponse.json   |   10 +
 .../v3/samples/admin/RegionGetResponse.json   |   10 +
 .../v3/samples/admin/RegionUpdateRequest.json |    5 +
 .../samples/admin/RegionUpdateResponse.json   |   10 +
 .../v3/samples/admin/RegionsListResponse.json |   17 +
 .../{ => admin}/RevokedListRequest.txt        |    0
 .../v3/samples/admin/RevokedListResponse.json |    3 +
 .../RoleAssignmentsEffectiveList.txt}         |    0
 .../RoleAssignmentsEffectiveListResponse.json |    0
 .../RoleAssignmentsList.txt}                  |    0
 .../RoleAssignmentsListResponse.json          |    0
 .../{ => admin}/RoleCreateRequest.json        |    0
 .../v3/samples/admin/RoleCreateResponse.json  |    9 +
 .../src/v3/samples/admin/RoleGetResponse.json |    9 +
 .../v3/samples/admin/RoleUpdateRequest.json   |    5 +
 .../v3/samples/admin/RoleUpdateResponse.json  |    9 +
 .../v3/samples/admin/RolesListResponse.json   |   51 +
 .../samples/admin/ServiceCreateRequest.json   |    7 +
 .../samples/admin/ServiceCreateResponse.json  |   12 +
 .../{ => admin}/ServiceGetResponse.json       |    0
 .../samples/admin/ServiceUpdateRequest.json   |    5 +
 .../samples/admin/ServiceUpdateResponse.json  |   12 +
 .../samples/admin/ServicesListResponse.json   |   99 +
 .../{ => admin}/TokenValidateRequest.txt      |    0
 .../{ => admin}/UserCreateRequest.json        |    2 +-
 .../{ => admin}/UserCreateResponse.json       |    2 +-
 .../samples/{ => admin}/UserGetResponse.json  |    0
 .../{ => admin}/UserListGroupsResponse.json   |    0
 .../{ => admin}/UserListProjectsResponse.json |    0
 .../admin/UserUpdatePasswordRequest.json      |    6 +
 .../{ => admin}/UserUpdateRequest.json        |    0
 .../{ => admin}/UserUpdateResponse.json       |    0
 .../v3/samples/admin/UsersListResponse.json   |  139 +
 .../{ => admin}/identity-version-resp.json    |    2 +-
 .../identity-versions-response.json           |    4 +-
 .../samples/notusedTokenAuthBasicRequest.json |   10 -
 .../notusedTokenAuthGenericMethodRequest.json |   20 -
 .../src/v3/wadl/OS-INHERIT-v3.wadl            |    4 +-
 .../identity-api/src/v3/wadl/OS-KDS-v3.wadl   |   18 +-
 .../src/v3/wadl/OS-OAUTH1-v3.wadl             |   29 +-
 .../identity-api/src/v3/wadl/OS-TRUST-v3.wadl |   12 +-
 .../wadls/identity-api/src/v3/wadl/common.ent | 4494 +++++++++----
 .../src/v3/wadl/identity-admin-v3.wadl        | 5747 ++++++++++-------
 188 files changed, 9731 insertions(+), 5060 deletions(-)
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CRUDCreateRequest-json-http.txt
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CRUDCreateRequest.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CRUDCreateResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CRUDDeleteRequest-json-http.txt
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CRUDDeleteResponse-json-http.txt
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CRUDGetNestedResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CRUDGetRequest-json-http.txt
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CRUDGetResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CRUDListAllRequest-json-http.txt
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CRUDListAllResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CRUDListFilterRequest-json-http.txt
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CRUDListFilterResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CRUDUpdateRequest-json-http.txt
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CRUDUpdateRequest.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CRUDUpdateResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CredentialCreateRequest.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CredentialCreateResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CredentialGetResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CredentialUpdateRequest.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CredentialUpdateResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/CredentialsListResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/DomainGetResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/DomainUpdateRequest.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/DomainUpdateResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/DomainsListResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/EndpointCreateResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/EndpointsListResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/GroupCreateRequest.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/GroupCreateResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/GroupGetResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/GroupListUsersResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/GroupUpdateRequest.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/GroupUpdateResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/GroupsListResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/PoliciesListResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/ProjectCreateResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/ProjectGetResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/ProjectListUserRolesResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/ProjectUpdateResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/ProjectsListResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RESCredential.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RESDomain.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RESEndpoint.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RESGroup.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RESPolicy.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RESProject.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RESRole.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RESService.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RESToken.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RESUser.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RegionCreateRequest.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RegionCreateResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RegionGetResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RegionUpdateRequest.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RegionUpdateResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RegionsListResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RevokedListResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RoleCreateResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RoleGetResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RoleUpdateRequest.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RoleUpdateResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/RolesListResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/ServiceCreateRequest.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/ServiceCreateResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/ServiceUpdateRequest.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/ServiceUpdateResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/ServicesListResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthFail401aResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthFail401bResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthFail401cResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthNoScopeResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordDomainRequest.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordIDScopeProjDomainNameRequest.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordIDScopeProjNameRequest.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthScopeDomainResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthScopeProjectResponse.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/UsersListResponse.json
 rename api-ref/src/wadls/identity-api/src/v3/samples/{TokenAuthPasswordIDScopeDomainIDRequest.json => admin/Auth-Password-Explicit-UnscopedRequest.json} (53%)
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-Explicit-UnscopedResponse.json
 rename api-ref/src/wadls/identity-api/src/v3/samples/{TokenAuthPasswordIDScopeProjIDRequest.json => admin/Auth-Password-Project-ScopedRequest.json} (62%)
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-Project-ScopedResponse.json
 rename api-ref/src/wadls/identity-api/src/v3/samples/{TokenAuthPasswordIDRequest.json => admin/Auth-Password-UnscopedRequest.json} (65%)
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-UnscopedResponse.json
 rename api-ref/src/wadls/identity-api/src/v3/samples/{TokenAuthPasswordNameRequest.json => admin/Auth-Password-UserName-UnscopedRequest.json} (68%)
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-UserName-UnscopedResponse-HTTP.txt
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Token-ScopedRequest.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Token-ScopedResponse.json
 rename api-ref/src/wadls/identity-api/src/v3/samples/{TokenAuthTokenRequest.json => admin/Auth-Token-UnscopedRequest.json} (100%)
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Token-UnscopedResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialCreateRequest.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialCreateResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialGetResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialUpdateRequest.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialUpdateResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialsListResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGetResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupGetResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupOptionGetResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupOptionUpdateRequest.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupOptionUpdateResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupUpdateRequest.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupUpdateResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigUpdateRequest.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigUpdateResponse.json
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/DomainCreateRequest.json (100%)
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/DomainCreateResponse.json (100%)
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainGetResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainGroupUpdateRequest.json
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/DomainListGroupRolesResponse.json (100%)
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/DomainListUserRolesResponse.json (100%)
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainUpdateRequest.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainUpdateResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainsListResponse.json
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/EndpointCreateRequest.json (50%)
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/EndpointCreateResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/EndpointGetResponse.json
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/EndpointUpdateRequest.json (100%)
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/EndpointUpdateResponse.json (100%)
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/EndpointsListResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupCreateRequest.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupCreateResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupGetResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupListUsersResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupUpdateRequest.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupUpdateResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupsListResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/PoliciesListResponse.json
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/PolicyCreateRequest.json (100%)
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/PolicyCreateResponse.json (100%)
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/PolicyGetResponse.json (100%)
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/PolicyUpdateRequest.json (100%)
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/PolicyUpdateResponse.json (100%)
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/ProjectCreateRequest.json (66%)
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectCreateResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectEnableRequest.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectGetResponse.json
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/ProjectListGroupRolesResponse.json (100%)
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectListUserRolesResponse.json
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/ProjectUpdateRequest.json (68%)
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectUpdateResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectsListResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionCreateRequest.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionCreateResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionGetResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionUpdateRequest.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionUpdateResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionsListResponse.json
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/RevokedListRequest.txt (100%)
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/RevokedListResponse.json
 rename api-ref/src/wadls/identity-api/src/v3/samples/{listRoleAssignments.txt => admin/RoleAssignmentsEffectiveList.txt} (100%)
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/RoleAssignmentsEffectiveListResponse.json (100%)
 rename api-ref/src/wadls/identity-api/src/v3/samples/{listRoleAssignmentsEffective.txt => admin/RoleAssignmentsList.txt} (100%)
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/RoleAssignmentsListResponse.json (100%)
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/RoleCreateRequest.json (100%)
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleCreateResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleGetResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleUpdateRequest.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleUpdateResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/RolesListResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/ServiceCreateRequest.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/ServiceCreateResponse.json
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/ServiceGetResponse.json (100%)
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/ServiceUpdateRequest.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/ServiceUpdateResponse.json
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/ServicesListResponse.json
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/TokenValidateRequest.txt (100%)
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/UserCreateRequest.json (83%)
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/UserCreateResponse.json (87%)
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/UserGetResponse.json (100%)
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/UserListGroupsResponse.json (100%)
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/UserListProjectsResponse.json (100%)
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/UserUpdatePasswordRequest.json
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/UserUpdateRequest.json (100%)
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/UserUpdateResponse.json (100%)
 create mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/admin/UsersListResponse.json
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/identity-version-resp.json (87%)
 rename api-ref/src/wadls/identity-api/src/v3/samples/{ => admin}/identity-versions-response.json (90%)
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/notusedTokenAuthBasicRequest.json
 delete mode 100644 api-ref/src/wadls/identity-api/src/v3/samples/notusedTokenAuthGenericMethodRequest.json

diff --git a/api-ref/src/docbkx/ch_identity-v3.xml b/api-ref/src/docbkx/ch_identity-v3.xml
index a01d7b4a0..a7ee8c320 100644
--- a/api-ref/src/docbkx/ch_identity-v3.xml
+++ b/api-ref/src/docbkx/ch_identity-v3.xml
@@ -1,4 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE chapter [
+   <!ENTITY % common_project  SYSTEM "../wadls/common_project.ent">
+   %common_project;
+]>
 <chapter xmlns="http://docbook.org/ns/docbook"
     xmlns:xi="http://www.w3.org/2001/XInclude"
     xmlns:xlink="http://www.w3.org/1999/xlink"
@@ -9,8 +13,15 @@
     role="api-reference">
     <title>Identity API v3 (CURRENT)</title>
     <para>
-        Gets an authentication token that permits access to the OpenStack
-        services REST API.
+        The Identity service generates authentication tokens that permit
+        access to the OpenStack services REST APIs. Clients obtain this token
+        and the URL endpoints for other service APIs by supplying their valid
+        credentials to the authentication service.
+    </para>
+    <para>
+        Each time you make a REST API request to an OpenStack service, you
+        supply your authentication token in the <code>X-Auth-Token</code>
+        request header.
     </para>
     <para>
         Like most OpenStack projects, OpenStack Identity protects its APIs by
@@ -28,287 +39,490 @@
         API protection with role-based access control (RBAC)</link> in the
         <citetitle>OpenStack Cloud Administrator Guide</citetitle>.
     </para>
+    <para>
+      This page lists the Identity API operations in the following order:
+    </para>
+    <itemizedlist role="compact">
+        <listitem>
+            <para>
+                <link xlink:href="http://developer.openstack.org/api-ref-identity-v3.html#versions-identity-v3">API versions</link>
+            </para>
+        </listitem>
+        <listitem>
+            <para>
+                <link xlink:href="http://developer.openstack.org/api-ref-identity-v3.html#authenticate-v3">Authentication and token management</link>
+            </para>
+        </listitem>
+        <listitem>
+            <para>
+                <link xlink:href="http://developer.openstack.org/api-ref-identity-v3.html#credentials-v3">Credentials</link>
+            </para>
+        </listitem>
+        <listitem>
+            <para>
+                <link xlink:href="http://developer.openstack.org/api-ref-identity-v3.html#domains-v3">Domains</link>
+            </para>
+        </listitem>
+        <listitem>
+            <para>
+                <link xlink:href="http://developer.openstack.org/api-ref-identity-v3.html#domains-config-v3">Domain configuration</link>
+            </para>
+        </listitem>
+        <listitem>
+            <para>
+                <link xlink:href="http://developer.openstack.org/api-ref-identity-v3.html#groups-v3">Groups</link>
+            </para>
+        </listitem>
+        <listitem>
+            <para>
+                <link xlink:href="http://developer.openstack.org/api-ref-identity-v3.html#policies-v3">Policies</link>
+            </para>
+        </listitem>
+        <listitem>
+            <para>
+                <link xlink:href="http://developer.openstack.org/api-ref-identity-v3.html#projects-v3">Projects</link>
+            </para>
+        </listitem>
+        <listitem>
+            <para>
+                <link xlink:href="http://developer.openstack.org/api-ref-identity-v3.html#regions-v3">Regions</link>
+            </para>
+        </listitem>
+        <listitem>
+            <para>
+                <link xlink:href="http://developer.openstack.org/api-ref-identity-v3.html#roles-v3">Roles</link>
+            </para>
+        </listitem>
+        <listitem>
+            <para>
+                <link xlink:href="http://developer.openstack.org/api-ref-identity-v3.html#role-assignments-v3">Role assignments</link>
+            </para>
+        </listitem>
+        <listitem>
+            <para>
+                <link xlink:href="http://developer.openstack.org/api-ref-identity-v3.html#service-catalog-v3">Service catalog and endpoints</link>
+            </para>
+        </listitem>
+        <listitem>
+            <para>
+                <link xlink:href="http://developer.openstack.org/api-ref-identity-v3.html#users-v3">Users</link>
+            </para>
+        </listitem>
+    </itemizedlist>
+    <!-- ************************************ -->
+    <!-- API VERSIONS                         -->
+    <!-- ************************************ -->
     <section xml:id="versions-identity-v3">
         <title>API versions</title>
+        <para>
+            You can list information about all Identity API versions or show
+            details for the most recent Identity API v3 micro-version.
+        </para>
         <wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
-            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#versions">
-                <wadl:method href="#getVersions-identity-v3"/>
-            </wadl:resource>
-            <!-- list version -->
-            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#version">
-                <wadl:method href="#showVersionDetails-identity-v3"/>
-            </wadl:resource>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#versions"/>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#version"/>
         </wadl:resources>
     </section>
-    <!-- Tokens -->
-    <section xml:id="tokens-v3">
-        <title>Tokens</title>
-        <para>Manages tokens.</para>
+    <!-- ************************************ -->
+    <!-- AUTHENTICATION                       -->
+    <!-- ************************************ -->
+    <section xml:id="authenticate-v3">
+        <title>Authentication and token management (auth, tokens)</title>
+        <para>
+            In exchange for a set of authentication credentials, the Identity
+            service generates tokens. A token represents the authenticated
+            identity of a user and, optionally, grants authorization on a
+            specific project or domain.
+        </para>
+        <para>
+            The body of an authentication request must include a payload that
+            specifies the authentication method, which is
+            <code>password</code> or <code>token</code>, the credentials, and,
+            optionally, the authorization scope. You can scope a token to a
+            project or domain, or the token can be unscoped. You cannot scope
+            a token to both a project and domain.
+        </para>
+        <para>
+            Tokens have IDs, which the Identity API returns in the
+            <code>X-Subject-Token</code> response header.
+        </para>
+        <para>
+            Also, validates an authentication token and lists the domains,
+            projects, roles, and endpoints to which the token gives access.
+            Forces the immediate revocation of a token.
+        </para>
+        <para>
+            After you obtain an authentication token, you can:
+        </para>
+        <itemizedlist>
+            <listitem>
+                <para>
+                    Make REST API requests to other OpenStack services. You
+                    supply the ID of your authentication token in the
+                    <code>X-Auth-Token</code> request header.
+                </para>
+            </listitem>
+            <listitem>
+                <para>
+                    Validate your authentication token and list the domains,
+                    projects, roles, and endpoints that your token gives you
+                    access to.
+                </para>
+            </listitem>
+            <listitem>
+                <para>
+                    Use your token to request another token scoped for a
+                    different domain and project.
+                </para>
+            </listitem>
+            <listitem>
+                <para>
+                    Force the immediate revocation of a token.
+                </para>
+            </listitem>
+            <listitem>
+                <para>
+                    List revoked public key infrastructure (PKI) tokens.
+                </para>
+            </listitem>
+        </itemizedlist>
+        <para>
+            The Identity API treats expired tokens as no longer valid
+            tokens. The deployment determines how long expired tokens are
+            stored.
+        </para>
+        <para>
+            These authentication errors can occur:
+        </para>
+        <table rules="all" frame="border">
+            <caption>Authentication errors</caption>
+            <col width="20%" valign="top"/>
+            <col width="80%" valign="top"/>
+            <thead>
+                <tr>
+                    <th>Response code</th>
+                    <th>Description</th>
+                </tr>
+            </thead>
+            <tbody>
+                <tr>
+                    <td>
+                        <para>
+                            <code>Bad Request (400)</code>
+                        </para>
+                    </td>
+                    <td>
+                        <para>
+                            The Identity service failed to parse the request
+                            as expected. One of the following errors occurred:
+                        </para>
+                        <itemizedlist>
+                            <listitem>
+                                <para>
+                                    A required attribute was missing.
+                                </para>
+                            </listitem>
+                            <listitem>
+                                <para>
+                                    An attribute that is not allowed was
+                                    specified, such as an ID on a &POST;
+                                    request in a basic CRUD operation.
+                                </para>
+                            </listitem>
+                            <listitem>
+                                <para>
+                                    An attribute of an unexpected data type
+                                    was specified.
+                                </para>
+                            </listitem>
+                        </itemizedlist>
+                    </td>
+                </tr>
+                <tr>
+                    <td>
+                        <para>
+                            <code>Unauthorized (401)</code>
+                        </para>
+                    </td>
+                    <td>
+                        <para>
+                            One of the following errors occurred:
+                        </para>
+                        <itemizedlist>
+                            <listitem>
+                                <para>
+                                    Authentication was not performed.
+                                </para>
+                            </listitem>
+                            <listitem>
+                                <para>
+                                    The specified <code>X-Auth-Token</code>
+                                    header is not valid.
+                                </para>
+                            </listitem>
+                            <listitem>
+                                <para>
+                                    The authentication credentials are not valid.
+                                </para>
+                            </listitem>
+                        </itemizedlist>
+                    </td>
+                </tr>
+                <tr>
+                    <td>
+                        <para>
+                            <code>Forbidden (403)</code>
+                        </para>
+                    </td>
+                    <td>
+                        <para>
+                            The identity was successfully authenticated but it
+                            is not authorized to perform the requested action.
+                        </para>
+                    </td>
+                </tr>
+                <tr>
+                    <td>
+                        <para>
+                            <code>Not Found (404)</code>
+                        </para>
+                    </td>
+                    <td>
+                        <para>
+                            An operation failed because a referenced entity
+                            cannot be found by ID. For a &POST; request, the
+                            referenced entity might be specified in the
+                            request body rather than in the resource path.
+                        </para>
+                    </td>
+                </tr>
+                <tr>
+                    <td>
+                        <para>
+                            <code>Conflict (409)</code>
+                        </para>
+                    </td>
+                    <td>
+                        <para>
+                            A &POST; or &PATCH; operation failed. For example,
+                            a client tried to update a unique attribute for an
+                            entity, which conflicts with that of another
+                            entity in the same collection.
+                        </para>
+                        <para>
+                            Or, a client issued a create operation twice on a
+                            collection with a user-defined, unique attribute.
+                            For example, a client made a &POST;
+                            <code>/users</code> request two times for the
+                            unique, user-defined name attribute for a user
+                            entity.
+                        </para>
+                    </td>
+                </tr>
+            </tbody>
+        </table>
+        <para></para>
         <wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
-            <!-- authenticate token -->
             <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#tokens">
-                <wadl:method href="#authenticate"/>
-                <wadl:method href="#validateTokens"/>
-                <wadl:method href="#checkTokens"/>
+                <wadl:method href="#authenticatePasswordUnscoped"/>
+                <wadl:method href="#authenticatePasswordExplicitUnscoped"/>
+                <wadl:method href="#authenticatePasswordScoped"/>
+                <wadl:method href="#authenticateTokenUnscoped"/>
+                <wadl:method href="#authenticateTokenScoped"/>
+                <wadl:method href="#validateToken"/>
+                <wadl:method href="#checkToken"/>
                 <wadl:method href="#revokeTokens"/>
             </wadl:resource>
         </wadl:resources>
     </section>
-    <!-- Catalog -->
-    <section xml:id="service-catalog-v3">
-        <title>Service catalog</title>
-        <para>Manages the catalog of services.</para>
-        <wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
-            <!-- create service -->
-            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#services">
-                <wadl:method href="#createService"/>
-                <wadl:method href="#listServices"/>
-            </wadl:resource>
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#service_id">
-                <wadl:method href="#getService"/>
-                <wadl:method href="#updateService"/>
-                <wadl:method href="#deleteService"/>
-            </wadl:resource>
-        </wadl:resources>
-    </section>
-    <!-- Endpoints -->
-    <section xml:id="endpoints-v3">
-        <title>Endpoints</title>
-        <para>Manages endpoints.</para>
-        <wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
-            <!-- create endpoint -->
-            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#endpoints"/>
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#endpoint_id"/>
-        </wadl:resources>
-    </section>
-    <!-- Domains -->
-    <section xml:id="domains-v3">
-        <title>Domains</title>
-        <para>Manages domains.</para>
+    <!-- ************************************ -->
+    <!-- CREDENTIALS                          -->
+    <!-- ************************************ -->
+    <section xml:id="credentials-v3">
+        <title>Credentials (credentials)</title>
         <para>
-            Domains represent collections of users, groups, and projects. Each is owned by exactly
-            one domain. Users, however, can be associated with multiple projects by granting roles
-            to the user on a project, including projects owned by other domains.
+            In exchange for a set of authentication credentials that the user
+            submits, the Identity service generates and returns a token. A
+            token represents the authenticated identity of a user and,
+            optionally, grants authorization on a specific project or domain.
         </para>
         <para>
-            Each domain defines a namespace where certain API-visible name attributes exist, which
-            affects whether those names must be globally unique or unique within that domain. In the
-            Identity API, the uniqueness of the following attributes is as follows:
+            You can list all credentials, and create, show details for,
+            update, and delete a credential.
+        </para>
+        <wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#credentials"/>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#credential_id"/>
+        </wadl:resources>
+    </section>
+    <!-- ************************************ -->
+    <!-- DOMAINS                              -->
+    <!-- ************************************ -->
+    <section xml:id="domains-v3">
+        <title>Domains (domains, users, groups, roles)</title>
+        <para>
+            A domain is a collection of users, groups, and projects. Each
+            group and project is owned by exactly one domain.
+        </para>
+        <para>
+            Each domain defines a namespace where certain API-visible name
+            attributes exist, which affects whether those names must be
+            globally unique or unique within that domain. In the Identity API,
+            the uniqueness of these attributes is as follows:
         </para>
         <itemizedlist>
             <listitem>
-                <para><emphasis role="italic">Domain name</emphasis>. Globally unique across all
-                    domains.</para>
+                <para>
+                    <emphasis role="italic">Domain name</emphasis>. Globally
+                    unique across all domains.
+                </para>
             </listitem>
             <listitem>
-                <para><emphasis role="italic">Role name</emphasis>. Globally unique across all
-                    domains.</para>
+                <para>
+                    <emphasis role="italic">Role name</emphasis>. Globally
+                    unique across all domains.
+                </para>
             </listitem>
             <listitem>
-                <para><emphasis role="italic">User name</emphasis>. Unique within the owning
-                    domain.</para>
+                <para>
+                    <emphasis role="italic">User name</emphasis>. Unique
+                    within the owning domain.
+                </para>
             </listitem>
             <listitem>
-                <para><emphasis role="italic">Project name</emphasis>. Unique within the owning
-                    domain.</para>
+                <para>
+                    <emphasis role="italic">Project name</emphasis>. Unique
+                    within the owning domain.
+                </para>
             </listitem>
             <listitem>
-                <para><emphasis role="italic">Group name</emphasis>. Unique within the owning
-                    domain.</para>
+                <para>
+                    <emphasis role="italic">Group name</emphasis>. Unique
+                    within the owning domain.
+                </para>
             </listitem>
         </itemizedlist>
         <wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
-            <!-- create domain -->
-            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#domains">
-                <wadl:method href="#createDomain"/>
+            <wadl:resource
+                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#domains">
                 <wadl:method href="#listDomains"/>
+                <wadl:method href="#createDomain"/>
             </wadl:resource>
-            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#domain_id">
+            <wadl:resource
+                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#domain_id">
                 <wadl:method href="#getDomain"/>
                 <wadl:method href="#updateDomain"/>
                 <wadl:method href="#deleteDomain"/>
             </wadl:resource>
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#users_user_id_roles">
-                <wadl:method href="#listDomainUserRoles"/>
-            </wadl:resource>
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#role_id-domainusers">
-                <wadl:method href="#grantDomainUserRole"/>
-                <wadl:method href="#checkDomainUserRole"/>
-                <wadl:method href="#revokeDomainUserRole"/>
-            </wadl:resource>
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#groups_group_id_roles">
-                <wadl:method href="#listDomainGroupRoles"/>
-            </wadl:resource>
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#domain-group-role_id">
-                <wadl:method href="#grantDomainGroupRole"/>
-                <wadl:method href="#checkDomainGroupRole"/>
-                <wadl:method href="#revokeDomainGroupRole"/>
-            </wadl:resource>
         </wadl:resources>
     </section>
-    <!-- Projects -->
-    <section xml:id="projects-v3">
-        <title>Projects</title>
-        <para>Manages projects.</para>
+    <!-- ************************************ -->
+    <!-- DOMAIN CONFIGURATION                 -->
+    <!-- ************************************ -->
+    <section xml:id="domains-config-v3">
+        <title>Domain configuration (domains, config) (since v3.4) (EXPERIMENTAL)</title>
+        <para>
+            You can manage domain-specific configuration options.
+        </para>
+        <para>
+            Domain-specific configuration options are structured within their
+            group objects. The API supports only the <code>identity</code> and
+            <code>ldap</code> groups. These groups override the default
+            configuration settings for the storage of users and groups by the
+            Identity server.
+        </para>
+        <para>
+            You can create, update, and delete domain-specific configuration
+            options by using the HTTP &PUT;, &PATCH;, and &DELETE; methods.
+            When updating, it is only necessary to include those options that
+            are being updated.
+        </para>
+        <para>
+            To create an option, use the &PUT; method. The Identity API does
+            not return options that are considered sensitive, although you can
+            create and update these options. The only option currently
+            considered sensitive is the <code>password</code> option within
+            the <code>ldap</code> group.
+        </para>
+        <para>
+            The API enables you to include sensitive options as part of non-
+            sensitive options. For example, you can include the password as
+            part of the <code>url</code> option.
+        </para>
+        <para>
+            If you try to create or update configuration options for groups
+            other than the <code>identity</code>code> or <code>ldap</code>
+            groups, the <code>Forbidden (403)</code> response code is
+            returned.
+        </para>
+        <para>
+            For information about how to integrate the Identity service with
+            LDAP, see <link
+            xlink:href="http://docs.openstack.org/admin-guide-cloud/keystone_integrate_with_ldap.html">Integrate Identity with LDAP</link>.
+        </para>
         <wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
-            <!-- create project -->
-            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#projects">
-                <wadl:method href="#createProject"/>
-                <wadl:method href="#listProjects"/>
-            </wadl:resource>
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#project_id">
-                <wadl:method href="#getProject"/>
-                <wadl:method href="#updateProject"/>
-                <wadl:method href="#deleteProject"/>
-            </wadl:resource>
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#user_id_roles">
-                <wadl:method href="#listProjectUserRoles"/>
-            </wadl:resource>
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#project-user-role_id">
-                <wadl:method href="#grantProjectUserRole"/>
-                <wadl:method href="#checkProjectUserRole"/>
-                <wadl:method href="#revokeProjectUserRole"/>
-            </wadl:resource>
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#project-groups-roles">
-                <wadl:method href="#listProjectGroupRoles"/>
-            </wadl:resource>
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#project-groups-roles_id">
-                <wadl:method href="#grantProjectGroupRole"/>
-                <wadl:method href="#checkProjectGroupRole"/>
-                <wadl:method href="#revokeProjectGroupRole"/>
-            </wadl:resource>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#config"/>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#config-group"/>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#config-option"/>
         </wadl:resources>
     </section>
-    <!-- Users -->
-    <section xml:id="users-v3">
-        <title>Users</title>
-        <para>Manages users.</para>
-        <wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
-            <!-- create user -->
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#create-users">
-                <wadl:method href="#createUser"/>
-                <wadl:method href="#listUsers"/>
-            </wadl:resource>
-            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#user_id">
-                <wadl:method href="#getUser"/>
-                <wadl:method href="#updateUser"/>
-                <wadl:method href="#deleteUser"/>
-            </wadl:resource>
-            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#groups">
-                <wadl:method href="#listUserGroups"/>
-            </wadl:resource>
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#user-projects">
-                <wadl:method href="#listUserProjects"/>
-            </wadl:resource>
-        </wadl:resources>
-    </section>
-    <!-- Groups -->
+    <!-- ************************************ -->
+    <!-- GROUPS                               -->
+    <!-- ************************************ -->
     <section xml:id="groups-v3">
-        <title>Groups</title>
-        <para>Manages groups.</para>
-        <wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
-            <!-- create group -->
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#create-groups">
-                <wadl:method href="#createGroup"/>
-                <wadl:method href="#listGroups"/>
-            </wadl:resource>
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#group-group_id">
-                <wadl:method href="#getGroup"/>
-                <wadl:method href="#updateGroup"/>
-                <wadl:method href="#deleteGroup"/>
-            </wadl:resource>
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#group-users">
-                <wadl:method href="#listGroupUsers"/>
-            </wadl:resource>
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#group-user-user_id">
-                <wadl:method href="#assignUserToGroup"/>
-                <wadl:method href="#deleteGroupUser"/>
-                <wadl:method href="#checkGroupUser"/>
-            </wadl:resource>
-        </wadl:resources>
-    </section>
-    <!-- Credentials -->
-    <section xml:id="credentials-v3">
-        <title>Credentials</title>
-        <para>Manages credentials.</para>
-        <wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
-            <!-- create credential -->
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#credentials">
-                <wadl:method href="#createCredential"/>
-                <wadl:method href="#listCredentials"/>
-            </wadl:resource>
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#credential_id">
-                <wadl:method href="#getCredential"/>
-                <wadl:method href="#updateCredential"/>
-                <wadl:method href="#deleteCredential"/>
-            </wadl:resource>
-        </wadl:resources>
-    </section>
-    <!-- Roles -->
-    <section xml:id="roles-v3">
-        <title>Roles</title>
-        <para>Manages roles.</para>
-        <wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
-            <!-- create role -->
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#create-roles">
-                <wadl:method href="#createRole"/>
-                <wadl:method href="#listRoles"/>
-            </wadl:resource>
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#role_assignments">
-                <wadl:method href="#listRoleAssignments"/>
-            </wadl:resource>
-            <wadl:resource
-                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#role-role_id">
-                <wadl:method href="#getRole"/>
-                <wadl:method href="#updateRole"/>
-                <wadl:method href="#deleteRole"/>
-            </wadl:resource>
-        </wadl:resources>
-    </section>
-    <!-- Policies -->
-    <section xml:id="policies-v3">
-        <title>Policies</title>
-        <para>Manages policies.</para>
+        <title>Groups (groups, users)</title>
         <para>
-            You can encode policy rule sets into a blob to be consumed by
+            A group is a collection of users. Each group is owned by a domain.
+        </para>
+        <para>
+            When you grant a role to a group, you explicitly associate that
+            group with a project or domain. This action is equivalent to
+            granting the role to each group member on that project and domain.
+        </para>
+        <para>
+            When you grant a role to a group, that role is automatically
+            granted to any user that you add to the group. When you revoke a
+            role from a group, that role is automatically revoked from any
+            user that you remove from the group. Any token that authenticates
+            that user, project, and domain is revoked.
+        </para>
+        <para>
+            As with users, a group without any role grants is useless from the
+            perspective an OpenStack service and has no access to resources.
+            However, a group without role grants is permitted as a way of
+            acquiring or loading users and groups from external sources before
+            mapping them to projects and domains.
+        </para>
+        <wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#group-groups"/>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#group-group_id"/>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#group-users"/>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#group-user-user_id"/>
+        </wadl:resources>
+    </section>
+    <!-- ************************************ -->
+    <!-- POLICIES                             -->
+    <!-- ************************************ -->
+     <section xml:id="policies-v3">
+        <title>Policies (policies)</title>
+        <para>
+            A policy is an arbitrarily serialized policy engine rule set to
+            be consumed by a remote service.
+        </para>
+        <para>
+            You encode policy rule sets into a blob to be consumed by
             remote services. To do so, set <code>type</code> to
-            <code>application/json</code> and specify policy rules as JSON strings in a
-            <code>blob</code>. For example:
+            <code>application/json</code> and specify policy rules as JSON
+            strings in a <code>blob</code>. For example:
         </para>
-        <programlisting>"blob": {
-        "default": false
-    }</programlisting>
-        <para>
-            Or:
-        </para>
-        <programlisting> "blob": {
-        "foobar_user": [
+<programlisting>{
+    "blob":{
+        "foobar_user":[
             "role:compute-user"
         ]
-    }</programlisting>
+    }
+}</programlisting>
         <wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
-            <!-- create policy -->
             <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#policies">
                 <wadl:method href="#createPolicy"/>
                 <wadl:method href="#listPolicies"/>
@@ -320,24 +534,270 @@
             </wadl:resource>
         </wadl:resources>
     </section>
-    <section xml:id="regions-v3">
-        <title>Regions</title>
-        <para>Manages regions.</para>
+    <!-- ************************************ -->
+    <!-- PROJECTS                             -->
+    <!-- ************************************ -->
+    <section xml:id="projects-v3">
+        <title>Projects (projects, users, groups, roles)</title>
         <para>
-            A region is a general division of an OpenStack deployment.
-            You can associate zero or more sub-regions with a region
-            to create a tree-like structured hierarchy.
+            A project is the base unit of ownership. Resources are owned by a
+            specific project. A project is owned by a specific domain.
+        </para>
+        <para>
+            (Since v3.4) You can create a hierarchy of projects by setting a
+            parent ID when you create projects. All projects in a hierarchy
+            must be owned by the same domain.
+        </para>
+        <para>
+            (Since v3.6) Optionally, you can create a project that behaves
+            both as a project and a domain. As a domain, the project provides
+            a name space in which you can create users, groups, and other
+            projects. If you create a project that behaves as a domain, you
+            cannot update this project to behave like a regular project.
+        </para>
+        <wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#projects">
+                <wadl:method href="#listProjects"/>
+                <wadl:method href="#createProject"/>
+            </wadl:resource>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#project_id">
+                <wadl:method href="#getProject"/>
+                <wadl:method href="#updateProject"/>
+                <wadl:method href="#deleteProject"/>
+            </wadl:resource>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#cascade">
+                <wadl:method href="#enableProject"/>
+                <wadl:method href="#deleteProjectSubtree"/>
+            </wadl:resource>
+        </wadl:resources>
+    </section>
+    <!-- ************************************ -->
+    <!-- REGIONS                              -->
+    <!-- ************************************ -->
+    <section xml:id="regions-v3">
+        <title>Regions (regions) (since v3.2)</title>
+        <para>
+            A region is a general division of an OpenStack deployment. You can
+            associate zero or more sub-regions with a region to create a
+            tree-like structured hierarchy.
         </para>
         <para>
             Although a region does not have a geographical connotation, a
             deployment can use a geographical name for a region, such as
             <code>us-east</code>.
         </para>
+        <para>
+            You can list, create, update, show details for, and delete
+            regions.
+        </para>
         <wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
-            <!-- create policy -->
             <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#regions"/>
             <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#user_defined_region_id"/>
             <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#region_id"/>
         </wadl:resources>
     </section>
+    <!-- ************************************ -->
+    <!-- ROLES                                -->
+    <!-- ************************************ -->
+    <section xml:id="roles-v3">
+        <title>Roles (roles)</title>
+        <para>
+            Roles grant a user a set of permitted actions for either a
+            specific project or an entire domain.
+        </para>
+        <para>
+            You can grant roles to a user on a project, including
+            projects owned by other domains.
+        </para>
+        <para>
+            You can create, list, and delete roles. You can also list roles
+            assigned to a specified domain, project, or user.
+        </para>
+        <para>
+            You can list role assignments and, since v3.6, all role
+            assignments within a tree of projects. Use the query parameters to
+            filter the list because the role assignments list can be long.
+            Some typical examples are:
+        </para>
+        <itemizedlist>
+            <listitem>
+                <para>
+                    List role assignments for the specified user:
+                </para>
+                <programlisting>GET /role_assignments?user.id={user_id}</programlisting>
+            </listitem>
+            <listitem>
+                <para>
+                    List role assignments for the specified project:
+                </para>
+<programlisting>GET /role_assignments?scope.project.id={project_id}</programlisting>
+            </listitem>
+            <listitem>
+                <para>
+                    List all role assignments for a specified project and its sub- projects:
+                </para>
+<programlisting>GET /role_assignments?scope.project.id={project_id}?include_subtree=true</programlisting>
+                <para>
+                    If you specify <code>include_subtree=true</code>, you must
+                    also specify the <code>scope.project.id</code>. Otherwise,
+                    this call returns the <code>Bad Request (400)</code>
+                    response code.
+                </para>
+            </listitem>
+        </itemizedlist>
+        <para>
+            Each role assignment entity in the collection contains a link
+            to the assignment that created the entity.
+        </para>
+        <para>
+            Use the <code>effective</code> query parameter to list effective
+            assignments at the user, project, and domain level. This parameter
+            allows for the effects of group membership. The group role
+            assignment entities themselves are not returned in the collection.
+            This represents the effective role assignments that would be
+            included in a scoped token.
+        </para>
+        <para>
+            In the response, the <code>links</code> entity section for
+            entities for group members also contains a URL that enables access
+            to the membership of the group.
+        </para>
+        <para>
+            You can use the other query parameters with the
+            <code>effective</code> parameter, such as:
+        </para>
+        <itemizedlist>
+            <listitem>
+                <para>
+                    Determine what a user can actually do:
+                </para>
+<programlisting>GET /role_assignments?user.id={user_id}&amp;effective</programlisting>
+            </listitem>
+            <listitem>
+                <para>
+                    Get the equivalent set of role assignments that are
+                    included in a project-scoped token response:
+                </para>
+<programlisting>GET /role_assignments?user.id={user_id}&amp;scope.project.id={project_id}&amp;effective</programlisting>
+            </listitem>
+        </itemizedlist>
+        <wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#roles">
+                <wadl:method href="#createRole"/>
+                <wadl:method href="#listRoles"/>
+            </wadl:resource>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#roles-role_id">
+                <wadl:method href="#getRole"/>
+                <wadl:method href="#updateRole"/>
+                <wadl:method href="#deleteRole"/>
+            </wadl:resource>
+            <wadl:resource
+                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#domains-users-roles">
+                <wadl:method href="#listDomainUserRoles"/>
+            </wadl:resource>
+            <wadl:resource
+                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#domains-users-roles-role_id">
+                <wadl:method href="#grantDomainUserRole"/>
+                <wadl:method href="#checkDomainUserRole"/>
+                <wadl:method href="#revokeDomainUserRole"/>
+            </wadl:resource>
+            <wadl:resource
+                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#domains-groups-roles">
+                <wadl:method href="#listDomainGroupRoles"/>
+            </wadl:resource>
+            <wadl:resource
+                href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#domains-groups-roles-role_id">
+                <wadl:method href="#grantDomainGroupRole"/>
+                <wadl:method href="#checkDomainGroupRole"/>
+                <wadl:method href="#revokeDomainGroupRole"/>
+            </wadl:resource>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#projects-users-roles">
+                <wadl:method href="#listProjectUserRoles"/>
+            </wadl:resource>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#projects-users-role_id">
+                <wadl:method href="#grantProjectUserRole"/>
+                <wadl:method href="#checkProjectUserRole"/>
+                <wadl:method href="#revokeProjectUserRole"/>
+            </wadl:resource>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#projects-groups-roles">
+                <wadl:method href="#listProjectGroupRoles"/>
+            </wadl:resource>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#projects-groups-role_id">
+                <wadl:method href="#grantProjectGroupRole"/>
+                <wadl:method href="#checkProjectGroupRole"/>
+                <wadl:method href="#revokeProjectGroupRole"/>
+            </wadl:resource>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#role_assignments">
+                <wadl:method href="#listRoleAssignments"/>
+            </wadl:resource>
+        </wadl:resources>
+    </section>
+    <!-- ************************************ -->
+    <!-- SERVICE CATALOG AND ENDPOINTS        -->
+    <!-- ************************************ -->
+    <section xml:id="service-catalog-v3">
+        <title>Service catalog and endpoints (services, endpoints)</title>
+        <para>
+            A service is an OpenStack web service that you can access through
+            a URL, or endpoint.
+        </para>
+        <para>
+            A service catalog lists the services that are available to the
+            caller based upon the current authorization.
+        </para>
+        <para>
+            You can create, list, show details for, update, and delete
+            services. When you create or update a service, you can enable the
+            service, which causes it and its endpoints to appear in the
+            service catalog.
+        </para>
+        <para>
+            You can create, list, show details for, update, and delete endpoints.
+        </para>
+        <wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#services"/>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#service_id"/>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#endpoints"/>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#endpoint_id"/>
+        </wadl:resources>
+    </section>
+    <!-- ************************************ -->
+    <!-- USERS                                -->
+    <!-- ************************************ -->
+    <section xml:id="users-v3">
+        <title>Users (users, groups, projects, roles)</title>
+        <para>
+            A user is an individual API consumer that is owned by a domain. A
+            role explicitly associates a user with projects or domains. A user
+            with no assigned roles has no access to OpenStack resources.
+        </para>
+        <para>
+            You can list, create, show details for, update, delete, and change the password for users.
+        </para>
+        <para>
+            You can also list groups, projects, and roles for a specified
+            user. To list user roles, see <link
+            xlink:href="http://developer.openstack.org/api-ref-identity-v3.html#roles-v3">Roles</link>.
+        </para>
+        <wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#users-users">
+                <wadl:method href="#listUsers"/>
+                <wadl:method href="#createUser"/>
+            </wadl:resource>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#users-user_id">
+                <wadl:method href="#getUser"/>
+                <wadl:method href="#updateUser"/>
+                <wadl:method href="#deleteUser"/>
+            </wadl:resource>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#password">
+                <wadl:method href="#changeUserPassword"/>
+            </wadl:resource>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#user-groups">
+                <wadl:method href="#listUserGroups"/>
+            </wadl:resource>
+            <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#user-projects">
+                <wadl:method href="#listUserProjects"/>
+            </wadl:resource>
+        </wadl:resources>
+    </section>
 </chapter>
diff --git a/api-ref/src/docbkx/preface.xml b/api-ref/src/docbkx/preface.xml
index e86167463..2efefdfb2 100644
--- a/api-ref/src/docbkx/preface.xml
+++ b/api-ref/src/docbkx/preface.xml
@@ -33,13 +33,31 @@
         >Version Discovery</link>.
     </para>
     <para>
-        You must install the packages for each API separately. You can use the
-        APIs and extensions after you authenticate through the Identity API:
+        You must install the packages for each API separately.
+    </para>
+    <para>
+        You can use the APIs and extensions after you authenticate through the
+        Identity API. In exchange for a set of authentication credentials, the
+        Identity service generates tokens. A token represents the
+        authenticated identity of a user and, optionally, grants authorization
+        on a specific project or domain.
+    </para>
+    <para>
+        The body of an authentication request must include a payload that
+        specifies the authentication method, which is
+        <code>password</code> or <code>token</code>, the credentials, and,
+        optionally, the authorization scope. You can scope a token to a
+        project or domain, or the token can be unscoped. You cannot scope
+        a token to both a project and domain.
     </para>
     <wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
-        <wadl:resource
-            href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#tokens"
-        />
+        <wadl:resource href="../wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl#tokens">
+            <wadl:method href="#authenticatePasswordUnscoped"/>
+            <wadl:method href="#authenticatePasswordExplicitUnscoped"/>
+            <wadl:method href="#authenticatePasswordScoped"/>
+            <wadl:method href="#authenticateTokenUnscoped"/>
+            <wadl:method href="#authenticateTokenScoped"/>
+        </wadl:resource>
     </wadl:resources>
     <para>To get started with the APIs, see the <link
             xlink:href="http://docs.openstack.org/api/quick-start/content/"
diff --git a/api-ref/src/wadls/common_project.ent b/api-ref/src/wadls/common_project.ent
index 38637d5dc..b3ce4e422 100644
--- a/api-ref/src/wadls/common_project.ent
+++ b/api-ref/src/wadls/common_project.ent
@@ -384,28 +384,28 @@
 </param>'>
 <!ENTITY expires_at-ResponseParameter '
 <param name="expires_at"
- style="plain" required="false"
-type="xsd:dateTime" xmlns="http://wadl.dev.java.net/2009/02">
+    style="plain" required="true"
+    type="xsd:dateTime" xmlns="http://wadl.dev.java.net/2009/02">
     <wadl:doc xmlns="http://docbook.org/ns/docbook"
         xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-    <para>
-        The date and time when the token expires.
-    </para>
-    <para>
-        The date and time stamp format is <link
-        xlink:href="https://en.wikipedia.org/wiki/ISO_8601">ISO 8601</link>:
-    </para>
-    <programlisting>CCYY-MM-DDThh:mm:ss±hh:mm</programlisting>
-    <para>
-        The <code>±hh:mm</code> value, if included, is the time zone as an
-        offset from UTC.
-    </para>
-    <para>
-        For example, <code>2015-08-27T09:49:58-05:00</code>.
-    </para>
-    <para>
-        A <code>null</code> value indicates that the token never expires.
-    </para>
+        <para>
+            The date and time when the token expires.
+        </para>
+        <para>
+            The date and time stamp format is <link
+            xlink:href="https://en.wikipedia.org/wiki/ISO_8601">ISO 8601</link>:
+        </para>
+        <programlisting>CCYY-MM-DDThh:mm:ss±hh:mm</programlisting>
+        <para>
+            The <code>±hh:mm</code> value, if included, is the time zone as an
+            offset from UTC.
+        </para>
+        <para>
+            For example, <code>2015-08-27T09:49:58-05:00</code>.
+        </para>
+        <para>
+            A <code>null</code> value indicates that the token never expires.
+        </para>
     </wadl:doc>
 </param>'>
 <!ENTITY issued_at-ResponseParameter '
@@ -503,6 +503,28 @@ type="xsd:dateTime" xmlns="http://wadl.dev.java.net/2009/02">
     </para>
 </wadl:doc>
 </param>'>
+<!ENTITY updatedResponseParameter '
+<param xmlns="http://wadl.dev.java.net/2009/02" name="updated" style="plain"
+   required="true" type="xsd:dateTime">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+              xmlns:wadl="http://wadl.dev.java.net/2009/02"
+              xml:lang="EN">
+        <para>
+            The date and time when the specification status last changed.
+        </para>
+        <para>
+            The date and time stamp format is <link
+            xlink:href="https://en.wikipedia.org/wiki/ISO_8601">ISO 8601</link>:
+        </para>
+        <programlisting>CCYY-MM-DDThh:mm:ss±hh:mm</programlisting>
+        <para>
+            For example, <code>2015-08-27T09:49:58-05:00</code>.
+        </para>
+        <para>
+            The <code>±hh:mm</code> value, if included, is the time zone as an offset from UTC.
+        </para>
+    </wadl:doc>
+</param>'>
 <!ENTITY service-updated_at-ResponseParameter '
 <param xmlns="http://wadl.dev.java.net/2009/02" name="updated_at" style="plain"
    required="true" type="xsd:dateTime">
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDCreateRequest-json-http.txt b/api-ref/src/wadls/identity-api/src/v3/samples/CRUDCreateRequest-json-http.txt
deleted file mode 100644
index 924710ae1..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDCreateRequest-json-http.txt
+++ /dev/null
@@ -1 +0,0 @@
-POST /entities
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDCreateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/CRUDCreateRequest.json
deleted file mode 100644
index 49acb6493..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDCreateRequest.json
+++ /dev/null
@@ -1,7 +0,0 @@
-{
-    "entity": {
-        "name": "string",
-        "description": "string",
-        "enabled": true
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDCreateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/CRUDCreateResponse.json
deleted file mode 100644
index d9502c428..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDCreateResponse.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-    "entity": {
-        "id": "string",
-        "name": "string",
-        "description": "string",
-        "enabled": true,
-        "links": {
-            "self": "url"
-        }
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDDeleteRequest-json-http.txt b/api-ref/src/wadls/identity-api/src/v3/samples/CRUDDeleteRequest-json-http.txt
deleted file mode 100644
index 895f4a170..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDDeleteRequest-json-http.txt
+++ /dev/null
@@ -1 +0,0 @@
-DELETE /entities/{entity_id}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDDeleteResponse-json-http.txt b/api-ref/src/wadls/identity-api/src/v3/samples/CRUDDeleteResponse-json-http.txt
deleted file mode 100644
index bd3152a3b..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDDeleteResponse-json-http.txt
+++ /dev/null
@@ -1 +0,0 @@
-204 No Content
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDGetNestedResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/CRUDGetNestedResponse.json
deleted file mode 100644
index 8796d22e6..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDGetNestedResponse.json
+++ /dev/null
@@ -1,27 +0,0 @@
-{
-    "entity": {
-        "id": "string",
-        "name": "string",
-        "description": "string",
-        "enabled": true,
-        "links": {
-            "self": "url"
-        },
-        "objects": [
-            {
-                "id": "string",
-                "name": "string",
-                "description": "string",
-                "enabled": true,
-                "links": {
-                    "self": "url"
-                }
-            }
-        ],
-        "objects_links": {
-            "self": "url",
-            "next": "url",
-            "previous": "url"
-        }
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDGetRequest-json-http.txt b/api-ref/src/wadls/identity-api/src/v3/samples/CRUDGetRequest-json-http.txt
deleted file mode 100644
index a29c13f99..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDGetRequest-json-http.txt
+++ /dev/null
@@ -1 +0,0 @@
-GET /entities/{entity_id}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDGetResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/CRUDGetResponse.json
deleted file mode 100644
index d9502c428..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDGetResponse.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-    "entity": {
-        "id": "string",
-        "name": "string",
-        "description": "string",
-        "enabled": true,
-        "links": {
-            "self": "url"
-        }
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDListAllRequest-json-http.txt b/api-ref/src/wadls/identity-api/src/v3/samples/CRUDListAllRequest-json-http.txt
deleted file mode 100644
index c8eda08ac..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDListAllRequest-json-http.txt
+++ /dev/null
@@ -1 +0,0 @@
-GET /entities
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDListAllResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/CRUDListAllResponse.json
deleted file mode 100644
index a07addd11..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDListAllResponse.json
+++ /dev/null
@@ -1,27 +0,0 @@
-{
-    "entities": [
-        {
-            "id": "string",
-            "name": "string",
-            "description": "string",
-            "enabled": true,
-            "links": {
-                "self": "url"
-            }
-        },
-        {
-            "id": "string",
-            "name": "string",
-            "description": "string",
-            "enabled": true,
-            "links": {
-                "self": "url"
-            }
-        }
-    ],
-    "links": {
-        "self": "url",
-        "next": "url",
-        "previous": "url"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDListFilterRequest-json-http.txt b/api-ref/src/wadls/identity-api/src/v3/samples/CRUDListFilterRequest-json-http.txt
deleted file mode 100644
index cad462396..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDListFilterRequest-json-http.txt
+++ /dev/null
@@ -1 +0,0 @@
-GET /entities?name={entity_name}&enabled={entity_enabled}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDListFilterResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/CRUDListFilterResponse.json
deleted file mode 100644
index 6ff329d70..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDListFilterResponse.json
+++ /dev/null
@@ -1,18 +0,0 @@
-{
-    "entities": [
-        {
-            "id": "string",
-            "name": "string",
-            "description": "string",
-            "enabled": true,
-            "links": {
-                "self": "url"
-            }
-        }
-    ],
-    "links": {
-        "self": "url",
-        "next": "url",
-        "previous": "url"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDUpdateRequest-json-http.txt b/api-ref/src/wadls/identity-api/src/v3/samples/CRUDUpdateRequest-json-http.txt
deleted file mode 100644
index d4fb64165..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDUpdateRequest-json-http.txt
+++ /dev/null
@@ -1 +0,0 @@
-PATCH /entities/{entity_id}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/CRUDUpdateRequest.json
deleted file mode 100644
index 13105c49f..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDUpdateRequest.json
+++ /dev/null
@@ -1,5 +0,0 @@
-{
-    "entity": {
-        "description": "string"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/CRUDUpdateResponse.json
deleted file mode 100644
index d9502c428..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CRUDUpdateResponse.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-    "entity": {
-        "id": "string",
-        "name": "string",
-        "description": "string",
-        "enabled": true,
-        "links": {
-            "self": "url"
-        }
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CredentialCreateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/CredentialCreateRequest.json
deleted file mode 100644
index d283d02ea..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CredentialCreateRequest.json
+++ /dev/null
@@ -1,6 +0,0 @@
-{
-    "blob": "{\"access\":\"181920\",\"secret\":\"secretKey\"}",
-    "project_id": "456789",
-    "type": "ec2",
-    "user_id": "616263"
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CredentialCreateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/CredentialCreateResponse.json
deleted file mode 100644
index 2254cf17b..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CredentialCreateResponse.json
+++ /dev/null
@@ -1,10 +0,0 @@
-{
-    "blob": "{\"access\":\"181920\",\"secret\":\"secretKey\"}",
-    "id": "414243",
-    "links": {
-        "self": "http://identity:35357/v3/credentials/414243"
-    },
-    "project_id": "456789",
-    "type": "ec2",
-    "user_id": "616263"
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CredentialGetResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/CredentialGetResponse.json
deleted file mode 100644
index 2254cf17b..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CredentialGetResponse.json
+++ /dev/null
@@ -1,10 +0,0 @@
-{
-    "blob": "{\"access\":\"181920\",\"secret\":\"secretKey\"}",
-    "id": "414243",
-    "links": {
-        "self": "http://identity:35357/v3/credentials/414243"
-    },
-    "project_id": "456789",
-    "type": "ec2",
-    "user_id": "616263"
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CredentialUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/CredentialUpdateRequest.json
deleted file mode 100644
index d283d02ea..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CredentialUpdateRequest.json
+++ /dev/null
@@ -1,6 +0,0 @@
-{
-    "blob": "{\"access\":\"181920\",\"secret\":\"secretKey\"}",
-    "project_id": "456789",
-    "type": "ec2",
-    "user_id": "616263"
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CredentialUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/CredentialUpdateResponse.json
deleted file mode 100644
index 2254cf17b..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CredentialUpdateResponse.json
+++ /dev/null
@@ -1,10 +0,0 @@
-{
-    "blob": "{\"access\":\"181920\",\"secret\":\"secretKey\"}",
-    "id": "414243",
-    "links": {
-        "self": "http://identity:35357/v3/credentials/414243"
-    },
-    "project_id": "456789",
-    "type": "ec2",
-    "user_id": "616263"
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/CredentialsListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/CredentialsListResponse.json
deleted file mode 100644
index d3423b939..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/CredentialsListResponse.json
+++ /dev/null
@@ -1,22 +0,0 @@
-[
-    {
-        "blob": "{\"access\":\"181920\",\"secret\":\"secretKey\"}",
-        "id": "414243",
-        "links": {
-            "self": "http://identity:35357/v3/credentials/414243"
-        },
-        "project_id": "456789",
-        "type": "ec2",
-        "user_id": "616263"
-    },
-    {
-        "blob": "{\"access\":\"181920\",\"secret\":\"secretKey\"}",
-        "id": "414243",
-        "links": {
-            "self": "http://identity:35357/v3/credentials/414243"
-        },
-        "project_id": "456789",
-        "type": "ec2",
-        "user_id": "616263"
-    }
-]
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/DomainGetResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/DomainGetResponse.json
deleted file mode 100644
index 56eae571f..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/DomainGetResponse.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-    "domain": {
-        "description": "Domain description",
-        "enabled": true,
-        "id": "161718",
-        "links": {
-            "self": "http://identity:35357/v3/domains/161718"
-        },
-        "name": "myDomain"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/DomainUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/DomainUpdateRequest.json
deleted file mode 100644
index d5e5e2fd0..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/DomainUpdateRequest.json
+++ /dev/null
@@ -1,7 +0,0 @@
-{
-    "domain": {
-        "description": "my updated domain",
-        "enabled": true,
-        "name": "myUpdatedDomain"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/DomainUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/DomainUpdateResponse.json
deleted file mode 100644
index 6532f4df3..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/DomainUpdateResponse.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-    "domain": {
-        "description": "my updated domain",
-        "enabled": true,
-        "id": "161718",
-        "links": {
-            "self": "http://identity:35357/v3/domains/161718"
-        },
-        "name": "myUpdatedDomain"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/DomainsListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/DomainsListResponse.json
deleted file mode 100644
index be32d24e9..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/DomainsListResponse.json
+++ /dev/null
@@ -1,22 +0,0 @@
-{
-    "domains": [
-        {
-            "description": "Domain description",
-            "enabled": true,
-            "id": "161718",
-            "links": {
-                "self": "http://identity:35357/v3/domains/161718"
-            },
-            "name": "myDomain"
-        },
-        {
-            "description": "Another domain",
-            "enabled": true,
-            "id": "864369",
-            "links": {
-                "self": "http://identity:35357/v3/domains/864369"
-            },
-            "name": "anotherDomain"
-        }
-    ]
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/EndpointCreateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/EndpointCreateResponse.json
deleted file mode 100644
index 5a84dd72f..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/EndpointCreateResponse.json
+++ /dev/null
@@ -1,13 +0,0 @@
-{
-    "endpoint": {
-        "id": "828384",
-        "interface": "internal",
-        "links": {
-            "self": "http://identity:35357/v3/endpoints/828384"
-        },
-        "name": "the internal volume endpoint",
-        "region_id": "north",
-        "service_id": "686766",
-        "url": "http://identity:35357/v3/endpoints/828384"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/EndpointsListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/EndpointsListResponse.json
deleted file mode 100644
index e2638d744..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/EndpointsListResponse.json
+++ /dev/null
@@ -1,21 +0,0 @@
-{
-    "endpoints": [
-        {
-            "region_id": "RegionOne",
-            "links": {
-                "self": "http://identity:35357/v3/endpoints/16cc0008313544c198ed50f33ba863d1"
-            },
-            "url": "http://identity:8774/v2/$(tenant_id)s",
-            "region": "RegionOne",
-            "enabled": true,
-            "interface": "public",
-            "service_id": "b9e34f93ef0b459b94fbaf77fc9ee976",
-            "id": "16cc0008313544c198ed50f33ba863d1"
-        }
-    ],
-    "links": {
-        "self": "http://identity:35357/v3/endpoints",
-        "previous": null,
-        "next": null
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/GroupCreateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/GroupCreateRequest.json
deleted file mode 100644
index 7ae594598..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/GroupCreateRequest.json
+++ /dev/null
@@ -1,7 +0,0 @@
-{
-    "group": {
-        "description": "Developers cleared for work on secret projects",
-        "domain_id": "161718",
-        "name": "Secure Developers"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/GroupCreateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/GroupCreateResponse.json
deleted file mode 100644
index e5c0f92d3..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/GroupCreateResponse.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-    "group": {
-        "description": "Developers cleared for work on secret projects",
-        "domain_id": "161718",
-        "id": "101112",
-        "links": {
-            "self": "http://identity:35357/v3/groups/101112"
-        },
-        "name": "Secure Developers"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/GroupGetResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/GroupGetResponse.json
deleted file mode 100644
index e5c0f92d3..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/GroupGetResponse.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-    "group": {
-        "description": "Developers cleared for work on secret projects",
-        "domain_id": "161718",
-        "id": "101112",
-        "links": {
-            "self": "http://identity:35357/v3/groups/101112"
-        },
-        "name": "Secure Developers"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/GroupListUsersResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/GroupListUsersResponse.json
deleted file mode 100644
index d6d5ebd18..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/GroupListUsersResponse.json
+++ /dev/null
@@ -1,33 +0,0 @@
-{
-    "users": [
-        {
-            "default_project_id": "414345",
-            "description": "a user",
-            "domain_id": "161718",
-            "email": "user@example.com",
-            "enabled": true,
-            "id": "313233",
-            "links": {
-                "self": "http://identity:35357/v3/users/313233"
-            },
-            "name": "admin"
-        },
-        {
-            "default_project_id": "414345",
-            "description": "another user",
-            "domain_id": "161718",
-            "email": "user@example.com",
-            "enabled": true,
-            "id": "313233",
-            "links": {
-                "self": "http://identity:35357/v3/users/313233"
-            },
-            "name": "someone"
-        }
-    ],
-    "links": {
-        "self": "http://identity:35357/v3/groups/101112/users",
-        "previous": null,
-        "next": null
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/GroupUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/GroupUpdateRequest.json
deleted file mode 100644
index 6c9e1145e..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/GroupUpdateRequest.json
+++ /dev/null
@@ -1,6 +0,0 @@
-{
-    "group": {
-        "description": "my updated group",
-        "name": "myUpdatedGroup"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/GroupUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/GroupUpdateResponse.json
deleted file mode 100644
index d939b3f02..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/GroupUpdateResponse.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-    "group": {
-        "description": "my updated group",
-        "domain_id": "161718",
-        "id": "101112",
-        "links": {
-            "self": "http://identity:35357/v3/groups/101112"
-        },
-        "name": "myUpdatedGroup"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/GroupsListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/GroupsListResponse.json
deleted file mode 100644
index db2557037..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/GroupsListResponse.json
+++ /dev/null
@@ -1,36 +0,0 @@
-{
-    "groups": [
-        {
-            "description": "Developers cleared for work on all general projects",
-            "domain_id": "161718",
-            "id": "101112",
-            "links": {
-                "self": "http://identity:35357/v3/groups/101112"
-            },
-            "name": "Developers"
-        },
-        {
-            "description": "Developers cleared for work on secret projects",
-            "domain_id": "161718",
-            "id": "101113",
-            "links": {
-                "self": "http://identity:35357/v3/groups/101113"
-            },
-            "name": "Secure Developers"
-        },
-        {
-            "description": "Testers cleared for work on all general projects",
-            "domain_id": "161718",
-            "id": "101114",
-            "links": {
-                "self": "http://identity:35357/v3/groups/101114"
-            },
-            "name": "Testers"
-        }
-    ],
-    "links": {
-        "self": "http://identity:35357/v3/groups",
-        "previous": null,
-        "next": null
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/PoliciesListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/PoliciesListResponse.json
deleted file mode 100644
index 1060afb90..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/PoliciesListResponse.json
+++ /dev/null
@@ -1,17 +0,0 @@
-{
-    "links": {
-        "self": "http://identity:35357/v3/policies",
-        "previous": null,
-        "next": null
-    },
-    "policies": [
-        {
-            "type": "application/json",
-            "id": "ea578b7ac0604b699d255e62d07677db",
-            "links": {
-                "self": "http://identity:35357/v3/policies/ea578b7ac0604b699d255e62d07677db"
-            },
-            "blob": "{'foobar_user': 'role:compute-user'}"
-        }
-    ]
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/ProjectCreateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/ProjectCreateResponse.json
deleted file mode 100644
index 505442e59..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/ProjectCreateResponse.json
+++ /dev/null
@@ -1,12 +0,0 @@
-{
-    "project": {
-        "domain_id": "1789d1",
-        "parent_id": "123c56",
-        "enabled": true,
-        "id": "456789",
-        "links": {
-            "self": "http://identity:35357/v3/projects/456789"
-        },
-        "name": "myNewProject"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/ProjectGetResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/ProjectGetResponse.json
deleted file mode 100644
index 505442e59..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/ProjectGetResponse.json
+++ /dev/null
@@ -1,12 +0,0 @@
-{
-    "project": {
-        "domain_id": "1789d1",
-        "parent_id": "123c56",
-        "enabled": true,
-        "id": "456789",
-        "links": {
-            "self": "http://identity:35357/v3/projects/456789"
-        },
-        "name": "myNewProject"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/ProjectListUserRolesResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/ProjectListUserRolesResponse.json
deleted file mode 100644
index d81cfc25a..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/ProjectListUserRolesResponse.json
+++ /dev/null
@@ -1,23 +0,0 @@
-{
-    "roles": [
-        {
-            "id": "123456",
-            "links": {
-                "self": "http://identity:35357/v3/roles/123456"
-            },
-            "name": "admin"
-        },
-        {
-            "id": "123457",
-            "links": {
-                "self": "http://identity:35357/v3/roles/123457"
-            },
-            "name": "manager"
-        }
-    ],
-    "links": {
-        "self": "http://identity:35357/v3/projects/456789/users/313233/roles",
-        "previous": null,
-        "next": null
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/ProjectUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/ProjectUpdateResponse.json
deleted file mode 100644
index 79f6a458a..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/ProjectUpdateResponse.json
+++ /dev/null
@@ -1,13 +0,0 @@
-{
-    "project": {
-        "description": "My updated project",
-        "domain_id": "1789d1",
-        "parent_id": "123c56",
-        "enabled": true,
-        "id": "263fd9",
-        "links": {
-            "self": "http://identity:35357/v3/projects/263fd9"
-        },
-        "name": "myUpdatedProject"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/ProjectsListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/ProjectsListResponse.json
deleted file mode 100644
index c58c3ef32..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/ProjectsListResponse.json
+++ /dev/null
@@ -1,29 +0,0 @@
-{
-    "projects": [
-        {
-            "domain_id": "1789d1",
-            "parent_id": "123c56",
-            "enabled": true,
-            "id": "263fd9",
-            "links": {
-                "self": "https://identity:35357/v3/projects/263fd9"
-            },
-            "name": "Test Group"
-        },
-        {
-            "domain_id": "1789d1",
-            "parent_id": "123c56",
-            "enabled": true,
-            "id": "50ef01",
-            "links": {
-                "self": "https://identity:35357/v3/projects/50ef01"
-            },
-            "name": "Build Group"
-        }
-    ],
-    "links": {
-        "self": "https://identity:35357/v3/users/9fe1d3/projects",
-        "previous": null,
-        "next": null
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RESCredential.json b/api-ref/src/wadls/identity-api/src/v3/samples/RESCredential.json
deleted file mode 100644
index feac978c6..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RESCredential.json
+++ /dev/null
@@ -1,12 +0,0 @@
-{
-    "credential": {
-        "blob": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
-        "id": "80239a",
-        "links": {
-            "self": "http://identity:35357/v3/credentials/80239a"
-        },
-        "project_id": "263fd9",
-        "type": "ec2",
-        "user_id": "0ca8f6"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RESDomain.json b/api-ref/src/wadls/identity-api/src/v3/samples/RESDomain.json
deleted file mode 100644
index f75431396..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RESDomain.json
+++ /dev/null
@@ -1,10 +0,0 @@
-{
-    "domain": {
-        "enabled": true,
-        "id": "1789d1",
-        "links": {
-            "self": "http://identity:35357/v3/domains/1789d1"
-        },
-        "name": "example.com"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RESEndpoint.json b/api-ref/src/wadls/identity-api/src/v3/samples/RESEndpoint.json
deleted file mode 100644
index 727d54d85..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RESEndpoint.json
+++ /dev/null
@@ -1,13 +0,0 @@
-{
-    "endpoint": {
-        "enabled": true,
-        "id": "6fedc0",
-        "interface": "internal",
-        "links": {
-            "self": "http://identity:35357/v3/endpoints/6fedc0"
-        },
-        "region": "north",
-        "service_id": "ee057c",
-        "url": "http://identity:35357/"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RESGroup.json b/api-ref/src/wadls/identity-api/src/v3/samples/RESGroup.json
deleted file mode 100644
index 0bbd019d5..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RESGroup.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-    "group": {
-        "description": "Developers cleared for work on all general projects",
-        "domain_id": "1789d1",
-        "id": "70febc",
-        "links": {
-            "self": "http://identity:35357/v3/groups/70febc"
-        },
-        "name": "Developers"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RESPolicy.json b/api-ref/src/wadls/identity-api/src/v3/samples/RESPolicy.json
deleted file mode 100644
index 7015a1352..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RESPolicy.json
+++ /dev/null
@@ -1,10 +0,0 @@
-{
-    "policy": {
-        "blob": "{\"default\": false}",
-        "id": "c41a4c",
-        "links": {
-            "self": "http://identity:35357/v3/policies/c41a4c"
-        },
-        "type": "application/json"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RESProject.json b/api-ref/src/wadls/identity-api/src/v3/samples/RESProject.json
deleted file mode 100644
index c6fffe831..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RESProject.json
+++ /dev/null
@@ -1,12 +0,0 @@
-{
-    "project": {
-        "domain_id": "1789d1",
-        "parent_id": "123c56",
-        "enabled": true,
-        "id": "263fd9",
-        "name": "project-x",
-        "links": {
-            "self": "http://identity:35357/v3/projects/263fd9"
-        }
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RESRole.json b/api-ref/src/wadls/identity-api/src/v3/samples/RESRole.json
deleted file mode 100644
index 526da44bc..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RESRole.json
+++ /dev/null
@@ -1,9 +0,0 @@
-{
-    "role": {
-        "id": "76e72a",
-        "links": {
-            "self": "http://identity:35357/v3/roles/76e72a"
-        },
-        "name": "admin"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RESService.json b/api-ref/src/wadls/identity-api/src/v3/samples/RESService.json
deleted file mode 100644
index a1c1a8ddb..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RESService.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-    "service": {
-        "enabled": true,
-        "id": "ee057c",
-        "links": {
-            "self": "http://identity:35357/v3/services/ee057c"
-        },
-        "name": "Keystone",
-        "type": "identity"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RESToken.json b/api-ref/src/wadls/identity-api/src/v3/samples/RESToken.json
deleted file mode 100644
index 4a8026044..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RESToken.json
+++ /dev/null
@@ -1,24 +0,0 @@
-{
-    "token": {
-        "expires_at": "2013-02-27T18:30:59.999999Z",
-        "issued_at": "2013-02-27T16:30:59.999999Z",
-        "methods": [
-            "password"
-        ],
-        "user": {
-            "domain": {
-                "id": "1789d1",
-                "links": {
-                    "self": "http://identity:35357/v3/domains/1789d1"
-                },
-                "name": "example.com"
-            },
-            "email": "joe@example.com",
-            "id": "0ca8f6",
-            "links": {
-                "self": "http://identity:35357/v3/users/0ca8f6"
-            },
-            "name": "Joe"
-        }
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RESUser.json b/api-ref/src/wadls/identity-api/src/v3/samples/RESUser.json
deleted file mode 100644
index 9656eafaf..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RESUser.json
+++ /dev/null
@@ -1,13 +0,0 @@
-{
-    "user": {
-        "default_project_id": "263fd9",
-        "domain_id": "1789d1",
-        "email": "joe@example.com",
-        "enabled": true,
-        "id": "0ca8f6",
-        "links": {
-            "self": "http://identity:35357/v3/users/0ca8f6"
-        },
-        "name": "Joe"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RegionCreateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/RegionCreateRequest.json
deleted file mode 100644
index c727283e0..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RegionCreateRequest.json
+++ /dev/null
@@ -1,6 +0,0 @@
-{
-    "region": {
-        "description": "US West Subregion 1",
-        "parent_region_id": "829551"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RegionCreateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/RegionCreateResponse.json
deleted file mode 100644
index 8deed6a24..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RegionCreateResponse.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-    "region": {
-        "description": "US West Subregion 1",
-        "id": "8ebd7f",
-        "links": {
-            "self": "https://identity:35357/v3/regions/8ebd7f",
-            "child_regions": "https://identity:35357/v3/regions?parent_region_id=8ebd7f"
-        },
-        "parent_region_id": "829551"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RegionGetResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/RegionGetResponse.json
deleted file mode 100644
index 722922782..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RegionGetResponse.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-    "region": {
-        "description": "US Southwest Region",
-        "id": "us-southwest",
-        "links": {
-            "self": "https://identity:35357/v3/regions/us-southwest",
-            "child_regions": "http://identity:35357/v3/regions?parent_region_id=us-southwest"
-        },
-        "parent_region_id": "us-west-coast"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RegionUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/RegionUpdateRequest.json
deleted file mode 100644
index 91293ffec..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RegionUpdateRequest.json
+++ /dev/null
@@ -1,6 +0,0 @@
-{
-    "region": {
-        "description": "US Southwest Subregion",
-        "parent_region_id": "us-southwest"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RegionUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/RegionUpdateResponse.json
deleted file mode 100644
index 0e7a4d153..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RegionUpdateResponse.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-    "region": {
-        "description": "US Southwest Subregion",
-        "id": "us-southwest-1",
-        "links": {
-            "self": "https://identity:35357/v3/regions/us-southwest-1",
-            "child_regions": "https://identity:35357/v3/regions?parent_region_id=us-southwest-1"
-        },
-        "parent_region_id": "us-southwest"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RegionsListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/RegionsListResponse.json
deleted file mode 100644
index 33b4721bc..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RegionsListResponse.json
+++ /dev/null
@@ -1,18 +0,0 @@
-{
-    "regions": [
-        {
-            "description": "US East Region",
-            "id": "us-east",
-            "links": {
-                "self": "https://identity:35357/v3/regions/us-east",
-                "child_regions": "https://identity:35357/v3/regions?parent_region_id=us-east"
-            },
-            "parent_region_id": "us-east-coast"
-        }
-    ],
-    "links": {
-        "self": "https://identity:35357/v3/regions",
-        "previous": null,
-        "next": null
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RevokedListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/RevokedListResponse.json
deleted file mode 100644
index 392e76536..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RevokedListResponse.json
+++ /dev/null
@@ -1,3 +0,0 @@
-{
-  "signed": "-----BEGIN CMS-----\nMIICGwYJKoZIhvcNAQcCoIICDDCCAggCAQExDTALBglghkgBZQMEAgEwawYJKoZI\nhvcNAQcBoF4EXHsicmV2b2tlZCI6IFt7ImV4cGlyZXMiOiAiMjAxNC0xMi0wMlQx\nNzowMDowOVoiLCAiaWQiOiAiODhiMjRmOTI5OTk0NGU1ZjhkODE0MDNjYzMyY2M5\nMmUifV19MYIBhTCCAYECAQEwXDBXMQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVW5z\nZXQxDjAMBgNVBAcMBVVuc2V0MQ4wDAYDVQQKDAVVbnNldDEYMBYGA1UEAwwPd3d3\nLmV4YW1wbGUuY29tAgEBMAsGCWCGSAFlAwQCATANBgkqhkiG9w0BAQEFAASCAQA3\nc8EI58ZXtqkyuUWqLPJZdB5v7Ou978w22YkOsgL5ruUpQiWdhdgvL/sxqd7OPqi7\nZZV3N+io+z1m4uAiSbriumv7HOEnIUEAUhK4G0kw5kAAg4j50c0Omdiqdq75k0j/\nJPoRCXa8ieb0X87zhgfIq7ze/HZ7E2LoO20us3AEzmglNv023qgGcsSGPAUIHWN5\nloonPtgztiwVbmS2gs3Z9JB73mxEBviCX4CZEU/sNpchAzI/53tscKlqlzv+GBcm\n1dYP3hEZn3twFRI9zos4hTwFkUivn6D3qgQB684sVrvKlzOCIqOKVGGYVSy/FQLE\nWwQ5u58ZD8ohaJPu2Q6l\n-----END CMS-----\n"
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RoleCreateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/RoleCreateResponse.json
deleted file mode 100644
index 16490c219..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RoleCreateResponse.json
+++ /dev/null
@@ -1,9 +0,0 @@
-{
-    "role": {
-        "id": "123456",
-        "links": {
-            "self": "http://identity:35357/v3/roles/123456"
-        },
-        "name": "developer"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RoleGetResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/RoleGetResponse.json
deleted file mode 100644
index c42a733c0..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RoleGetResponse.json
+++ /dev/null
@@ -1,7 +0,0 @@
-{
-    "id": "123456",
-    "links": {
-        "self": "http://identity:35357/v3/roles/131415"
-    },
-    "name": "developer"
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RoleUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/RoleUpdateRequest.json
deleted file mode 100644
index abbb0502f..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RoleUpdateRequest.json
+++ /dev/null
@@ -1,5 +0,0 @@
-{
-    "role": {
-        "name": "a new role name"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RoleUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/RoleUpdateResponse.json
deleted file mode 100644
index c42a733c0..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RoleUpdateResponse.json
+++ /dev/null
@@ -1,7 +0,0 @@
-{
-    "id": "123456",
-    "links": {
-        "self": "http://identity:35357/v3/roles/131415"
-    },
-    "name": "developer"
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RolesListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/RolesListResponse.json
deleted file mode 100644
index 780299913..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/RolesListResponse.json
+++ /dev/null
@@ -1,23 +0,0 @@
-{
-    "roles": [
-        {
-            "id": "123456",
-            "links": {
-                "self": "http://identity:35357/v3/roles/123456"
-            },
-            "name": "admin"
-        },
-        {
-            "id": "123457",
-            "links": {
-                "self": "http://identity:35357/v3/roles/123457"
-            },
-            "name": "manager"
-        }
-    ],
-    "links": {
-        "self": "http://identity:35357/v3/roles",
-        "previous": null,
-        "next": null
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/ServiceCreateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/ServiceCreateRequest.json
deleted file mode 100644
index 2399f9568..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/ServiceCreateRequest.json
+++ /dev/null
@@ -1,5 +0,0 @@
-{
-    "service": {
-        "type": "volume"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/ServiceCreateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/ServiceCreateResponse.json
deleted file mode 100644
index bcc40a64c..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/ServiceCreateResponse.json
+++ /dev/null
@@ -1,10 +0,0 @@
-{
-    "service": {
-        "enabled": true,
-        "id": "686766",
-        "links": {
-            "self": "http://identity:5000/v3/services/686766"
-        },
-        "type": "volume"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/ServiceUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/ServiceUpdateRequest.json
deleted file mode 100644
index fddae4091..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/ServiceUpdateRequest.json
+++ /dev/null
@@ -1,3 +0,0 @@
-{
-    "type": "volume"
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/ServiceUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/ServiceUpdateResponse.json
deleted file mode 100644
index 29cd53fe9..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/ServiceUpdateResponse.json
+++ /dev/null
@@ -1,6 +0,0 @@
-{
-    "service": {
-        "id": "686766",
-        "type": "volume"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/ServicesListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/ServicesListResponse.json
deleted file mode 100644
index b626d84e5..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/ServicesListResponse.json
+++ /dev/null
@@ -1,27 +0,0 @@
-{
-    "links": {
-        "next": null,
-        "previous": null,
-        "self": "http://identity:5000/v3/services"
-    },
-    "services": [
-        {
-            "description": "Keystone Identity Service",
-            "enabled": true,
-            "id": "686766",
-            "links": {
-                "self": "http://identity:5000/v3/services/686766"
-            },
-            "name": "keystone",
-            "type": "identity"
-        },
-        {
-            "enabled": true,
-            "id": "936521",
-            "links": {
-                "self": "http://identity:5000/v3/services/936521"
-            },
-            "type": "volume"
-        }
-    ]
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthFail401aResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthFail401aResponse.json
deleted file mode 100644
index 6662c8131..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthFail401aResponse.json
+++ /dev/null
@@ -1,7 +0,0 @@
-{
-    "error": {
-        "code": 401,
-        "message": "The request you have made requires authentication",
-        "title": "Not Authorized"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthFail401bResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthFail401bResponse.json
deleted file mode 100644
index e19fc996d..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthFail401bResponse.json
+++ /dev/null
@@ -1,14 +0,0 @@
-{
-    "error": {
-        "code": 401,
-        "identity": {
-            "methods": [
-                "password",
-                "token",
-                "challenge-response"
-            ]
-        },
-        "message": "Need to authenticate with one or more supported methods",
-        "title": "Not Authorized"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthFail401cResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthFail401cResponse.json
deleted file mode 100644
index e0f8e7d6d..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthFail401cResponse.json
+++ /dev/null
@@ -1,16 +0,0 @@
-{
-    "error": {
-        "code": 401,
-        "identity": {
-            "challenge-response": {
-                "challenge": "What was the zip code of your birthplace?",
-                "session_id": "123456"
-            },
-            "methods": [
-                "challenge-response"
-            ]
-        },
-        "message": "Additional authentications steps required.",
-        "title": "Not Authorized"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthNoScopeResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthNoScopeResponse.json
deleted file mode 100644
index ea79fd02b..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthNoScopeResponse.json
+++ /dev/null
@@ -1,66 +0,0 @@
-{
-    "token": {
-        "methods": [
-            "password"
-        ],
-        "roles": [
-            {
-                "id": "9fe2ff9ee4384b1894a90878d3e92bab",
-                "name": "_member_"
-            },
-            {
-                "id": "c703057be878458588961ce9a0ce686b",
-                "name": "admin"
-            }
-        ],
-        "expires_at": "2014-06-10T2:55:16.806001Z",
-        "project": {
-            "domain": {
-                "id": "default",
-                "name": "Default"
-            },
-            "id": "8538a3f13f9541b28c2620eb19065e45",
-            "name": "admin"
-        },
-        "catalog": [
-            {
-                "endpoints": [
-                    {
-                        "url": "http://localhost:3537/v2.0",
-                        "region": "RegionOne",
-                        "interface": "admin",
-                        "id": "29beb2f1567642eb810b042b6719ea88"
-                    },
-                    {
-                        "url": "http://localhost:5000/v2.0",
-                        "region": "RegionOne",
-                        "interface": "internal",
-                        "id": "8707e3735d4415c97ae231b4841eb1c"
-                    },
-                    {
-                        "url": "http://localhost:5000/v2.0",
-                        "region": "RegionOne",
-                        "interface": "public",
-                        "id": "ef303187fc8d41668f25199c298396a5"
-                    }
-                ],
-                "type": "identity",
-                "id": "bd73972c0e14fb69bae8ff76e112a90",
-                "name": "keystone"
-            }
-        ],
-        "extras": {},
-        "user": {
-            "domain": {
-                "id": "default",
-                "name": "Default"
-            },
-            "id": "3ec3164f750146be97f21559ee4d9c51",
-            "name": "admin"
-        },
-        "audit_ids": [
-            "yRt0UrxJSs6-WYJgwEMMmg"
-        ],
-        "issued_at": "201406-10T20:55:16.806027Z"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordDomainRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordDomainRequest.json
deleted file mode 100644
index fe7db90b5..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordDomainRequest.json
+++ /dev/null
@@ -1,18 +0,0 @@
-{
-    "auth": {
-        "identity": {
-            "methods": [
-                "password"
-            ],
-            "password": {
-                "user": {
-                    "domain": {
-                        "name": "example.com"
-                    },
-                    "name": "Joe",
-                    "password": "secretsecret"
-                }
-            }
-        }
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordIDScopeProjDomainNameRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordIDScopeProjDomainNameRequest.json
deleted file mode 100644
index cd14e4945..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordIDScopeProjDomainNameRequest.json
+++ /dev/null
@@ -1,23 +0,0 @@
-{
-    "auth": {
-        "identity": {
-            "methods": [
-                "password"
-            ],
-            "password": {
-                "user": {
-                    "id": "0ca8f6",
-                    "password": "secretsecret"
-                }
-            }
-        },
-        "scope": {
-            "project": {
-                "domain": {
-                    "name": "example.com"
-                },
-                "name": "project-x"
-            }
-        }
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordIDScopeProjNameRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordIDScopeProjNameRequest.json
deleted file mode 100644
index 28332bf9e..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordIDScopeProjNameRequest.json
+++ /dev/null
@@ -1,23 +0,0 @@
-{
-    "auth": {
-        "identity": {
-            "methods": [
-                "password"
-            ],
-            "password": {
-                "user": {
-                    "id": "0ca8f6",
-                    "password": "secretsecret"
-                }
-            }
-        },
-        "scope": {
-            "project": {
-                "domain": {
-                    "id": "1789d1"
-                },
-                "name": "project-x"
-            }
-        }
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthScopeDomainResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthScopeDomainResponse.json
deleted file mode 100644
index aaec18b7b..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthScopeDomainResponse.json
+++ /dev/null
@@ -1,58 +0,0 @@
-{
-    "token": {
-        "domain": {
-            "id": "default",
-            "name": "Default"
-        },
-        "methods": [
-            "password"
-        ],
-        "roles": [
-            {
-                "id": "c703057be878458588961ce9a0ce686b",
-                "name": "admin"
-            }
-        ],
-        "expires_at": "2014-06-10T21:52:58.852167Z",
-        "catalog": [
-            {
-                "endpoints": [
-                    {
-                        "url": "http://localhost:35357/v2.0",
-                        "region": "RegionOne",
-                        "interface": "admin",
-                        "id": "29beb2f1567642eb810b042b6719ea88"
-                    },
-                    {
-                        "url": "http://localhost:5000/v2.0",
-                        "region": "RegionOne",
-                        "interface": "internal",
-                        "id": "87057e3735d4415c97ae231b4841eb1c"
-                    },
-                    {
-                        "url": "http://localhost:5000/v2.0",
-                        "region": "RegionOne",
-                        "interface": "public",
-                        "id": "ef303187fc8d41668f25199c298396a5"
-                    }
-                ],
-                "type": "identity",
-                "id": "bd7397d2c0e14fb69bae8ff76e112a90",
-                "name": "keystone"
-            }
-        ],
-        "extras": {},
-        "user": {
-            "domain": {
-                "id": "default",
-                "name": "Default"
-            },
-            "id": "3ec3164f750146be97f21559ee4d9c51",
-            "name": "admin"
-        },
-        "audit_ids": [
-            "Xpa6Uyn-T9S6mTREudUH3w"
-        ],
-        "issued_at": "2014-06-10T20:52:58.852194Z"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthScopeProjectResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthScopeProjectResponse.json
deleted file mode 100644
index 2d644d20c..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthScopeProjectResponse.json
+++ /dev/null
@@ -1,62 +0,0 @@
-{
-    "token": {
-        "audit_ids": [
-            "ECwrVNWbSCqmEgPnu0YCRw"
-        ],
-        "methods": [
-            "password"
-        ],
-        "roles": [
-            {
-                "id": "c703057be878458588961ce9a0ce686b",
-                "name": "admin"
-            }
-        ],
-        "expires_at": "2014-06-10T21:40:14.360795Z",
-        "project": {
-            "domain": {
-                "id": "default",
-                "name": "Default"
-            },
-            "id": "3d4c2c82bd5948f0bcab0cf3a7c9b48c",
-            "name": "demo"
-        },
-        "catalog": [
-            {
-                "endpoints": [
-                    {
-                        "url": "http://localhost:35357/v2.0",
-                        "region": "RegionOne",
-                        "interface": "admin",
-                        "id": "29beb2f1567642eb810b042b6719ea88"
-                    },
-                    {
-                        "url": "http://localhost:5000/v2.0",
-                        "region": "RegionOne",
-                        "interface": "internal",
-                        "id": "87057e3735d4415c97ae231b4841eb1c"
-                    },
-                    {
-                        "url": "http://localhost:5000/v2.0",
-                        "region": "RegionOne",
-                        "interface": "public",
-                        "id": "ef303187fc8d41668f25199c298396a5"
-                    }
-                ],
-                "type": "identity",
-                "id": "bd7397d2c0e14fb69bae8ff76e112a90",
-                "name": "keystone"
-            }
-        ],
-        "extras": {},
-        "user": {
-            "domain": {
-                "id": "default",
-                "name": "Default"
-            },
-            "id": "3ec3164f750146be97f21559ee4d9c51",
-            "name": "admin"
-        },
-        "issued_at": "2014-06-10T20:40:14.360822Z"
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/UsersListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/UsersListResponse.json
deleted file mode 100644
index 5bd39ffe1..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/UsersListResponse.json
+++ /dev/null
@@ -1,33 +0,0 @@
-{
-    "users": [
-        {
-            "default_project_id": "263fd9",
-            "description": "Admin user",
-            "domain_id": "1789d1",
-            "email": "admin@example.com",
-            "enabled": true,
-            "id": "0ca8f6",
-            "links": {
-                "self": "https://identity:35357/v3/users/0ca8f6"
-            },
-            "name": "admin"
-        },
-        {
-            "default_project_id": "263fd9",
-            "description": "John Smith's user",
-            "domain_id": "1789d1",
-            "email": "jsmith@example.com",
-            "enabled": true,
-            "id": "9fe1d3",
-            "links": {
-                "self": "https://identity:35357/v3/users/9fe1d3"
-            },
-            "name": "jsmith"
-        }
-    ],
-    "links": {
-        "self": "http://identity:35357/v3/users",
-        "previous": null,
-        "next": null
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordIDScopeDomainIDRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-Explicit-UnscopedRequest.json
similarity index 53%
rename from api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordIDScopeDomainIDRequest.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-Explicit-UnscopedRequest.json
index ddb98cda2..17c778a24 100644
--- a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordIDScopeDomainIDRequest.json
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-Explicit-UnscopedRequest.json
@@ -6,15 +6,11 @@
             ],
             "password": {
                 "user": {
-                    "id": "0ca8f6",
-                    "password": "secretsecret"
+                    "id": "ee4dfb6e5540447cb3741905149d9b6e",
+                    "password": "devstacker"
                 }
             }
         },
-        "scope": {
-            "domain": {
-                "id": "263fd9"
-            }
-        }
+        "scope": "unscoped"
     }
 }
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-Explicit-UnscopedResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-Explicit-UnscopedResponse.json
new file mode 100644
index 000000000..b50d0f4af
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-Explicit-UnscopedResponse.json
@@ -0,0 +1,21 @@
+{
+    "token": {
+        "methods": [
+            "password"
+        ],
+        "expires_at": "2015-11-09T01:42:57.527363Z",
+        "extras": {},
+        "user": {
+            "domain": {
+                "id": "default",
+                "name": "Default"
+            },
+            "id": "ee4dfb6e5540447cb3741905149d9b6e",
+            "name": "admin"
+        },
+        "audit_ids": [
+            "lC2Wj1jbQe-dLjLyOx4qPQ"
+        ],
+        "issued_at": "2015-11-09T00:42:57.527404Z"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordIDScopeProjIDRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-Project-ScopedRequest.json
similarity index 62%
rename from api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordIDScopeProjIDRequest.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-Project-ScopedRequest.json
index 15cf3090d..3e75c9790 100644
--- a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordIDScopeProjIDRequest.json
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-Project-ScopedRequest.json
@@ -6,14 +6,14 @@
             ],
             "password": {
                 "user": {
-                    "id": "0ca8f6",
-                    "password": "secretsecret"
+                    "id": "ee4dfb6e5540447cb3741905149d9b6e",
+                    "password": "devstacker"
                 }
             }
         },
         "scope": {
             "project": {
-                "id": "263fd9"
+                "id": "a6944d763bf64ee6a275f1263fae0352"
             }
         }
     }
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-Project-ScopedResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-Project-ScopedResponse.json
new file mode 100644
index 000000000..a83d4166e
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-Project-ScopedResponse.json
@@ -0,0 +1,401 @@
+{
+    "token": {
+        "methods": [
+            "password"
+        ],
+        "roles": [
+            {
+                "id": "51cc68287d524c759f47c811e6463340",
+                "name": "admin"
+            }
+        ],
+        "expires_at": "2015-11-07T02:58:43.578887Z",
+        "project": {
+            "domain": {
+                "id": "default",
+                "name": "Default"
+            },
+            "id": "a6944d763bf64ee6a275f1263fae0352",
+            "name": "admin"
+        },
+        "catalog": [
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:5000/v2.0",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "068d1b359ee84b438266cb736d81de97"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:35357/v2.0",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "8bfc846841ab441ca38471be6d164ced"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:5000/v2.0",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "beb6d358c3654b4bada04d4663b640b9"
+                    }
+                ],
+                "type": "identity",
+                "id": "050726f278654128aba89757ae25950c",
+                "name": "keystone"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8774/v2/a6944d763bf64ee6a275f1263fae0352",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "ae36c0dbb0634e1dbf711f9fc2359975"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8774/v2/a6944d763bf64ee6a275f1263fae0352",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "d286b51530144d90a4de52d214d3ad1e"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8774/v2/a6944d763bf64ee6a275f1263fae0352",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "d6e681dd4aab4ae5a0937ed60bb4ae33"
+                    }
+                ],
+                "type": "compute_legacy",
+                "id": "1c4bfbabe3b346b1bbe27a4b3258964f",
+                "name": "nova_legacy"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8776/v2/a6944d763bf64ee6a275f1263fae0352",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "2dce7429526e44808235fe918063a914"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8776/v2/a6944d763bf64ee6a275f1263fae0352",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "a9a9929e6dc645c882ac1abd8bf73d38"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8776/v2/a6944d763bf64ee6a275f1263fae0352",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "c7d5f958df7f4c8da84db91094bdc198"
+                    }
+                ],
+                "type": "volumev2",
+                "id": "202382a1b8a94210bb3120af958092c4",
+                "name": "cinderv2"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8080",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "29b58f1406804c8180ccc01793ff8038"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8080/v1/AUTH_a6944d763bf64ee6a275f1263fae0352",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "4c2c2968008c4e77973a5922e192d982"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8080/v1/AUTH_a6944d763bf64ee6a275f1263fae0352",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "f6e7b28008bf41eaa114176a15ac1410"
+                    }
+                ],
+                "type": "object-store",
+                "id": "52fecdef9ad543779c1312392cc2b115",
+                "name": "swift"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:9696/",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "6a2840dc63bf433592cd8bca2183eb3c"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:9696/",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "7967cf45f8ab439a80cf24420e5ffd0e"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:9696/",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "84943ce595264303bd44e5d6d79bea7b"
+                    }
+                ],
+                "type": "network",
+                "id": "67b993549db94296a853d635b48db3c9",
+                "name": "neutron"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8888",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "2896609ef89741148bbd8c93babf5a12"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8888",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "30de385478fe4325849f98d1e45bc5e6"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8888",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "41256dc4b3c942daa383f940a9a56536"
+                    }
+                ],
+                "type": "messaging",
+                "id": "6fc9cc3e6b3843b899478554f9e297d3",
+                "name": "zaqar"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:9000",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "07ea5fe3ae784001a73f131fb1764bf4"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:9000",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "31e709ecb15d4881806dbced4eb3e60e"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:9000",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "a0c2a150a6ae4bbc85f1d428b9d78a1b"
+                    }
+                ],
+                "type": "messaging-websocket",
+                "id": "816031f798cc4ac7879eda0cf9cf033a",
+                "name": "zaqar-websocket"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8773/",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "24df0277c2b6499ea6051bea8c59ff74"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8773/",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "438f4b3f3c314bbf988f1442cc3ddfa5"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8773/",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "90a1c9fab54c452fa02a59ff87165029"
+                    }
+                ],
+                "type": "ec2",
+                "id": "915e2a8b1f314d55bba28432c9d5c1de",
+                "name": "ec2"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8774/v2.1/a6944d763bf64ee6a275f1263fae0352",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "2511589f262a407bb0071a814a480af4"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8774/v2.1/a6944d763bf64ee6a275f1263fae0352",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "9cf9209ae4fc4673a7295611001cf0ae"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8774/v2.1/a6944d763bf64ee6a275f1263fae0352",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "d200b2509e1343e3887dcc465b4fa534"
+                    }
+                ],
+                "type": "compute",
+                "id": "a226b3eeb5594f50bf8b6df94636ed28",
+                "name": "nova"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8004/v1/a6944d763bf64ee6a275f1263fae0352",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "bf2fe80c2a614e438d3e55b00e85b9ff"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8004/v1/a6944d763bf64ee6a275f1263fae0352",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "bfc9615fc24e4045aaf719f060984bf1"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8004/v1/a6944d763bf64ee6a275f1263fae0352",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "c76cf9930b0f4ccea6b1157f80119cfc"
+                    }
+                ],
+                "type": "orchestration",
+                "id": "a5f7070bda40443fa3819fbdf1689af1",
+                "name": "heat"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8776/v1/a6944d763bf64ee6a275f1263fae0352",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "3e321c2c6fa04152b3e86c18b91b93ae"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8776/v1/a6944d763bf64ee6a275f1263fae0352",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "55aef0f2557449d4946dc9461b73a63b"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8776/v1/a6944d763bf64ee6a275f1263fae0352",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "7c91a66a200e458ca6e4e00fddf4d98b"
+                    }
+                ],
+                "type": "volume",
+                "id": "b6b5edc3fc384b6787149e91b3b31988",
+                "name": "cinder"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:9292",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "512c10d230874ad295662157eeab0135"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:9292",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "614b1ab241da47a8b3a4e8f67b771446"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:9292",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "9cef78a4286c42f3b977fbe4d5f927a6"
+                    }
+                ],
+                "type": "image",
+                "id": "d512f8860c0f45cf99b1c3cef86cfd97",
+                "name": "glance"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8000/v1",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "7f776d5a83d346b48e519555362b1da6"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8000/v1",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "8303a7225a2d439fa39905c6a20202c3"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8000/v1",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "942fa998d1c644e0b0c085d5a0995a13"
+                    }
+                ],
+                "type": "cloudformation",
+                "id": "ed0805af6ee54a19ad7e5add8465ac41",
+                "name": "heat-cfn"
+            }
+        ],
+        "extras": {},
+        "user": {
+            "domain": {
+                "id": "default",
+                "name": "Default"
+            },
+            "id": "ee4dfb6e5540447cb3741905149d9b6e",
+            "name": "admin"
+        },
+        "audit_ids": [
+            "3T2dc1CGQxyJsHdDu1xkcw"
+        ],
+        "issued_at": "2015-11-07T01:58:43.578929Z"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordIDRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-UnscopedRequest.json
similarity index 65%
rename from api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordIDRequest.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-UnscopedRequest.json
index ffa4f0621..e64944f4b 100644
--- a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordIDRequest.json
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-UnscopedRequest.json
@@ -6,8 +6,8 @@
             ],
             "password": {
                 "user": {
-                    "id": "0ca8f6",
-                    "password": "secretsecret"
+                    "id": "423f19a4ac1e4f48bbb4180756e6eb6c",
+                    "password": "devstacker"
                 }
             }
         }
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-UnscopedResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-UnscopedResponse.json
new file mode 100644
index 000000000..c012a3ee9
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-UnscopedResponse.json
@@ -0,0 +1,21 @@
+{
+    "token": {
+        "methods": [
+            "password"
+        ],
+        "expires_at": "2015-11-06T15:32:17.893769Z",
+        "extras": {},
+        "user": {
+            "domain": {
+                "id": "default",
+                "name": "Default"
+            },
+            "id": "423f19a4ac1e4f48bbb4180756e6eb6c",
+            "name": "admin"
+        },
+        "audit_ids": [
+            "ZzZwkUflQfygX7pdYDBCQQ"
+        ],
+        "issued_at": "2015-11-06T14:32:17.893797Z"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordNameRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-UserName-UnscopedRequest.json
similarity index 68%
rename from api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordNameRequest.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-UserName-UnscopedRequest.json
index 431ec6ed5..47044d4f3 100644
--- a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthPasswordNameRequest.json
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-UserName-UnscopedRequest.json
@@ -6,11 +6,11 @@
             ],
             "password": {
                 "user": {
+                    "name": "admin",
                     "domain": {
-                        "id": "1789d1"
+                        "id": "default"
                     },
-                    "name": "Joe",
-                    "password": "secretsecret"
+                    "password": "devstacker"
                 }
             }
         }
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-UserName-UnscopedResponse-HTTP.txt b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-UserName-UnscopedResponse-HTTP.txt
new file mode 100644
index 000000000..b6031e303
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Password-UserName-UnscopedResponse-HTTP.txt
@@ -0,0 +1,8 @@
+HTTP/1.1 201 Created
+Date: Fri, 06 Nov 2015 14:29:56 GMT
+Server: Apache/2.4.7 (Ubuntu)
+X-Subject-Token: ffe47524401e4d61adc7310f7e5b6191
+Vary: X-Auth-Token
+x-openstack-request-id: req-f2f3f6ca-e342-4cd8-bc12-71a5436ef5fc
+Content-Length: 297
+Content-Type: application/json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Token-ScopedRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Token-ScopedRequest.json
new file mode 100644
index 000000000..045b9489e
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Token-ScopedRequest.json
@@ -0,0 +1,17 @@
+{
+    "auth": {
+        "identity": {
+            "methods": [
+                "token"
+            ],
+            "token": {
+                "id": "'$OS_TOKEN'"
+            }
+        },
+        "scope": {
+            "project": {
+                "id": "5b50efd009b540559104ee3c03bbb2b7"
+            }
+        }
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Token-ScopedResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Token-ScopedResponse.json
new file mode 100644
index 000000000..2692684a8
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Token-ScopedResponse.json
@@ -0,0 +1,401 @@
+{
+    "token": {
+        "methods": [
+            "token"
+        ],
+        "roles": [
+            {
+                "id": "5090055d6bd547dc83e0e8f070803708",
+                "name": "admin"
+            }
+        ],
+        "expires_at": "2015-11-05T22:00:11.000000Z",
+        "project": {
+            "domain": {
+                "id": "default",
+                "name": "Default"
+            },
+            "id": "5b50efd009b540559104ee3c03bbb2b7",
+            "name": "admin"
+        },
+        "catalog": [
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:9292",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "b2605da9b25943beb49b2bd86aca2202"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:9292",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "c4d1184caf8c4351bff4bf502a09684e"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:9292",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "cd73bda89e3948738c2721a8c3acac54"
+                    }
+                ],
+                "type": "image",
+                "id": "495df2483dc145dbb6b34bfbdd787aae",
+                "name": "glance"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8773/",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "7d03218a7f4246e8b9e3992318bf5397"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8773/",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "9ad7f8ce438c4212b8aac930bca04c86"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8773/",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "d84aad1a45c44e4da09b719167383049"
+                    }
+                ],
+                "type": "ec2",
+                "id": "54204024bb7d4665a8efc34fc758f1f7",
+                "name": "ec2"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:9000",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "1077687c18514490a3ec980eadd1bd13"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:9000",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "1e86d8bef1514c3fba8d157a22ccce88"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:9000",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "f6a6b7bbba66443ead3a0e31a008c271"
+                    }
+                ],
+                "type": "messaging-websocket",
+                "id": "6b8655af7d044a15bec3cdca4f2919f8",
+                "name": "zaqar-websocket"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8004/v1/5b50efd009b540559104ee3c03bbb2b7",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "083663fd231e40ad97384ad3efb9f1b7"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8004/v1/5b50efd009b540559104ee3c03bbb2b7",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "0f4b7054ea27450eac43f685a4fc1d2c"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8004/v1/5b50efd009b540559104ee3c03bbb2b7",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "5f3ea39df2e44378b1802a1a87ef9ac4"
+                    }
+                ],
+                "type": "orchestration",
+                "id": "6d6346ff2ca842e5968373fbb93e231f",
+                "name": "heat"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8774/v2.1/5b50efd009b540559104ee3c03bbb2b7",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "bc2230a70d6a444e9fba75b85fbda41b"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8774/v2.1/5b50efd009b540559104ee3c03bbb2b7",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "d8102dc2b9984d04b30b91b0a6037470"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8774/v2.1/5b50efd009b540559104ee3c03bbb2b7",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "f8253a53edd749bf8b107a53a5d47a82"
+                    }
+                ],
+                "type": "compute",
+                "id": "75df965385cc4120a17110c1fde00182",
+                "name": "nova"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:35357/v2.0",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "0ceeb58592274caea5bc942a07d5473f"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:5000/v2.0",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "8126f2c7021d413e9c98ec3a0ba0fd58"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:5000/v2.0",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "c693879254544e3fb502e795a3f6acc8"
+                    }
+                ],
+                "type": "identity",
+                "id": "78aad571d38049e69c866c2abac76af6",
+                "name": "keystone"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8776/v1/5b50efd009b540559104ee3c03bbb2b7",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "3654138dc64a45aeb5a8153f2a089c74"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8776/v1/5b50efd009b540559104ee3c03bbb2b7",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "7a0d12d0b7314afd9b53d1618ab546ea"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8776/v1/5b50efd009b540559104ee3c03bbb2b7",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "82b68ff3aedb43e2acc8307234d3fd0b"
+                    }
+                ],
+                "type": "volume",
+                "id": "80491007c0ab462daaa9087250325f59",
+                "name": "cinder"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8000/v1",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "24dfa252fba64469b8b1a832f04bded9"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8000/v1",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "e0a01d6cd3be4f6abcc72367b2d87993"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8000/v1",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "f33f79d42df247e1bf6daf43a548b014"
+                    }
+                ],
+                "type": "cloudformation",
+                "id": "ac5cc6e3c62840818ab338c981d5603f",
+                "name": "heat-cfn"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:9696/",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "3e78c357b3c8469fbea12eb681f88a0c"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:9696/",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "89d2aad3dc8e478fbabb21dd7db0962a"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:9696/",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "b6d4a8cf5e4042848a749a3116497e55"
+                    }
+                ],
+                "type": "network",
+                "id": "b33660edd1eb45e485f7e5f14401a739",
+                "name": "neutron"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8888",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "1f8287cf963948778ab0eb109d9f857d"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8888",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "3adf5f9cc5184d92af5ff0fdef043e4a"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8888",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "f747223060b3414f947fdcdca2ce8714"
+                    }
+                ],
+                "type": "messaging",
+                "id": "cf3e38e9aed54e2d84ea64485317d7a0",
+                "name": "zaqar"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8774/v2/5b50efd009b540559104ee3c03bbb2b7",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "08f507ccb552476b98f3af7718f25557"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8774/v2/5b50efd009b540559104ee3c03bbb2b7",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "d20091ba591347b2b419e5fbde9b7976"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8774/v2/5b50efd009b540559104ee3c03bbb2b7",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "e6b667776e7245dea6e39f2820e080b0"
+                    }
+                ],
+                "type": "compute_legacy",
+                "id": "d442e96b273a48018567aeec5800c3e0",
+                "name": "nova_legacy"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8776/v2/5b50efd009b540559104ee3c03bbb2b7",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "012c78a6694a494995c58d5955fb7822"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8776/v2/5b50efd009b540559104ee3c03bbb2b7",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "802d5de210874f068ba31c7e27c29d70"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8776/v2/5b50efd009b540559104ee3c03bbb2b7",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "b37ada66e02e44c9a9a7976d77365503"
+                    }
+                ],
+                "type": "volumev2",
+                "id": "d93e78c7967f49acbdd732b9dd97e0d0",
+                "name": "cinderv2"
+            },
+            {
+                "endpoints": [
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8080/v1/AUTH_5b50efd009b540559104ee3c03bbb2b7",
+                        "region": "RegionOne",
+                        "interface": "public",
+                        "id": "265ce88a0e1642fc90b2ec20ccb279ff"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8080",
+                        "region": "RegionOne",
+                        "interface": "admin",
+                        "id": "500b7f066d39492faff8a3f710fb5a2f"
+                    },
+                    {
+                        "region_id": "RegionOne",
+                        "url": "http://23.253.248.171:8080/v1/AUTH_5b50efd009b540559104ee3c03bbb2b7",
+                        "region": "RegionOne",
+                        "interface": "internal",
+                        "id": "a33b0684f817405280df1f5600777a75"
+                    }
+                ],
+                "type": "object-store",
+                "id": "da1b1b5c529946fcb3ee3abdcf376fcb",
+                "name": "swift"
+            }
+        ],
+        "extras": {},
+        "user": {
+            "domain": {
+                "id": "default",
+                "name": "Default"
+            },
+            "id": "10a2e6e717a245d9acad3e5f97aeca3d",
+            "name": "admin"
+        },
+        "audit_ids": [
+            "wLc7nDMsQiKqf8VFU4ySpg"
+        ],
+        "issued_at": "2015-11-05T21:32:30.505384Z"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthTokenRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Token-UnscopedRequest.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/TokenAuthTokenRequest.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Token-UnscopedRequest.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Token-UnscopedResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Token-UnscopedResponse.json
new file mode 100644
index 000000000..3224a0e53
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/Auth-Token-UnscopedResponse.json
@@ -0,0 +1,21 @@
+{
+    "token": {
+        "methods": [
+            "token"
+        ],
+        "expires_at": "2015-11-05T22:00:11.000000Z",
+        "extras": {},
+        "user": {
+            "domain": {
+                "id": "default",
+                "name": "Default"
+            },
+            "id": "10a2e6e717a245d9acad3e5f97aeca3d",
+            "name": "admin"
+        },
+        "audit_ids": [
+            "mAjXQhiYRyKwkB4qygdLVg"
+        ],
+        "issued_at": "2015-11-05T21:00:33.819948Z"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialCreateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialCreateRequest.json
new file mode 100644
index 000000000..50c9e77f2
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialCreateRequest.json
@@ -0,0 +1,8 @@
+{
+    "credential": {
+        "blob": "{\"access\":\"181920\",\"secret\":\"secretKey\"}",
+        "project_id": "731fc6f265cd486d900f16e84c5cb594",
+        "type": "ec2",
+        "user_id": "bb5476fd12884539b41d5a88f838d773"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialCreateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialCreateResponse.json
new file mode 100644
index 000000000..c46c2f994
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialCreateResponse.json
@@ -0,0 +1,12 @@
+{
+    "credential": {
+        "user_id": "bb5476fd12884539b41d5a88f838d773",
+        "links": {
+            "self": "http://localhost:5000/v3/credentials/3d3367228f9c7665266604462ec60029bcd83ad89614021a80b2eb879c572510"
+        },
+        "blob": "{\"access\":\"181920\",\"secret\":\"secretKey\"}",
+        "project_id": "731fc6f265cd486d900f16e84c5cb594",
+        "type": "ec2",
+        "id": "3d3367228f9c7665266604462ec60029bcd83ad89614021a80b2eb879c572510"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialGetResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialGetResponse.json
new file mode 100644
index 000000000..4d5385ac5
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialGetResponse.json
@@ -0,0 +1,12 @@
+{
+    "credential": {
+        "user_id": "bb5476fd12884539b41d5a88f838d773",
+        "links": {
+            "self": "http://localhost:5000/v3/credentials/207e9b76935efc03804d3dd6ab52d22e9b22a0711e4ada4ff8b76165a07311d7"
+        },
+        "blob": "{\"access\": \"a42a27755ce6442596b049bd7dd8a563\", \"secret\": \"71faf1d40bb24c82b479b1c6fbbd9f0c\", \"trust_id\": null}",
+        "project_id": "6e01855f345f4c59812999b5e459137d",
+        "type": "ec2",
+        "id": "207e9b76935efc03804d3dd6ab52d22e9b22a0711e4ada4ff8b76165a07311d7"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialUpdateRequest.json
new file mode 100644
index 000000000..2da3a1c3d
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialUpdateRequest.json
@@ -0,0 +1,8 @@
+{
+    "credential": {
+        "blob": "{\"access\":\"181920\",\"secrete\":\"secretKey\"}",
+        "project_id": "731fc6f265cd486d900f16e84c5cb594",
+        "type": "ec2",
+        "user_id": "bb5476fd12884539b41d5a88f838d773"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialUpdateResponse.json
new file mode 100644
index 000000000..5a65b5b19
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialUpdateResponse.json
@@ -0,0 +1,12 @@
+{
+    "credential": {
+        "user_id": "bb5476fd12884539b41d5a88f838d773",
+        "links": {
+            "self": "http://localhost:5000/v3/credentials/207e9b76935efc03804d3dd6ab52d22e9b22a0711e4ada4ff8b76165a07311d7"
+        },
+        "blob": "{\"access\":\"181920\",\"secrete\":\"secretKey\"}",
+        "project_id": "731fc6f265cd486d900f16e84c5cb594",
+        "type": "ec2",
+        "id": "207e9b76935efc03804d3dd6ab52d22e9b22a0711e4ada4ff8b76165a07311d7"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialsListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialsListResponse.json
new file mode 100644
index 000000000..c6b8a1901
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/CredentialsListResponse.json
@@ -0,0 +1,109 @@
+{
+    "credentials": [
+        {
+            "user_id": "bb5476fd12884539b41d5a88f838d773",
+            "links": {
+                "self": "http://localhost:5000/v3/credentials/207e9b76935efc03804d3dd6ab52d22e9b22a0711e4ada4ff8b76165a07311d7"
+            },
+            "blob": "{\"access\": \"a42a27755ce6442596b049bd7dd8a563\", \"secret\": \"71faf1d40bb24c82b479b1c6fbbd9f0c\", \"trust_id\": null}",
+            "project_id": "6e01855f345f4c59812999b5e459137d",
+            "type": "ec2",
+            "id": "207e9b76935efc03804d3dd6ab52d22e9b22a0711e4ada4ff8b76165a07311d7"
+        },
+        {
+            "user_id": "6f556708d04b4ea6bc72d7df2296b71a",
+            "links": {
+                "self": "http://localhost:5000/v3/credentials/2441494e52ab6d594a34d74586075cb299489bdd1e9389e3ab06467a4f460609"
+            },
+            "blob": "{\"access\": \"7da79ff0aa364e1396f067e352b9b79a\", \"secret\": \"7a18d68ba8834b799d396f3ff6f1e98c\", \"trust_id\": null}",
+            "project_id": "1a1d14690f3c4ec5bf5f321c5fde3c16",
+            "type": "ec2",
+            "id": "2441494e52ab6d594a34d74586075cb299489bdd1e9389e3ab06467a4f460609"
+        },
+        {
+            "user_id": "c14107e65d5c4a7f8894fc4b3fc209ff",
+            "links": {
+                "self": "http://localhost:5000/v3/credentials/3397b204b5f04c495bcdc8f34c8a39996f280f9172658241873e15f070ec79d7"
+            },
+            "blob": "{\"access\": \"db9c58a558534a10a070110de4f9f20c\", \"secret\": \"973e790b88db447ba6f93bca02bc745b\", \"trust_id\": null}",
+            "project_id": "7396e43183db40dcbf40dd727637b548",
+            "type": "ec2",
+            "id": "3397b204b5f04c495bcdc8f34c8a39996f280f9172658241873e15f070ec79d7"
+        },
+        {
+            "user_id": "915cc5f8cca6466aba6c6be06cbabfdf",
+            "links": {
+                "self": "http://localhost:5000/v3/credentials/352d5dd7a4aa19c4f2f23ee288bf65dc23a0bc293f40ffd2128ffe6a8cf3e871"
+            },
+            "blob": "{\"access\": \"817c6c3487a440c1a0b1d3f92b30ca37\", \"secret\": \"47d681117d1c46e69a0c9ec811dae2e9\", \"trust_id\": null}",
+            "project_id": "2bf9767f9db949ee8364262a28a23062",
+            "type": "ec2",
+            "id": "352d5dd7a4aa19c4f2f23ee288bf65dc23a0bc293f40ffd2128ffe6a8cf3e871"
+        },
+        {
+            "user_id": "bb5476fd12884539b41d5a88f838d773",
+            "links": {
+                "self": "http://localhost:5000/v3/credentials/3d3367228f9c7665266604462ec60029bcd83ad89614021a80b2eb879c572510"
+            },
+            "blob": "{\"access\":\"181920\",\"secret\":\"secretKey\"}",
+            "project_id": "731fc6f265cd486d900f16e84c5cb594",
+            "type": "ec2",
+            "id": "3d3367228f9c7665266604462ec60029bcd83ad89614021a80b2eb879c572510"
+        },
+        {
+            "user_id": "bb5476fd12884539b41d5a88f838d773",
+            "links": {
+                "self": "http://localhost:5000/v3/credentials/6b7d803fc03b85866904b6b79e0a8fa1f4013b584163b4477eed96717eb402c0"
+            },
+            "blob": "{\"access\": \"f2ba45670b504a518b46e920d760fde2\", \"secret\": \"bf7fff2b3a844730b2db793411756e55\", \"trust_id\": null}",
+            "project_id": "731fc6f265cd486d900f16e84c5cb594",
+            "type": "ec2",
+            "id": "6b7d803fc03b85866904b6b79e0a8fa1f4013b584163b4477eed96717eb402c0"
+        },
+        {
+            "user_id": "2b657f6742ac416697e6821b3b2ee785",
+            "links": {
+                "self": "http://localhost:5000/v3/credentials/7d391b869631e5c4836708ea3bb3e0a5cbe0481201b5f0ddd5685ad3b3faa564"
+            },
+            "blob": "{\"access\": \"a1525da4e7c0438ebf3058372d637b59\", \"secret\": \"c9165d2542b141e8b2a1ff61a5f5487c\", \"trust_id\": null}",
+            "project_id": "2bf9767f9db949ee8364262a28a23062",
+            "type": "ec2",
+            "id": "7d391b869631e5c4836708ea3bb3e0a5cbe0481201b5f0ddd5685ad3b3faa564"
+        },
+        {
+            "user_id": "bb5476fd12884539b41d5a88f838d773",
+            "links": {
+                "self": "http://localhost:5000/v3/credentials/7ef4faa904ae7b8b4ddc7bad15b05ee359dad7d7a9b82861d4ad92fdbbb2eb4e"
+            },
+            "blob": "{\"access\": \"7d7559359b57419eb5f5f5dcd65ab57d\", \"secret\": \"570652bcf8c2483c86eb29e9734eed3c\", \"trust_id\": null}",
+            "project_id": "731fc6f265cd486d900f16e84c5cb594",
+            "type": "ec2",
+            "id": "7ef4faa904ae7b8b4ddc7bad15b05ee359dad7d7a9b82861d4ad92fdbbb2eb4e"
+        },
+        {
+            "user_id": "aedb193e9bb8400485f8d8426f7a031f",
+            "links": {
+                "self": "http://localhost:5000/v3/credentials/9c1c428d8e0e8338a5e16489ecfff9962f2b00f984ce4c7e9015e4003f478df8"
+            },
+            "blob": "{\"access\": \"b3a6e5f4427c47e9b202264d91a19e49\", \"secret\": \"d9eb470f503f4b46932de38db7a79402\", \"trust_id\": null}",
+            "project_id": "a2672ecf9dd34c6980448b25a47e0947",
+            "type": "ec2",
+            "id": "9c1c428d8e0e8338a5e16489ecfff9962f2b00f984ce4c7e9015e4003f478df8"
+        },
+        {
+            "user_id": "c14107e65d5c4a7f8894fc4b3fc209ff",
+            "links": {
+                "self": "http://localhost:5000/v3/credentials/e2c35ac2becb0fca3c3c2f035692a4f46a9cbf3b6e86c8a47f5aafe837d78a05"
+            },
+            "blob": "{\"access\": \"1ed843b1bd4a409f9562400085adbaa4\", \"secret\": \"236ab24db1f04ec995fcf618ed4fc0f5\", \"trust_id\": null}",
+            "project_id": "6e01855f345f4c59812999b5e459137d",
+            "type": "ec2",
+            "id": "e2c35ac2becb0fca3c3c2f035692a4f46a9cbf3b6e86c8a47f5aafe837d78a05"
+        }
+    ],
+    "links": {
+        "self": "http://localhost:5000/v3/credentials",
+        "previous": null,
+        "next": null
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGetResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGetResponse.json
new file mode 100644
index 000000000..60f10084e
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGetResponse.json
@@ -0,0 +1,11 @@
+{
+    "config": {
+        "identity": {
+            "driver": "keystone.identity.backends.ldap.Identity"
+        },
+        "ldap": {
+            "url": "http://myldap/root",
+            "user_tree_dn": "ou=Users,dc=root,dc=org"
+        }
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupGetResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupGetResponse.json
new file mode 100644
index 000000000..b03ba8363
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupGetResponse.json
@@ -0,0 +1,6 @@
+{
+    "ldap": {
+        "url": "http://myldap/root",
+        "user_tree_dn": "ou=Users,dc=root,dc=org"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupOptionGetResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupOptionGetResponse.json
new file mode 100644
index 000000000..fc4c140e5
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupOptionGetResponse.json
@@ -0,0 +1,3 @@
+{
+    "url": "http://myldap/root"
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupOptionUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupOptionUpdateRequest.json
new file mode 100644
index 000000000..3c4642dd9
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupOptionUpdateRequest.json
@@ -0,0 +1,3 @@
+{
+    "url": "http://myldap/my_other_root"
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupOptionUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupOptionUpdateResponse.json
new file mode 100644
index 000000000..6367de344
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupOptionUpdateResponse.json
@@ -0,0 +1,11 @@
+{
+    "config": {
+        "identity": {
+            "driver": "keystone.identity.backends.ldap.Identity"
+        },
+        "ldap": {
+            "url": "http://myldap/my_other_root",
+            "user_tree_dn": "ou=Users,dc=my_new_root,dc=org"
+        }
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupUpdateRequest.json
new file mode 100644
index 000000000..b0a840976
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupUpdateRequest.json
@@ -0,0 +1,8 @@
+{
+    "config": {
+        "ldap": {
+            "url": "http://myldap/my_new_root",
+            "user_tree_dn": "ou=Users,dc=my_new_root,dc=org"
+        }
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupUpdateResponse.json
new file mode 100644
index 000000000..fa2259e31
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigGroupUpdateResponse.json
@@ -0,0 +1,11 @@
+{
+    "config": {
+        "identity": {
+            "driver": "keystone.identity.backends.ldap.Identity"
+        },
+        "ldap": {
+            "url": "http://myldap/my_new_root",
+            "user_tree_dn": "ou=Users,dc=my_new_root,dc=org"
+        }
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigUpdateRequest.json
new file mode 100644
index 000000000..b0a840976
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigUpdateRequest.json
@@ -0,0 +1,8 @@
+{
+    "config": {
+        "ldap": {
+            "url": "http://myldap/my_new_root",
+            "user_tree_dn": "ou=Users,dc=my_new_root,dc=org"
+        }
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigUpdateResponse.json
new file mode 100644
index 000000000..fa2259e31
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainConfigUpdateResponse.json
@@ -0,0 +1,11 @@
+{
+    "config": {
+        "identity": {
+            "driver": "keystone.identity.backends.ldap.Identity"
+        },
+        "ldap": {
+            "url": "http://myldap/my_new_root",
+            "user_tree_dn": "ou=Users,dc=my_new_root,dc=org"
+        }
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/DomainCreateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainCreateRequest.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/DomainCreateRequest.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainCreateRequest.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/DomainCreateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainCreateResponse.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/DomainCreateResponse.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainCreateResponse.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainGetResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainGetResponse.json
new file mode 100644
index 000000000..1106b1973
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainGetResponse.json
@@ -0,0 +1,11 @@
+{
+    "domain": {
+        "description": "Owns users and tenants (i.e. projects) available on Identity API v2.",
+        "enabled": true,
+        "id": "default",
+        "links": {
+            "self": "http://localhost:5000/v3/domains/default"
+        },
+        "name": "Default"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainGroupUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainGroupUpdateRequest.json
new file mode 100644
index 000000000..b0a840976
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainGroupUpdateRequest.json
@@ -0,0 +1,8 @@
+{
+    "config": {
+        "ldap": {
+            "url": "http://myldap/my_new_root",
+            "user_tree_dn": "ou=Users,dc=my_new_root,dc=org"
+        }
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/DomainListGroupRolesResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainListGroupRolesResponse.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/DomainListGroupRolesResponse.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainListGroupRolesResponse.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/DomainListUserRolesResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainListUserRolesResponse.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/DomainListUserRolesResponse.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainListUserRolesResponse.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainUpdateRequest.json
new file mode 100644
index 000000000..34c834aa7
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainUpdateRequest.json
@@ -0,0 +1,5 @@
+{
+    "domain": {
+        "description": "Owns users and projects on Identity API v2."
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainUpdateResponse.json
new file mode 100644
index 000000000..fe1034bb5
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainUpdateResponse.json
@@ -0,0 +1,11 @@
+{
+    "domain": {
+        "links": {
+            "self": "http://localhost:5000/v3/domains/default"
+        },
+        "enabled": true,
+        "description": "Owns users and projects on Identity API v2.",
+        "name": "Default",
+        "id": "default"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainsListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainsListResponse.json
new file mode 100644
index 000000000..945c86458
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/DomainsListResponse.json
@@ -0,0 +1,27 @@
+{
+    "domains": [
+        {
+            "description": "Used for swift functional testing",
+            "enabled": true,
+            "id": "5a75994a383c449184053ff7270c4e91",
+            "links": {
+                "self": "http://localhost:5000/v3/domains/5a75994a383c449184053ff7270c4e91"
+            },
+            "name": "swift_test"
+        },
+        {
+            "description": "Owns users and tenants (i.e. projects) available on Identity API v2.",
+            "enabled": true,
+            "id": "default",
+            "links": {
+                "self": "http://localhost:5000/v3/domains/default"
+            },
+            "name": "Default"
+        }
+    ],
+    "links": {
+        "next": null,
+        "previous": null,
+        "self": "http://localhost:5000/v3/domains"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/EndpointCreateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/EndpointCreateRequest.json
similarity index 50%
rename from api-ref/src/wadls/identity-api/src/v3/samples/EndpointCreateRequest.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/EndpointCreateRequest.json
index fc9e4c53e..6d0890992 100644
--- a/api-ref/src/wadls/identity-api/src/v3/samples/EndpointCreateRequest.json
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/EndpointCreateRequest.json
@@ -1,9 +1,9 @@
 {
     "endpoint": {
         "interface": "public",
-        "name": "name",
-        "region_id": "north",
+        "name": "ec2-2",
+        "region_id": "RegionOne",
         "url": "http://identity:35357/v3/endpoints/828384",
-        "service_id": "686766"
+        "service_id": "9242e05f0c23467bbd1cf1f7a6e5e596"
     }
 }
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/EndpointCreateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/EndpointCreateResponse.json
new file mode 100644
index 000000000..daad8538d
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/EndpointCreateResponse.json
@@ -0,0 +1,15 @@
+{
+    "endpoint": {
+        "region_id": "RegionOne",
+        "links": {
+            "self": "http://localhost:5000/v3/endpoints/e9b475a8742d4ff1a81b353c5a37e138"
+        },
+        "url": "http://identity:35357/v3/endpoints/828384",
+        "region": "RegionOne",
+        "enabled": true,
+        "interface": "public",
+        "service_id": "9242e05f0c23467bbd1cf1f7a6e5e596",
+        "id": "e9b475a8742d4ff1a81b353c5a37e138",
+        "name": "ec2-2"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/EndpointGetResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/EndpointGetResponse.json
new file mode 100644
index 000000000..cc0ff650c
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/EndpointGetResponse.json
@@ -0,0 +1,14 @@
+{
+    "endpoint": {
+        "enabled": true,
+        "id": "01c3d5b92f7841ac83fb4b26173c12c7",
+        "interface": "admin",
+        "links": {
+            "self": "http://localhost:5000/v3/endpoints/01c3d5b92f7841ac83fb4b26173c12c7"
+        },
+        "region": "RegionOne",
+        "region_id": "RegionOne",
+        "service_id": "3b2d6ad7e02c4cde8498a547601f1b8f",
+        "url": "http://23.253.211.234:9696/"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/EndpointUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/EndpointUpdateRequest.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/EndpointUpdateRequest.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/EndpointUpdateRequest.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/EndpointUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/EndpointUpdateResponse.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/EndpointUpdateResponse.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/EndpointUpdateResponse.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/EndpointsListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/EndpointsListResponse.json
new file mode 100644
index 000000000..ed35c76ef
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/EndpointsListResponse.json
@@ -0,0 +1,333 @@
+{
+    "endpoints": [
+        {
+            "enabled": true,
+            "id": "0649c5be323f4792afbc1efdd480847d",
+            "interface": "internal",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/0649c5be323f4792afbc1efdd480847d"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "ef6b15e425814dc69d830361baae0e33",
+            "url": "http://23.253.211.234:8080/v1/AUTH_$(tenant_id)s"
+        },
+        {
+            "enabled": true,
+            "id": "06b85ed2aa57413ca0b1813daed329a9",
+            "interface": "internal",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/06b85ed2aa57413ca0b1813daed329a9"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "98cfd5347fb84601b2f88f3afd8dddd4",
+            "url": "http://23.253.211.234:8776/v1/$(tenant_id)s"
+        },
+        {
+            "enabled": true,
+            "id": "070102f162e04f91a52c7887d0604163",
+            "interface": "admin",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/070102f162e04f91a52c7887d0604163"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "312f401c14d143d8b3e3f4daf0418add",
+            "url": "http://23.253.211.234:8774/v2.1/$(tenant_id)s"
+        },
+        {
+            "enabled": true,
+            "id": "0fd73b621e424cc0a172853264519cbc",
+            "interface": "admin",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/0fd73b621e424cc0a172853264519cbc"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "17a877162c8e405b81d563d95ec4e3f8",
+            "url": "http://23.253.211.234:8776/v2/$(tenant_id)s"
+        },
+        {
+            "enabled": true,
+            "id": "1899667a3b1544ccb355fdfc4184d7d7",
+            "interface": "public",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/1899667a3b1544ccb355fdfc4184d7d7"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "9b67aed49e0d4c2fb46ca9476a3b9243",
+            "url": "http://23.253.211.234:9292"
+        },
+        {
+            "enabled": true,
+            "id": "3b3611ea2e554ee7b85e7f2213b02c33",
+            "interface": "admin",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/3b3611ea2e554ee7b85e7f2213b02c33"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "2a662f90700b4478929d4b24cc6a320b",
+            "url": "http://23.253.211.234:9696/"
+        },
+        {
+            "enabled": true,
+            "id": "3ea2b420306f48c6bf0cf51c2fefea03",
+            "interface": "internal",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/3ea2b420306f48c6bf0cf51c2fefea03"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "736fb9bb21ef498287db9abcc55b20d9",
+            "url": "http://23.253.211.234:8774/v2/$(tenant_id)s"
+        },
+        {
+            "enabled": true,
+            "id": "41b122182f574a44b0e246aff6ca29c5",
+            "interface": "admin",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/41b122182f574a44b0e246aff6ca29c5"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "9b67aed49e0d4c2fb46ca9476a3b9243",
+            "url": "http://23.253.211.234:9292"
+        },
+        {
+            "enabled": true,
+            "id": "44a736dd5eeb4347acec66b5f11c8f80",
+            "interface": "internal",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/44a736dd5eeb4347acec66b5f11c8f80"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "2a662f90700b4478929d4b24cc6a320b",
+            "url": "http://23.253.211.234:9696/"
+        },
+        {
+            "enabled": true,
+            "id": "499e8f6718ef466ba3fb315fa8f9e0b8",
+            "interface": "internal",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/499e8f6718ef466ba3fb315fa8f9e0b8"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "312f401c14d143d8b3e3f4daf0418add",
+            "url": "http://23.253.211.234:8774/v2.1/$(tenant_id)s"
+        },
+        {
+            "enabled": true,
+            "id": "545b1e9f126248428c5cdbec7420c353",
+            "interface": "public",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/545b1e9f126248428c5cdbec7420c353"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "736fb9bb21ef498287db9abcc55b20d9",
+            "url": "http://23.253.211.234:8774/v2/$(tenant_id)s"
+        },
+        {
+            "enabled": true,
+            "id": "629dc5a64e954ad09a45e87bc48299ba",
+            "interface": "public",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/629dc5a64e954ad09a45e87bc48299ba"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "2a662f90700b4478929d4b24cc6a320b",
+            "url": "http://23.253.211.234:9696/"
+        },
+        {
+            "enabled": true,
+            "id": "642a329a660544fdaab2420c0da7d49b",
+            "interface": "public",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/642a329a660544fdaab2420c0da7d49b"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "ef6b15e425814dc69d830361baae0e33",
+            "url": "http://23.253.211.234:8080/v1/AUTH_$(tenant_id)s"
+        },
+        {
+            "enabled": true,
+            "id": "72f8fc8536e44a19bc3388218efcc741",
+            "interface": "internal",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/72f8fc8536e44a19bc3388218efcc741"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "9b67aed49e0d4c2fb46ca9476a3b9243",
+            "url": "http://23.253.211.234:9292"
+        },
+        {
+            "enabled": true,
+            "id": "74121e71962e4947ac622c41706f0ee7",
+            "interface": "public",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/74121e71962e4947ac622c41706f0ee7"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "17a877162c8e405b81d563d95ec4e3f8",
+            "url": "http://23.253.211.234:8776/v2/$(tenant_id)s"
+        },
+        {
+            "enabled": true,
+            "id": "7431a4f971dc4abb8d0e387434a06817",
+            "interface": "admin",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/7431a4f971dc4abb8d0e387434a06817"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "9242e05f0c23467bbd1cf1f7a6e5e596",
+            "url": "http://23.253.211.234:8773/"
+        },
+        {
+            "enabled": true,
+            "id": "7cffc75a14ca4334b458e475750bd84f",
+            "interface": "public",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/7cffc75a14ca4334b458e475750bd84f"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "efeb249cbcd3412496bc4b194ea058da",
+            "url": "http://23.253.211.234:5000/v2.0"
+        },
+        {
+            "enabled": true,
+            "id": "a422a6fa163b4a6ba8309e067ce3750b",
+            "interface": "public",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/a422a6fa163b4a6ba8309e067ce3750b"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "312f401c14d143d8b3e3f4daf0418add",
+            "url": "http://23.253.211.234:8774/v2.1/$(tenant_id)s"
+        },
+        {
+            "enabled": true,
+            "id": "ac6a74efe9944afdb129d4df70cde0ec",
+            "interface": "public",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/ac6a74efe9944afdb129d4df70cde0ec"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "9242e05f0c23467bbd1cf1f7a6e5e596",
+            "url": "http://23.253.211.234:8773/"
+        },
+        {
+            "enabled": true,
+            "id": "adf43d7ff0d14d0fa1e8a5187f40e1af",
+            "interface": "internal",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/adf43d7ff0d14d0fa1e8a5187f40e1af"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "efeb249cbcd3412496bc4b194ea058da",
+            "url": "http://23.253.211.234:5000/v2.0"
+        },
+        {
+            "enabled": true,
+            "id": "b18be64a118244d39217db72534f8b33",
+            "interface": "admin",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/b18be64a118244d39217db72534f8b33"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "736fb9bb21ef498287db9abcc55b20d9",
+            "url": "http://23.253.211.234:8774/v2/$(tenant_id)s"
+        },
+        {
+            "enabled": true,
+            "id": "c828983c9c214d819674649aa693cdff",
+            "interface": "public",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/c828983c9c214d819674649aa693cdff"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "98cfd5347fb84601b2f88f3afd8dddd4",
+            "url": "http://23.253.211.234:8776/v1/$(tenant_id)s"
+        },
+        {
+            "enabled": true,
+            "id": "d062ebdb244f447498768fc0ced32e2d",
+            "interface": "admin",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/d062ebdb244f447498768fc0ced32e2d"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "98cfd5347fb84601b2f88f3afd8dddd4",
+            "url": "http://23.253.211.234:8776/v1/$(tenant_id)s"
+        },
+        {
+            "enabled": true,
+            "id": "d281219ec0df4cf2b7c681463d5dcf51",
+            "interface": "internal",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/d281219ec0df4cf2b7c681463d5dcf51"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "17a877162c8e405b81d563d95ec4e3f8",
+            "url": "http://23.253.211.234:8776/v2/$(tenant_id)s"
+        },
+        {
+            "enabled": true,
+            "id": "d8e0824a17404431b5d978a87ac1bede",
+            "interface": "admin",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/d8e0824a17404431b5d978a87ac1bede"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "efeb249cbcd3412496bc4b194ea058da",
+            "url": "http://23.253.211.234:35357/v2.0"
+        },
+        {
+            "enabled": true,
+            "id": "d9b54bdc063046828ac3c6487bea8047",
+            "interface": "internal",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/d9b54bdc063046828ac3c6487bea8047"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "9242e05f0c23467bbd1cf1f7a6e5e596",
+            "url": "http://23.253.211.234:8773/"
+        },
+        {
+            "enabled": true,
+            "id": "ea74f9771dec475eabfc2cdff5364413",
+            "interface": "admin",
+            "links": {
+                "self": "http://localhost:5000/v3/endpoints/ea74f9771dec475eabfc2cdff5364413"
+            },
+            "region": "RegionOne",
+            "region_id": "RegionOne",
+            "service_id": "ef6b15e425814dc69d830361baae0e33",
+            "url": "http://23.253.211.234:8080"
+        }
+    ],
+    "links": {
+        "next": null,
+        "previous": null,
+        "self": "http://localhost:5000/v3/endpoints"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupCreateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupCreateRequest.json
new file mode 100644
index 000000000..4c35eb48e
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupCreateRequest.json
@@ -0,0 +1,7 @@
+{
+    "group": {
+        "description": "Contract developers",
+        "domain_id": "default",
+        "name": "Contract developers"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupCreateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupCreateResponse.json
new file mode 100644
index 000000000..112218d48
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupCreateResponse.json
@@ -0,0 +1,11 @@
+{
+    "group": {
+        "domain_id": "default",
+        "description": "Contract developers",
+        "id": "c0d675eac29945ad9dfd08aa1bb75751",
+        "links": {
+            "self": "http://localhost:5000/v3/groups/c0d675eac29945ad9dfd08aa1bb75751"
+        },
+        "name": "Contract developers"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupGetResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupGetResponse.json
new file mode 100644
index 000000000..112218d48
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupGetResponse.json
@@ -0,0 +1,11 @@
+{
+    "group": {
+        "domain_id": "default",
+        "description": "Contract developers",
+        "id": "c0d675eac29945ad9dfd08aa1bb75751",
+        "links": {
+            "self": "http://localhost:5000/v3/groups/c0d675eac29945ad9dfd08aa1bb75751"
+        },
+        "name": "Contract developers"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupListUsersResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupListUsersResponse.json
new file mode 100644
index 000000000..68bef1237
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupListUsersResponse.json
@@ -0,0 +1,19 @@
+{
+    "users": [
+        {
+            "name": "admin",
+            "links": {
+                "self": "http://localhost:5000/v3/users/fff603a0829d41e48bc0dd0d72ad61ce"
+            },
+            "domain_id": "default",
+            "enabled": true,
+            "email": null,
+            "id": "fff603a0829d41e48bc0dd0d72ad61ce"
+        }
+    ],
+    "links": {
+        "self": "http://localhost:5000/v3/groups/9ce0ad4e58a84d7a97b92f7955d10c92/users",
+        "previous": null,
+        "next": null
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupUpdateRequest.json
new file mode 100644
index 000000000..961838b57
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupUpdateRequest.json
@@ -0,0 +1,6 @@
+{
+    "group": {
+        "description": "Contract developers 2016",
+        "name": "Contract developers 2016"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupUpdateResponse.json
new file mode 100644
index 000000000..6a3ee3395
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupUpdateResponse.json
@@ -0,0 +1,11 @@
+{
+    "group": {
+        "domain_id": "default",
+        "description": "Contract developers 2016",
+        "id": "c0d675eac29945ad9dfd08aa1bb75751",
+        "links": {
+            "self": "http://localhost:5000/v3/groups/c0d675eac29945ad9dfd08aa1bb75751"
+        },
+        "name": "Contract developers 2016"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupsListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupsListResponse.json
new file mode 100644
index 000000000..4984bc600
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/GroupsListResponse.json
@@ -0,0 +1,27 @@
+{
+    "links": {
+        "self": "http://localhost:5000/v3/groups",
+        "previous": null,
+        "next": null
+    },
+    "groups": [
+        {
+            "domain_id": "default",
+            "description": "non-admin group",
+            "id": "96372bbb152f475aa37e9a76a25a029c",
+            "links": {
+                "self": "http://localhost:5000/v3/groups/96372bbb152f475aa37e9a76a25a029c"
+            },
+            "name": "nonadmins"
+        },
+        {
+            "domain_id": "default",
+            "description": "openstack admin group",
+            "id": "9ce0ad4e58a84d7a97b92f7955d10c92",
+            "links": {
+                "self": "http://localhost:5000/v3/groups/9ce0ad4e58a84d7a97b92f7955d10c92"
+            },
+            "name": "admins"
+        }
+    ]
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/PoliciesListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/PoliciesListResponse.json
new file mode 100644
index 000000000..3a2ae7158
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/PoliciesListResponse.json
@@ -0,0 +1,37 @@
+{
+    "links": {
+        "next": null,
+        "previous": null,
+        "self": "http://localhost:5000/v3/policies"
+    },
+    "policies": [
+        {
+            "blob": {
+                "foobar_user": [
+                    "role:compute-user"
+                ]
+            },
+            "id": "717273",
+            "links": {
+                "self": "http://identity:35357/v3/policies/717273"
+            },
+            "project_id": "456789",
+            "type": "application/json",
+            "user_id": "616263"
+        },
+        {
+            "blob": {
+                "foobar_user": [
+                    "role:compute-user"
+                ]
+            },
+            "id": "717274",
+            "links": {
+                "self": "http://identity:35357/v3/policies/717274"
+            },
+            "project_id": "456789",
+            "type": "application/json",
+            "user_id": "616263"
+        }
+    ]
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/PolicyCreateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/PolicyCreateRequest.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/PolicyCreateRequest.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/PolicyCreateRequest.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/PolicyCreateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/PolicyCreateResponse.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/PolicyCreateResponse.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/PolicyCreateResponse.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/PolicyGetResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/PolicyGetResponse.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/PolicyGetResponse.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/PolicyGetResponse.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/PolicyUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/PolicyUpdateRequest.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/PolicyUpdateRequest.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/PolicyUpdateRequest.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/PolicyUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/PolicyUpdateResponse.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/PolicyUpdateResponse.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/PolicyUpdateResponse.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/ProjectCreateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectCreateRequest.json
similarity index 66%
rename from api-ref/src/wadls/identity-api/src/v3/samples/ProjectCreateRequest.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectCreateRequest.json
index 1f66b165e..76c941155 100644
--- a/api-ref/src/wadls/identity-api/src/v3/samples/ProjectCreateRequest.json
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectCreateRequest.json
@@ -1,9 +1,9 @@
 {
     "project": {
         "description": "My new project",
-        "domain_id": "1789d1",
-        "parent_id": "123c56",
+        "domain_id": "default",
         "enabled": true,
+        "is_domain": true,
         "name": "myNewProject"
     }
 }
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectCreateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectCreateResponse.json
new file mode 100644
index 000000000..e1e3ba677
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectCreateResponse.json
@@ -0,0 +1,14 @@
+{
+    "project": {
+        "is_domain": true,
+        "description": "My new project",
+        "links": {
+            "self": "http://localhost:5000/v3/projects/93ebbcc35335488b96ff9cd7d18cbb2e"
+        },
+        "enabled": true,
+        "id": "93ebbcc35335488b96ff9cd7d18cbb2e",
+        "parent_id": null,
+        "domain_id": "default",
+        "name": "myNewProject"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectEnableRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectEnableRequest.json
new file mode 100644
index 000000000..ed87ef842
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectEnableRequest.json
@@ -0,0 +1,5 @@
+{
+    "project": {
+        "enabled": true
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectGetResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectGetResponse.json
new file mode 100644
index 000000000..7fc8ca5c2
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectGetResponse.json
@@ -0,0 +1,13 @@
+{
+    "project": {
+        "description": null,
+        "domain_id": "default",
+        "enabled": true,
+        "id": "0c4e939acacf4376bdcd1129f1a054ad",
+        "links": {
+            "self": "http://localhost:5000/v3/projects/0c4e939acacf4376bdcd1129f1a054ad"
+        },
+        "name": "admin",
+        "parent_id": null
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/ProjectListGroupRolesResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectListGroupRolesResponse.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/ProjectListGroupRolesResponse.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectListGroupRolesResponse.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectListUserRolesResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectListUserRolesResponse.json
new file mode 100644
index 000000000..2704f65a6
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectListUserRolesResponse.json
@@ -0,0 +1,16 @@
+{
+    "links": {
+        "self": "http://localhost:5000/v3/projects/9e5a15e2c0dd42aab0990a463e839ac1/users/b964a9e51c0046a4a84d3f83a135a97c/roles",
+        "previous": null,
+        "next": null
+    },
+    "roles": [
+        {
+            "id": "3b5347fa7a144008ba57c0acea469cc3",
+            "links": {
+                "self": "http://localhost:5000/v3/roles/3b5347fa7a144008ba57c0acea469cc3"
+            },
+            "name": "admin"
+        }
+    ]
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/ProjectUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectUpdateRequest.json
similarity index 68%
rename from api-ref/src/wadls/identity-api/src/v3/samples/ProjectUpdateRequest.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectUpdateRequest.json
index faa0091da..6cc0bdb34 100644
--- a/api-ref/src/wadls/identity-api/src/v3/samples/ProjectUpdateRequest.json
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectUpdateRequest.json
@@ -1,8 +1,7 @@
 {
     "project": {
         "description": "My updated project",
-        "domain_id": "1789d1",
-        "parent_id": "123c56",
+        "domain_id": "default",
         "enabled": true,
         "name": "myUpdatedProject"
     }
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectUpdateResponse.json
new file mode 100644
index 000000000..c56eb4a2a
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectUpdateResponse.json
@@ -0,0 +1,17 @@
+{
+    "project": {
+        "is_domain": true,
+        "description": "My updated project",
+        "links": {
+            "self": "http://localhost:5000/v3/projects/93ebbcc35335488b96ff9cd7d18cbb2e"
+        },
+        "extra": {
+            "is_domain": true
+        },
+        "enabled": true,
+        "id": "93ebbcc35335488b96ff9cd7d18cbb2e",
+        "parent_id": null,
+        "domain_id": "default",
+        "name": "myUpdatedProject"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectsListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectsListResponse.json
new file mode 100644
index 000000000..0a770030a
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ProjectsListResponse.json
@@ -0,0 +1,97 @@
+{
+    "links": {
+        "next": null,
+        "previous": null,
+        "self": "http://localhost:5000/v3/projects"
+    },
+    "projects": [
+        {
+            "description": null,
+            "domain_id": "default",
+            "enabled": true,
+            "id": "0c4e939acacf4376bdcd1129f1a054ad",
+            "links": {
+                "self": "http://localhost:5000/v3/projects/0c4e939acacf4376bdcd1129f1a054ad"
+            },
+            "name": "admin",
+            "parent_id": null
+        },
+        {
+            "description": null,
+            "domain_id": "default",
+            "enabled": true,
+            "id": "0cbd49cbf76d405d9c86562e1d579bd3",
+            "links": {
+                "self": "http://localhost:5000/v3/projects/0cbd49cbf76d405d9c86562e1d579bd3"
+            },
+            "name": "demo",
+            "parent_id": null
+        },
+        {
+            "description": null,
+            "domain_id": "default",
+            "enabled": true,
+            "id": "2db68fed84324f29bb73130c6c2094fb",
+            "links": {
+                "self": "http://localhost:5000/v3/projects/2db68fed84324f29bb73130c6c2094fb"
+            },
+            "name": "swifttenanttest2",
+            "parent_id": null
+        },
+        {
+            "description": null,
+            "domain_id": "default",
+            "enabled": true,
+            "id": "3d594eb0f04741069dbbb521635b21c7",
+            "links": {
+                "self": "http://localhost:5000/v3/projects/3d594eb0f04741069dbbb521635b21c7"
+            },
+            "name": "service",
+            "parent_id": null
+        },
+        {
+            "description": null,
+            "domain_id": "default",
+            "enabled": true,
+            "id": "43ebde53fc314b1c9ea2b8c5dc744927",
+            "links": {
+                "self": "http://localhost:5000/v3/projects/43ebde53fc314b1c9ea2b8c5dc744927"
+            },
+            "name": "swifttenanttest1",
+            "parent_id": null
+        },
+        {
+            "description": "",
+            "domain_id": "1bc2169ca88e4cdaaba46d4c15390b65",
+            "enabled": true,
+            "id": "4b1eb781a47440acb8af9850103e537f",
+            "links": {
+                "self": "http://localhost:5000/v3/projects/4b1eb781a47440acb8af9850103e537f"
+            },
+            "name": "swifttenanttest4",
+            "parent_id": null
+        },
+        {
+            "description": null,
+            "domain_id": "default",
+            "enabled": true,
+            "id": "5961c443439d4fcebe42643723755e9d",
+            "links": {
+                "self": "http://localhost:5000/v3/projects/5961c443439d4fcebe42643723755e9d"
+            },
+            "name": "invisible_to_admin",
+            "parent_id": null
+        },
+        {
+            "description": null,
+            "domain_id": "default",
+            "enabled": true,
+            "id": "fdb8424c4e4f4c0ba32c52e2de3bd80e",
+            "links": {
+                "self": "http://localhost:5000/v3/projects/fdb8424c4e4f4c0ba32c52e2de3bd80e"
+            },
+            "name": "alt_demo",
+            "parent_id": null
+        }
+    ]
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionCreateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionCreateRequest.json
new file mode 100644
index 000000000..c20f1ed63
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionCreateRequest.json
@@ -0,0 +1,7 @@
+{
+    "region": {
+        "description": "My subregion",
+        "id": "RegionOneSubRegion",
+        "parent_region_id": "RegionOne"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionCreateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionCreateResponse.json
new file mode 100644
index 000000000..ad37413ec
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionCreateResponse.json
@@ -0,0 +1,10 @@
+{
+    "region": {
+        "parent_region_id": "RegionOne",
+        "id": "RegionOneSubRegion",
+        "links": {
+            "self": "http://localhost:5000/v3/regions/RegionOneSubRegion"
+        },
+        "description": "My subregion"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionGetResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionGetResponse.json
new file mode 100644
index 000000000..512130d41
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionGetResponse.json
@@ -0,0 +1,10 @@
+{
+    "region": {
+        "description": "My subregion 3",
+        "id": "RegionThree",
+        "links": {
+            "self": "http://localhost:5000/v3/regions/RegionThree"
+        },
+        "parent_region_id": "RegionOne"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionUpdateRequest.json
new file mode 100644
index 000000000..9b8f1c0c8
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionUpdateRequest.json
@@ -0,0 +1,5 @@
+{
+    "region": {
+        "description": "My subregion 3"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionUpdateResponse.json
new file mode 100644
index 000000000..bb644b1dd
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionUpdateResponse.json
@@ -0,0 +1,10 @@
+{
+    "region": {
+        "parent_region_id": "RegionOne",
+        "id": "RegionThree",
+        "links": {
+            "self": "http://localhost:5000/v3/regions/RegionThree"
+        },
+        "description": "My subregion 3"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionsListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionsListResponse.json
new file mode 100644
index 000000000..24ca02e9c
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RegionsListResponse.json
@@ -0,0 +1,17 @@
+{
+    "links": {
+        "next": null,
+        "previous": null,
+        "self": "http://localhost:5000/v3/regions"
+    },
+    "regions": [
+        {
+            "description": "",
+            "id": "RegionOne",
+            "links": {
+                "self": "http://localhost:5000/v3/regions/RegionOne"
+            },
+            "parent_region_id": null
+        }
+    ]
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RevokedListRequest.txt b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RevokedListRequest.txt
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/RevokedListRequest.txt
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/RevokedListRequest.txt
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/RevokedListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RevokedListResponse.json
new file mode 100644
index 000000000..01e4ac88b
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RevokedListResponse.json
@@ -0,0 +1,3 @@
+{
+    "signed": "-----BEGIN CMS-----\nMIICGwYJKoZIhvcNAQcCoIICDDCCAggCAQExDTALBglghkgBZQMEAgEwawYJKoZI\nhvcNAQcBoF4EXHsicmV2b2tlZCI6IFt7ImV4cGlyZXMiOiAiMjAxNC0xMi0wMlQx\nNzowMDowOVoiLCAiaWQiOiAiODhiMjRmOTI5OTk0NGU1ZjhkODE0MDNjYzMyY2M5\nMmUifV19MYIBhTCCAYECAQEwXDBXMQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVW5z\nZXQxDjAMBgNVBAcMBVVuc2V0MQ4wDAYDVQQKDAVVbnNldDEYMBYGA1UEAwwPd3d3\nLmV4YW1wbGUuY29tAgEBMAsGCWCGSAFlAwQCATANBgkqhkiG9w0BAQEFAASCAQA3\nc8EI58ZXtqkyuUWqLPJZdB5v7Ou978w22YkOsgL5ruUpQiWdhdgvL/sxqd7OPqi7\nZZV3N+io+z1m4uAiSbriumv7HOEnIUEAUhK4G0kw5kAAg4j50c0Omdiqdq75k0j/\nJPoRCXa8ieb0X87zhgfIq7ze/HZ7E2LoO20us3AEzmglNv023qgGcsSGPAUIHWN5\nloonPtgztiwVbmS2gs3Z9JB73mxEBviCX4CZEU/sNpchAzI/53tscKlqlzv+GBcm\n1dYP3hEZn3twFRI9zos4hTwFkUivn6D3qgQB684sVrvKlzOCIqOKVGGYVSy/FQLE\nWwQ5u58ZD8ohaJPu2Q6l\n-----END CMS-----\n"
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/listRoleAssignments.txt b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleAssignmentsEffectiveList.txt
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/listRoleAssignments.txt
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleAssignmentsEffectiveList.txt
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RoleAssignmentsEffectiveListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleAssignmentsEffectiveListResponse.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/RoleAssignmentsEffectiveListResponse.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleAssignmentsEffectiveListResponse.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/listRoleAssignmentsEffective.txt b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleAssignmentsList.txt
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/listRoleAssignmentsEffective.txt
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleAssignmentsList.txt
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RoleAssignmentsListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleAssignmentsListResponse.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/RoleAssignmentsListResponse.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleAssignmentsListResponse.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/RoleCreateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleCreateRequest.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/RoleCreateRequest.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleCreateRequest.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleCreateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleCreateResponse.json
new file mode 100644
index 000000000..a78cdf3c8
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleCreateResponse.json
@@ -0,0 +1,9 @@
+{
+    "role": {
+        "id": "1e443fa8cee3482a8a2b6954dd5c8f12",
+        "links": {
+            "self": "http://localhost:5000/v3/roles/1e443fa8cee3482a8a2b6954dd5c8f12"
+        },
+        "name": "developer"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleGetResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleGetResponse.json
new file mode 100644
index 000000000..c435f1393
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleGetResponse.json
@@ -0,0 +1,9 @@
+{
+    "role": {
+        "id": "1e443fa8cee3482a8a2b6954dd5c8f12",
+        "links": {
+            "self": "http://localhost:5000/v3/roles/1e443fa8cee3482a8a2b6954dd5c8f12"
+        },
+        "name": "Developer"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleUpdateRequest.json
new file mode 100644
index 000000000..9a13ea724
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleUpdateRequest.json
@@ -0,0 +1,5 @@
+{
+    "role": {
+        "name": "Developer"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleUpdateResponse.json
new file mode 100644
index 000000000..c435f1393
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RoleUpdateResponse.json
@@ -0,0 +1,9 @@
+{
+    "role": {
+        "id": "1e443fa8cee3482a8a2b6954dd5c8f12",
+        "links": {
+            "self": "http://localhost:5000/v3/roles/1e443fa8cee3482a8a2b6954dd5c8f12"
+        },
+        "name": "Developer"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/RolesListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RolesListResponse.json
new file mode 100644
index 000000000..3ec474398
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/RolesListResponse.json
@@ -0,0 +1,51 @@
+{
+    "links": {
+        "next": null,
+        "previous": null,
+        "self": "http://localhost:5000/v3/roles"
+    },
+    "roles": [
+        {
+            "id": "5318e65d75574c17bf5339d3df33a5a3",
+            "links": {
+                "self": "http://localhost:5000/v3/roles/5318e65d75574c17bf5339d3df33a5a3"
+            },
+            "name": "admin"
+        },
+        {
+            "id": "642bcfc75c384fd181adf34d9b2df897",
+            "links": {
+                "self": "http://localhost:5000/v3/roles/642bcfc75c384fd181adf34d9b2df897"
+            },
+            "name": "anotherrole"
+        },
+        {
+            "id": "779a76d74f544224a7ef8762ca0de627",
+            "links": {
+                "self": "http://localhost:5000/v3/roles/779a76d74f544224a7ef8762ca0de627"
+            },
+            "name": "Member"
+        },
+        {
+            "id": "9fe2ff9ee4384b1894a90878d3e92bab",
+            "links": {
+                "self": "http://localhost:5000/v3/roles/9fe2ff9ee4384b1894a90878d3e92bab"
+            },
+            "name": "_member_"
+        },
+        {
+            "id": "ba2dfba61c934ee89e3110de36273229",
+            "links": {
+                "self": "http://localhost:5000/v3/roles/ba2dfba61c934ee89e3110de36273229"
+            },
+            "name": "ResellerAdmin"
+        },
+        {
+            "id": "f127b97616f24d3ebceb7be840210adc",
+            "links": {
+                "self": "http://localhost:5000/v3/roles/f127b97616f24d3ebceb7be840210adc"
+            },
+            "name": "service"
+        }
+    ]
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/ServiceCreateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ServiceCreateRequest.json
new file mode 100644
index 000000000..b09f3319f
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ServiceCreateRequest.json
@@ -0,0 +1,7 @@
+{
+    "service": {
+        "type": "compute",
+        "name": "compute2",
+        "description": "Compute service 2"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/ServiceCreateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ServiceCreateResponse.json
new file mode 100644
index 000000000..445f2e899
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ServiceCreateResponse.json
@@ -0,0 +1,12 @@
+{
+    "service": {
+        "name": "compute2",
+        "links": {
+            "self": "http://localhost:5000/v3/services/3f552eb79c48436db2868e948d8cf330"
+        },
+        "enabled": true,
+        "type": "compute",
+        "id": "3f552eb79c48436db2868e948d8cf330",
+        "description": "Compute service 2"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/ServiceGetResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ServiceGetResponse.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/ServiceGetResponse.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/ServiceGetResponse.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/ServiceUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ServiceUpdateRequest.json
new file mode 100644
index 000000000..e5152dc0b
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ServiceUpdateRequest.json
@@ -0,0 +1,5 @@
+{
+    "service": {
+        "description": "Block Storage Service V2"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/ServiceUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ServiceUpdateResponse.json
new file mode 100644
index 000000000..f104d9532
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ServiceUpdateResponse.json
@@ -0,0 +1,12 @@
+{
+    "service": {
+        "name": "cinderv2",
+        "links": {
+            "self": "http://localhost:5000/v3/services/5789da9864004dd088fce14c1c626a4b"
+        },
+        "enabled": true,
+        "type": "volumev2",
+        "id": "5789da9864004dd088fce14c1c626a4b",
+        "description": "Block Storage Service V2"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/ServicesListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ServicesListResponse.json
new file mode 100644
index 000000000..f7a694ee3
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/ServicesListResponse.json
@@ -0,0 +1,99 @@
+{
+    "links": {
+        "next": null,
+        "previous": null,
+        "self": "http://localhost:5000/v3/services"
+    },
+    "services": [
+        {
+            "description": "Nova Compute Service",
+            "enabled": true,
+            "id": "1999c3a858c7408fb586817620695098",
+            "links": {
+                "self": "http://localhost:5000/v3/services/1999c3a858c7408fb586817620695098"
+            },
+            "name": "nova",
+            "type": "compute"
+        },
+        {
+            "description": "Cinder Volume Service V2",
+            "enabled": true,
+            "id": "39216610e75547f1883037e11976fc0f",
+            "links": {
+                "self": "http://localhost:5000/v3/services/39216610e75547f1883037e11976fc0f"
+            },
+            "name": "cinderv2",
+            "type": "volumev2"
+        },
+        {
+            "description": "Neutron Service",
+            "enabled": true,
+            "id": "4fe41a27de3341af9100123f765eac0d",
+            "links": {
+                "self": "http://localhost:5000/v3/services/4fe41a27de3341af9100123f765eac0d"
+            },
+            "name": "neutron",
+            "type": "network"
+        },
+        {
+            "description": "EC2 Compatibility Layer",
+            "enabled": true,
+            "id": "61d3d05bdd1449f18923c83f52a4d762",
+            "links": {
+                "self": "http://localhost:5000/v3/services/61d3d05bdd1449f18923c83f52a4d762"
+            },
+            "name": "ec2",
+            "type": "ec2"
+        },
+        {
+            "description": "Glance Image Service",
+            "enabled": true,
+            "id": "69afa3d57d1948ea988beeb252bbaa5d",
+            "links": {
+                "self": "http://localhost:5000/v3/services/69afa3d57d1948ea988beeb252bbaa5d"
+            },
+            "name": "glance",
+            "type": "image"
+        },
+        {
+            "description": "Nova Compute Service V2.1",
+            "enabled": true,
+            "id": "79b691ee7be649d9bf8613efc0960206",
+            "links": {
+                "self": "http://localhost:5000/v3/services/79b691ee7be649d9bf8613efc0960206"
+            },
+            "name": "novav21",
+            "type": "computev21"
+        },
+        {
+            "description": "Swift Service",
+            "enabled": true,
+            "id": "92419b70ebe64c6c873bd20b14360e6b",
+            "links": {
+                "self": "http://localhost:5000/v3/services/92419b70ebe64c6c873bd20b14360e6b"
+            },
+            "name": "swift",
+            "type": "object-store"
+        },
+        {
+            "description": "Keystone Identity Service",
+            "enabled": true,
+            "id": "b8f8454fc07b46b781204d2a436f9d1c",
+            "links": {
+                "self": "http://localhost:5000/v3/services/b8f8454fc07b46b781204d2a436f9d1c"
+            },
+            "name": "keystone",
+            "type": "identity"
+        },
+        {
+            "description": "Cinder Volume Service",
+            "enabled": true,
+            "id": "cdda3bea0742407f95e70f4758f46558",
+            "links": {
+                "self": "http://localhost:5000/v3/services/cdda3bea0742407f95e70f4758f46558"
+            },
+            "name": "cinder",
+            "type": "volume"
+        }
+    ]
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/TokenValidateRequest.txt b/api-ref/src/wadls/identity-api/src/v3/samples/admin/TokenValidateRequest.txt
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/TokenValidateRequest.txt
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/TokenValidateRequest.txt
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/UserCreateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/UserCreateRequest.json
similarity index 83%
rename from api-ref/src/wadls/identity-api/src/v3/samples/UserCreateRequest.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/UserCreateRequest.json
index 90a581212..d03f98825 100644
--- a/api-ref/src/wadls/identity-api/src/v3/samples/UserCreateRequest.json
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/UserCreateRequest.json
@@ -1,7 +1,7 @@
 {
     "user": {
         "default_project_id": "263fd9",
-        "description": "James Doe's user",
+        "description": "James Doe user",
         "domain_id": "1789d1",
         "email": "jdoe@example.com",
         "enabled": true,
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/UserCreateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/UserCreateResponse.json
similarity index 87%
rename from api-ref/src/wadls/identity-api/src/v3/samples/UserCreateResponse.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/UserCreateResponse.json
index c1b7ed4d0..d90134ea6 100644
--- a/api-ref/src/wadls/identity-api/src/v3/samples/UserCreateResponse.json
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/UserCreateResponse.json
@@ -1,7 +1,7 @@
 {
     "user": {
         "default_project_id": "263fd9",
-        "description": "James Doe's user",
+        "description": "James Doe user",
         "domain_id": "1789d1",
         "email": "jdoe@example.com",
         "enabled": true,
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/UserGetResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/UserGetResponse.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/UserGetResponse.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/UserGetResponse.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/UserListGroupsResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/UserListGroupsResponse.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/UserListGroupsResponse.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/UserListGroupsResponse.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/UserListProjectsResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/UserListProjectsResponse.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/UserListProjectsResponse.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/UserListProjectsResponse.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/UserUpdatePasswordRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/UserUpdatePasswordRequest.json
new file mode 100644
index 000000000..592b99be1
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/UserUpdatePasswordRequest.json
@@ -0,0 +1,6 @@
+{
+    "user": {
+        "password": "old_secretsecret",
+        "original_password": "secretsecret"
+    }
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/UserUpdateRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/UserUpdateRequest.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/UserUpdateRequest.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/UserUpdateRequest.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/UserUpdateResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/UserUpdateResponse.json
similarity index 100%
rename from api-ref/src/wadls/identity-api/src/v3/samples/UserUpdateResponse.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/UserUpdateResponse.json
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/admin/UsersListResponse.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/UsersListResponse.json
new file mode 100644
index 000000000..08c3e6a51
--- /dev/null
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/UsersListResponse.json
@@ -0,0 +1,139 @@
+{
+    "links": {
+        "next": null,
+        "previous": null,
+        "self": "http://localhost:5000/v3/users"
+    },
+    "users": [
+        {
+            "domain_id": "default",
+            "email": null,
+            "enabled": true,
+            "id": "2844b2a08be147a08ef58317d6471f1f",
+            "links": {
+                "self": "http://localhost:5000/v3/users/2844b2a08be147a08ef58317d6471f1f"
+            },
+            "name": "glance"
+        },
+        {
+            "domain_id": "default",
+            "email": "test@example.com",
+            "enabled": true,
+            "id": "4ab84ab39de54f4d96eaff8f2145a7cd",
+            "links": {
+                "self": "http://localhost:5000/v3/users/4ab84ab39de54f4d96eaff8f2145a7cd"
+            },
+            "name": "swiftusertest1"
+        },
+        {
+            "domain_id": "default",
+            "email": null,
+            "enabled": true,
+            "id": "56696a9a04864d63877a3d06a6f0b24b",
+            "links": {
+                "self": "http://localhost:5000/v3/users/56696a9a04864d63877a3d06a6f0b24b"
+            },
+            "name": "swift"
+        },
+        {
+            "domain_id": "default",
+            "email": "alt_demo@example.com",
+            "enabled": true,
+            "id": "5acb638d15da44fc8de41b9a4bd41875",
+            "links": {
+                "self": "http://localhost:5000/v3/users/5acb638d15da44fc8de41b9a4bd41875"
+            },
+            "name": "alt_demo"
+        },
+        {
+            "domain_id": "default",
+            "email": "demo@example.com",
+            "enabled": true,
+            "id": "7596e862b1af473c8ed6ae99d35b51e3",
+            "links": {
+                "self": "http://localhost:5000/v3/users/7596e862b1af473c8ed6ae99d35b51e3"
+            },
+            "name": "demo"
+        },
+        {
+            "domain_id": "default",
+            "email": null,
+            "enabled": true,
+            "id": "802edb2141b44e77bbde241417450749",
+            "links": {
+                "self": "http://localhost:5000/v3/users/802edb2141b44e77bbde241417450749"
+            },
+            "name": "nova"
+        },
+        {
+            "domain_id": "592ab0800d3745baaf45c610fa41950a",
+            "email": "test4@example.com",
+            "enabled": true,
+            "id": "9aca3883784647fe9aff3a50d922489a",
+            "links": {
+                "self": "http://localhost:5000/v3/users/9aca3883784647fe9aff3a50d922489a"
+            },
+            "name": "swiftusertest4"
+        },
+        {
+            "domain_id": "default",
+            "email": "test3@example.com",
+            "enabled": true,
+            "id": "a1251b011f9345e68c2458b841152034",
+            "links": {
+                "self": "http://localhost:5000/v3/users/a1251b011f9345e68c2458b841152034"
+            },
+            "name": "swiftusertest3"
+        },
+        {
+            "domain_id": "default",
+            "email": null,
+            "enabled": true,
+            "id": "a43f46eb318041f6b712143862e3ad70",
+            "links": {
+                "self": "http://localhost:5000/v3/users/a43f46eb318041f6b712143862e3ad70"
+            },
+            "name": "neutron"
+        },
+        {
+            "domain_id": "default",
+            "email": null,
+            "enabled": true,
+            "id": "b964a9e51c0046a4a84d3f83a135a97c",
+            "links": {
+                "self": "http://localhost:5000/v3/users/b964a9e51c0046a4a84d3f83a135a97c"
+            },
+            "name": "admin"
+        },
+        {
+            "domain_id": "default",
+            "email": null,
+            "enabled": true,
+            "id": "dc87e591c0d247d5ac04e873bd8a1646",
+            "links": {
+                "self": "http://localhost:5000/v3/users/dc87e591c0d247d5ac04e873bd8a1646"
+            },
+            "name": "cinder"
+        },
+        {
+            "domain_id": "default",
+            "email": "glance-swift@example.com",
+            "enabled": true,
+            "id": "ed214dc1c2c6468b926c96eca6c8aee9",
+            "links": {
+                "self": "http://localhost:5000/v3/users/ed214dc1c2c6468b926c96eca6c8aee9"
+            },
+            "name": "glance-swift"
+        },
+        {
+            "domain_id": "default",
+            "email": "test2@example.com",
+            "enabled": true,
+            "id": "f4f6587b058a4f46a00242549b430d37",
+            "links": {
+                "self": "http://localhost:5000/v3/users/f4f6587b058a4f46a00242549b430d37"
+            },
+            "name": "swiftusertest2"
+        }
+    ]
+}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/identity-version-resp.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/identity-version-resp.json
similarity index 87%
rename from api-ref/src/wadls/identity-api/src/v3/samples/identity-version-resp.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/identity-version-resp.json
index affb2df3a..0f1d5eaa6 100644
--- a/api-ref/src/wadls/identity-api/src/v3/samples/identity-version-resp.json
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/identity-version-resp.json
@@ -3,7 +3,7 @@
         "id": "v3.4",
         "links": [
             {
-                "href": "http://localhost:35357/v3/",
+                "href": "http://localhost:5000/v3/",
                 "rel": "self"
             }
         ],
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/identity-versions-response.json b/api-ref/src/wadls/identity-api/src/v3/samples/admin/identity-versions-response.json
similarity index 90%
rename from api-ref/src/wadls/identity-api/src/v3/samples/identity-versions-response.json
rename to api-ref/src/wadls/identity-api/src/v3/samples/admin/identity-versions-response.json
index e832fa55f..5cbc45adc 100644
--- a/api-ref/src/wadls/identity-api/src/v3/samples/identity-versions-response.json
+++ b/api-ref/src/wadls/identity-api/src/v3/samples/admin/identity-versions-response.json
@@ -5,7 +5,7 @@
                 "id": "v3.4",
                 "links": [
                     {
-                        "href": "http://localhost:35357/v3/",
+                        "href": "http://localhost:5000/v3/",
                         "rel": "self"
                     }
                 ],
@@ -22,7 +22,7 @@
                 "id": "v2.0",
                 "links": [
                     {
-                        "href": "http://localhost:35357/v2.0/",
+                        "href": "http://localhost:5000/v2.0/",
                         "rel": "self"
                     },
                     {
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/notusedTokenAuthBasicRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/notusedTokenAuthBasicRequest.json
deleted file mode 100644
index b12c86c1b..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/notusedTokenAuthBasicRequest.json
+++ /dev/null
@@ -1,10 +0,0 @@
-{
-    "auth": {
-        "identity": {
-            "...": "..."
-        },
-        "scope": {
-            "...": "..."
-        }
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/samples/notusedTokenAuthGenericMethodRequest.json b/api-ref/src/wadls/identity-api/src/v3/samples/notusedTokenAuthGenericMethodRequest.json
deleted file mode 100644
index 22d847c6f..000000000
--- a/api-ref/src/wadls/identity-api/src/v3/samples/notusedTokenAuthGenericMethodRequest.json
+++ /dev/null
@@ -1,20 +0,0 @@
-{
-    "auth": {
-        "identity": {
-            "methods": [
-                "x",
-                "y",
-                "z"
-            ],
-            "x": {
-                "...": "..."
-            },
-            "y": {
-                "...": "..."
-            },
-            "z": {
-                "...": "..."
-            }
-        }
-    }
-}
diff --git a/api-ref/src/wadls/identity-api/src/v3/wadl/OS-INHERIT-v3.wadl b/api-ref/src/wadls/identity-api/src/v3/wadl/OS-INHERIT-v3.wadl
index 3501d9f51..ed50ac169 100644
--- a/api-ref/src/wadls/identity-api/src/v3/wadl/OS-INHERIT-v3.wadl
+++ b/api-ref/src/wadls/identity-api/src/v3/wadl/OS-INHERIT-v3.wadl
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
- <!-- (C) 2015 OpenStack Foundation, All Rights Reserved -->
+<!-- (C) 2015 OpenStack Foundation, All Rights Reserved    -->
 <!--*******************************************************-->
 <!-- Import Common XML Entities                            -->
 <!--                                                       -->
@@ -594,5 +594,5 @@
                 </xsdxt:sample>
             </wadl:doc>
         </representation>
-    </response> &commonFaults; &getFaults; </method>
+    </response> &getFaults; </method>
 </application>
diff --git a/api-ref/src/wadls/identity-api/src/v3/wadl/OS-KDS-v3.wadl b/api-ref/src/wadls/identity-api/src/v3/wadl/OS-KDS-v3.wadl
index ae9b7536d..43a7e83ec 100644
--- a/api-ref/src/wadls/identity-api/src/v3/wadl/OS-KDS-v3.wadl
+++ b/api-ref/src/wadls/identity-api/src/v3/wadl/OS-KDS-v3.wadl
@@ -1,11 +1,11 @@
 <?xml version="1.0" encoding="UTF-8"?>
- <!-- (C) 2015 OpenStack Foundation, All Rights Reserved -->
+<!-- (C) 2015 OpenStack Foundation, All Rights Reserved    -->
 <!--*******************************************************-->
 <!-- Import Common XML Entities                            -->
 <!--                                                       -->
-<!-- You can resolve the entities with xmllint              -->
+<!-- You can resolve the entities with xmllint             -->
 <!--                                                       -->
-<!-- xmllint -noent OS-KDS.wadl                         -->
+<!-- xmllint -noent OS-KDS.wadl                            -->
 <!--*******************************************************-->
 <!DOCTYPE application [
     <!ENTITY % common  SYSTEM "common.ent">
@@ -34,7 +34,7 @@
     <!--*******************************************************-->
     <!--             All Resources                             -->
     <!--*******************************************************-->
-    <!-- We should use SSL in production -->
+    <!-- We should use SSL in production                       -->
     <resources base="http://localhost:35357" xml:id="OS-KDS-v3">
         <!-- FYI: double slash needed in path to get a single slash to display -->
         <resource id="v1" path="//v1">
@@ -147,7 +147,7 @@
                     </wadl:doc>
                 </param>
             </representation>
-        </response> &commonFaults;
+        </response> &postPutDeleteFaults;
     </method>
     <method name="DELETE" id="deleteKey">
         <wadl:doc xml:lang="EN" xmlns="http://docbook.org/ns/docbook"
@@ -441,7 +441,8 @@
                 </wadl:doc>
             </param>
         </representation>
-    </response> &commonFaults; </method>
+    </response> &postPutDeleteFaults;
+    </method>
     <method name="GET" id="getGroupKey">
         <wadl:doc xml:lang="EN" xmlns="http://docbook.org/ns/docbook"
             title="Get group key">
@@ -474,7 +475,7 @@
                     </wadl:doc>
                 </param>
             </representation>
-        </response> &commonFaults;
+        </response> &getFaults;
     </method>
     <method name="POST" id="createGroup">
         <wadl:doc xml:lang="EN" xmlns="http://docbook.org/ns/docbook"
@@ -506,7 +507,7 @@
                     </wadl:doc>
                 </param>
             </representation>
-        </response> &commonFaults;
+        </response> &postPutDeleteFaults;
     </method>
     <method name="DELETE" id="deleteGroup">
         <wadl:doc xml:lang="EN" xmlns="http://docbook.org/ns/docbook"
@@ -516,5 +517,6 @@
             </para>
         </wadl:doc>
         <response status="204"/>
+        &postPutDeleteFaults;
     </method>
 </application>
diff --git a/api-ref/src/wadls/identity-api/src/v3/wadl/OS-OAUTH1-v3.wadl b/api-ref/src/wadls/identity-api/src/v3/wadl/OS-OAUTH1-v3.wadl
index 88d054d31..5bd02e41a 100644
--- a/api-ref/src/wadls/identity-api/src/v3/wadl/OS-OAUTH1-v3.wadl
+++ b/api-ref/src/wadls/identity-api/src/v3/wadl/OS-OAUTH1-v3.wadl
@@ -1,9 +1,9 @@
 <?xml version="1.0" encoding="UTF-8"?>
- <!-- (C) 2011-2015 OpenStack Foundation, All Rights Reserved -->
+<!-- (C) 2011-2015 OpenStack Foundation, All Rights Reserved -->
 <!--*******************************************************-->
 <!-- Import Common XML Entities                            -->
 <!--                                                       -->
-<!-- You can resolve the entities with xmllint              -->
+<!-- You can resolve the entities with xmllint             -->
 <!--                                                       -->
 <!-- xmllint -noent OS-OAUTH1.wadl                         -->
 <!--*******************************************************-->
@@ -372,7 +372,7 @@
                     </xsdxt:sample>
                 </wadl:doc>
             </representation>
-        </response> &commonFaults; </method>
+        </response> &postPutDeleteFaults; </method>
     <method name="GET" id="listConsumers">
         <wadl:doc xml:lang="EN" xmlns="http://docbook.org/ns/docbook"
             title="List consumers">
@@ -426,7 +426,7 @@
                     </xsdxt:sample>
                 </wadl:doc>
             </representation>
-        </response> &commonFaults; &getFaults; </method>
+        </response> &getFaults; </method>
     <method name="GET" id="showConsumer">
         <wadl:doc xml:lang="EN" xmlns="http://docbook.org/ns/docbook"
             title="Show consumer details">
@@ -465,7 +465,7 @@
                     </xsdxt:sample>
                 </wadl:doc>
             </representation>
-        </response> &commonFaults; &getFaults; </method>
+        </response> &getFaults; </method>
     <method name="DELETE" id="deleteConsumer">
         <wadl:doc xml:lang="EN" xmlns="http://docbook.org/ns/docbook"
             title="Delete consumer">
@@ -475,7 +475,7 @@
                 tokens, access tokens, and Identity API tokens
                 are also deleted.</para>
         </wadl:doc>
-        <response status="204"> </response> &commonFaults; </method>
+        <response status="204"> </response> &postPutDeleteFaults; </method>
     <method name="PATCH" id="updateConsumer">
         <wadl:doc xml:lang="EN" xmlns="http://docbook.org/ns/docbook"
             title="Update consumer">
@@ -529,7 +529,7 @@
                 </wadl:doc>
             </representation>
         </response>
-        &commonFaults; </method>
+        &postPutDeleteFaults; </method>
     <method name="POST" id="getUnauthorizedRequestToken">
         <wadl:doc xml:lang="EN" xmlns="http://docbook.org/ns/docbook"
             title="Get unauthorized request token">
@@ -570,7 +570,7 @@
                 </wadl:doc>
             </representation>
         </response>
-        &commonFaults; </method>
+        &postPutDeleteFaults; </method>
     <!--<method name="PUT" id="authorizeRequestToken">
         <wadl:doc xml:lang="EN" xmlns="http://docbook.org/ns/docbook"
             title="Authorize request token">
@@ -663,7 +663,7 @@
                 </wadl:doc>
             </representation>
         </response>
-        &commonFaults; </method>
+        &postPutDeleteFaults; </method>
     <method name="POST" id="authenticate">
         <wadl:doc xml:lang="EN" xmlns="http://docbook.org/ns/docbook"
             title="Get an Identity Service token">
@@ -693,7 +693,7 @@
         </request>
         <response status="200">
             <representation mediaType="application/json"/>
-        </response> &commonFaults; &getFaults; </method>
+        </response> &getFaults; </method>
     <method name="GET" id="listAuthorizedAccessTokens">
         <wadl:doc xml:lang="EN" xmlns="http://docbook.org/ns/docbook"
             title="List authorized access tokens">
@@ -747,7 +747,7 @@
                 </wadl:doc>
             </representation>
         </response>
-        &commonFaults; </method>
+        &getFaults; </method>
     <method name="GET" id="getAuthorizedAccessToken">
         <wadl:doc xml:lang="EN" xmlns="http://docbook.org/ns/docbook"
             title="Get authorized access token">
@@ -801,7 +801,7 @@
                 </wadl:doc>
             </representation>
         </response>
-        &commonFaults; </method>
+        &getFaults; </method>
     <method name="GET" id="listRolesOfAccessToken">
         <wadl:doc xml:lang="EN" xmlns="http://docbook.org/ns/docbook"
             title="List roles for an access token">
@@ -810,7 +810,7 @@
             </para>
         </wadl:doc>
         <response status="200"/>
-        &commonFaults; </method>
+        &getFaults; </method>
     <method name="GET" id="getRoleOfAccessToken">
         <wadl:doc xml:lang="EN" xmlns="http://docbook.org/ns/docbook"
             title="Show role details for an access token">
@@ -838,7 +838,7 @@
             </param>
             <representation mediaType="application/json"/>
         </response>
-        &commonFaults; </method>
+        &getFaults; </method>
     <method name="DELETE" id="revokeAccessToken">
         <wadl:doc xml:lang="EN" xmlns="http://docbook.org/ns/docbook"
             title="Revoke access token">
@@ -850,5 +850,6 @@
             </para>
         </wadl:doc>
         <response status="204"/>
+        &postPutDeleteFaults;
     </method>
 </application>
diff --git a/api-ref/src/wadls/identity-api/src/v3/wadl/OS-TRUST-v3.wadl b/api-ref/src/wadls/identity-api/src/v3/wadl/OS-TRUST-v3.wadl
index accfecb31..3bf881743 100644
--- a/api-ref/src/wadls/identity-api/src/v3/wadl/OS-TRUST-v3.wadl
+++ b/api-ref/src/wadls/identity-api/src/v3/wadl/OS-TRUST-v3.wadl
@@ -1,9 +1,9 @@
 <?xml version="1.0" encoding="UTF-8"?>
- <!-- (C) 2011-2015 OpenStack Foundation, All Rights Reserved -->
+<!-- (C) 2011-2015 OpenStack Foundation, All Rights Reserved -->
 <!--*******************************************************-->
 <!-- Import Common XML Entities                            -->
 <!--                                                       -->
-<!-- You can resolve the entities with xmllint              -->
+<!-- You can resolve the entities with xmllint             -->
 <!--                                                       -->
 <!-- xmllint -noent OS-TRUST-v3.wadl                       -->
 <!--*******************************************************-->
@@ -177,7 +177,11 @@
                     required="true">
                     <wadl:doc xml:lang="EN"
                         xmlns="http://docbook.org/ns/docbook">
-                        <para>A roles object. Includes <code>id</code>, <code>name</code>, and <code>links</code> for any roles.</para>
+                        <para>
+                            A <code>roles</code> object. Includes
+                            <code>id</code>, <code>name</code>, and
+                            <code>links</code> for any roles.
+                        </para>
                     </wadl:doc>
                 </param>
                 <param name="roles_links" style="plain" type="xsd:dict"
@@ -206,5 +210,5 @@
                     </wadl:doc>
                 </param>
             </representation>
-        </response> &commonFaults;</method>
+        </response> &postPutDeleteFaults; </method>
 </application>
diff --git a/api-ref/src/wadls/identity-api/src/v3/wadl/common.ent b/api-ref/src/wadls/identity-api/src/v3/wadl/common.ent
index 1bb899e9f..c80081d3c 100644
--- a/api-ref/src/wadls/identity-api/src/v3/wadl/common.ent
+++ b/api-ref/src/wadls/identity-api/src/v3/wadl/common.ent
@@ -1,1265 +1,309 @@
-
-     <!--
-         A collection of common faults, these are pretty much expected
-         in every request.
-     -->
+<!-- ************************************ -->
+<!-- FAULTS                               -->
+<!-- ************************************ -->
+<!-- A collection of common faults, these are pretty much expected in every request. -->
 <!ENTITY fault400 '
 <response status="400" xmlns="http://wadl.dev.java.net/2009/02"
-        xmlns:rax="http://docs.rackspace.com/api" rax:phrase="Bad Request">
+    xmlns:rax="http://docs.rackspace.com/api" rax:phrase="Bad Request">
     <representation mediaType="application/xml" element="identity:badRequest"/>
     <representation mediaType="application/json"/>
 </response>'>
 <!ENTITY fault401 '
 <response status="401" xmlns="http://wadl.dev.java.net/2009/02"
-        xmlns:rax="http://docs.rackspace.com/api" rax:phrase="Unauthorized">
+    xmlns:rax="http://docs.rackspace.com/api" rax:phrase="Unauthorized">
     <representation mediaType="application/xml" element="identity:unauthorized"/>
     <representation mediaType="application/json"/>
 </response>'>
 <!ENTITY fault403 '
 <response status="403" xmlns="http://wadl.dev.java.net/2009/02"
-        xmlns:rax="http://docs.rackspace.com/api" rax:phrase="Forbidden">
+    xmlns:rax="http://docs.rackspace.com/api" rax:phrase="Forbidden">
     <representation mediaType="application/xml" element="identity:forbidden"/>
     <representation mediaType="application/json"/>
 </response>'>
-<!ENTITY fault405 '
-<response status="405" xmlns="http://wadl.dev.java.net/2009/02"
-        xmlns:rax="http://docs.rackspace.com/api" rax:phrase="Method Not Allowed">
-    <representation mediaType="application/xml" element="identity:badMethod"/>
-    <representation mediaType="application/json"/>
-</response>'>
-<!ENTITY fault413 '
-<response status="413" xmlns="http://wadl.dev.java.net/2009/02"
-        xmlns:rax="http://docs.rackspace.com/api" rax:phrase="Request Entity Too Large">
-    <representation mediaType="application/xml" element="identity:overLimit"/>
-    <representation mediaType="application/json"/>
-</response>'>
-<!ENTITY fault503 '
-<response status="503" xmlns="http://wadl.dev.java.net/2009/02"
-        xmlns:rax="http://docs.rackspace.com/api" rax:phrase="Service Unavailable">
-    <representation mediaType="application/xml" element="identity:serviceUnavailable"/>
-    <representation mediaType="application/json"/>
-</response>'>
-<!ENTITY commonFaults '
-&fault400; &fault401; &fault403; &fault405; &fault413; &fault503;'>
-<!--
-          Faults on GET
- -->
-<!ENTITY getFaults '
+<!ENTITY fault404 '
 <response status="404" xmlns="http://wadl.dev.java.net/2009/02"
-        xmlns:rax="http://docs.rackspace.com/api" rax:phrase="Not Found">
+    xmlns:rax="http://docs.rackspace.com/api" rax:phrase="Not Found">
     <representation mediaType="application/xml"
         element="identity:itemNotFound"/>
     <representation mediaType="application/json"/>
 </response>'>
-<!--
-          Faults on POST/PUT
--->
-<!ENTITY postPutFaults '
+<!ENTITY fault405 '
+<response status="405" xmlns="http://wadl.dev.java.net/2009/02"
+    xmlns:rax="http://docs.rackspace.com/api" rax:phrase="Method Not Allowed">
+    <representation mediaType="application/xml" element="identity:badMethod"/>
+    <representation mediaType="application/json"/>
+</response>'>
+<!ENTITY fault409 '
+<response status="409" xmlns="http://wadl.dev.java.net/2009/02">
+    <representation mediaType="application/xml"
+        element="csapi:conflict"/>
+    <representation mediaType="application/json"/>
+</response>'>
+<!ENTITY fault413 '
+<response status="413" xmlns="http://wadl.dev.java.net/2009/02"
+    xmlns:rax="http://docs.rackspace.com/api" rax:phrase="Request Entity Too Large">
+    <representation mediaType="application/xml" element="identity:overLimit"/>
+    <representation mediaType="application/json"/>
+</response>'>
+<!ENTITY fault415 '
 <response status="415" xmlns="http://wadl.dev.java.net/2009/02"
-        xmlns:rax="http://docs.rackspace.com/api" rax:phrase="Unsupported Media Type">
+    xmlns:rax="http://docs.rackspace.com/api" rax:phrase="Unsupported Media Type">
     <representation mediaType="application/xml"
         element="identity:badMediaType"/>
     <representation mediaType="application/json"/>
 </response>'>
+<!ENTITY fault503 '
+<response status="503" xmlns="http://wadl.dev.java.net/2009/02"
+    xmlns:rax="http://docs.rackspace.com/api" rax:phrase="Service Unavailable">
+    <representation mediaType="application/xml" element="identity:serviceUnavailable"/>
+    <representation mediaType="application/json"/>
+</response>'>
+<!-- ************************************** -->
+<!-- Faults on GET - includes common faults -->
+<!-- ************************************** -->
+<!ENTITY getFaults '
+&fault400;
+&fault401;
+&fault403;
+&fault404;
+&fault405;
+&fault413;
+&fault503;'>
+<!-- ******************************************* -->
+<!-- Faults on POST/PUT - includes common faults -->
+<!-- ******************************************* -->
+<!ENTITY postPutDeleteFaults '
+&fault400;
+&fault401;
+&fault403;
+&fault404;
+&fault405;
+&fault409;
+&fault413;
+&fault415;
+&fault503;'>
+<!-- *************************************** -->
+<!-- REQUEST HEADERS                         -->
+<!-- *************************************** -->
+<!ENTITY AcceptRequestHeader '
+<param xmlns="http://wadl.dev.java.net/2009/02" name="Accept"
+    style="header" required="false" type="xsd:string">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            A list of one or more representation schemes that are accepted in
+            the response to this request. Use the semicolon (<code>;</code>) character to
+            separate multiple schemes. See <link
+            xlink:href="http://www.w3.org/Protocols/HTTP/HTRQ_Headers.html#z3">Accept</link>.
+        </para>
+        <para>
+            (Since v3.3) If the <code>Accept</code> request header value is
+            <code>application/json-home</code>, the call returns a <link
+            xlink:href="http://tools.ietf.org/html/draft-nottingham-json-home-00">JSON
+            Home document</link>. The JSON Home document includes all core
+            components and the resources for any enabled extensions and excludes
+            the resources for disabled extensions.
+        </para>
+        <para>
+            Note that the client must check the <code>Content-Type</code>
+            header value in the response because earlier servers return a
+            normal JSON response rather than a JSON Home document.
+        </para>
+    </wadl:doc>
+</param>'>
 <!ENTITY authTokenHeader '
 <param name="X-Auth-Token" style="header"
     xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
     required="true">
     <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN"><para>A valid
-            authentication token for an administrative
-        user.</para></wadl:doc>
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            A valid authentication token for an administrative user.
+        </para>
+    </wadl:doc>
 </param>'>
-<!ENTITY subjectTokenHeader '
+<!ENTITY subjectTokenRequestHeader '
+<param name="X-Subject-Token" style="header"
+    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
+    required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The authentication token for which you want to perform the
+            operation.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- RESPONSE HEADERS                     -->
+<!-- ************************************ -->
+<!ENTITY subjectTokenResponseHeader '
 <param name="X-Subject-Token" style="header"
     xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
     required="true">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN"><para>The token
-            ID.</para></wadl:doc>
-</param>'>
-<!-- list services parameters -->
-<!ENTITY typeQueryParam '
-<param name="type" style="query" type="xsd:string"
-    xmlns="http://wadl.dev.java.net/2009/02" required="false">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN"><para>Filters
-            by service type. Service types include compute, ec2,
-            image, and identity.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY user_idQueryParam '
-<param name="user_id" style="query" type="xsd:string"
-    xmlns="http://wadl.dev.java.net/2009/02" required="false">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN"><para>Filters
-            on user_id.</para>
-    </wadl:doc>
-</param>'>
-<!-- listGroupsParams -->
-<!ENTITY domain_idQueryParam '
-<param name="domain_id" style="query"
-    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
-    required="false">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN"><para>Filters
-            on domain_id.</para></wadl:doc>
-</param>'>
-<!ENTITY parent_idQueryParam '
-<param name="parent_id" style="query"
-    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
-    required="false">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN"><para>Filters
-            on parent_id.</para></wadl:doc>
-</param>'>
-<!--<!ENTITY addPolicyParams '-->
-<!ENTITY blobRequestParam '
-<param name="blob" style="plain" type="xsd:string"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN"><para>The
-            policy rule set itself, as a serialized blob.
-</para></wadl:doc>
-</param>'>
-<!ENTITY enabledServiceRequestParam '
-<param name="enabled" style="plain"
-    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:boolean"
-    required="false">
     <wadl:doc xmlns="http://docbook.org/ns/docbook"
         xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
         <para>
-            Enables or disables a service. If <code>true</code>, the service
-            is enabled. If <code>false</code>, the service is disabled.
-            Default is <code>true</code>.
+            The authentication token.
         </para>
-    </wadl:doc>
-</param>'>
-<!ENTITY typeRequestParam '
-<param name="type" style="plain" type="xsd:string"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
         <para>
-            The MIME media type of the serialized policy blob. From the
-            perspective of the Identity API, a policy blob can be based on any
-            technology. In OpenStack, the <code>policy.json</code> blob
-            (<code>type="application/json"</code>) is the conventional
-            solution. However, you might want to use an alternative policy
-            engine that uses a different policy language type. For example,
-            <code>type="application/xacml+xml"</code>.
+            An authentication response returns the token ID in this header
+            rather than in the response body.
         </para>
     </wadl:doc>
 </param>'>
-<!ENTITY statusParam '
-<param name="status" style="plain" type="xsd:string"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
-        <para>The status of the version. For example,
-                <code>experimental</code> or
-            <code>stable</code>.</para></wadl:doc>
-</param>'>
-<!ENTITY versionParam '
-<param name="version" style="plain" type="xsd:string"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
-        <para>
-            A <code>version</code> object.
-        </para>
-    </wadl:doc>
-</param>'>
-<!ENTITY media-typesParam '
-<param name="media-types" style="plain" type="xsd:string"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN"><para>A
-                <code>media-types</code> object, which shows the
-            supported media types.</para></wadl:doc>
-</param>'>
-<!ENTITY version-idParam '
-<param name="id" style="plain" type="xsd:string"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN"><para>The
-            version ID, such as <code>v3.0</code>.</para></wadl:doc>
-</param>'>
-<!ENTITY version-linksParam '
-<param name="links" style="plain" type="xsd:string"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN"><para>The
-            version links.</para></wadl:doc>
-</param>'>
-<!--<!ENTITY listPolicyParams '-->
-<!ENTITY blobResponseParam '
-<param name="blob" style="plain" type="xsd:string"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN"><para>The
-            policy rule set itself, as a serialized blob.</para></wadl:doc>
-</param>'>
-<!ENTITY idResponseParam '
-<param name="id" style="plain" type="csapi:uuid"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN"><para>The
-            credential ID.</para></wadl:doc>
-</param>'>
-<!ENTITY linksResponseParam '
-<param name="links" style="plain" type="csapi:dict"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN"
-            ><para>Policy links.</para></wadl:doc>
-</param>'>
-<!ENTITY project_idRequestParam '
-<param name="project_id" style="plain" type="csapi:uuid"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN"><para>The
-            UUID for the project.</para></wadl:doc>
-</param>'>
-<!ENTITY project_idQueryParam '
-<param name="project_id" style="query" type="csapi:uuid"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN"><para>Filters on the
-            UUID for a project.</para></wadl:doc>
-</param>'>
-<!ENTITY project_idResponseParam '
-<param name="project_id" style="plain" type="csapi:uuid"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN"><para>The
-            UUID for the project.</para></wadl:doc>
-</param>'>
-<!ENTITY typeRequestParam '
-<param name="type" style="plain" type="xsd:string"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN"><para>The
-            MIME media type of the serialized policy
-        blob.</para></wadl:doc>
-</param>'>
-<!ENTITY typeResponseParam '
-<param name="type" style="plain" type="xsd:string"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN"><para>The
-            MIME media type of the serialized policy
-        blob.</para></wadl:doc>
-</param>'>
-<!ENTITY user_idRequestParam '
-<param name="user_id" style="plain" type="xsd:string"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN"><para>The
-            ID of the user who owns the credential.</para></wadl:doc>
-</param>'>
-<!ENTITY user_idResponseParam '
-<param name="user_id" style="plain" type="xsd:string"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN"><para>The
-            ID of the user who owns the credential.</para></wadl:doc>
-</param>'>
-<!--<!ENTITY listEndpointsParams-->
-<!ENTITY interfaceQueryParam '
-<param name="interface" style="query"
-    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
-    required="false">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook"><para>Filters by
-            interface.</para></wadl:doc>
-</param>'>
-<!ENTITY service_idQueryParam '    
-<param name="service_id" style="query"
-    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
-    required="false">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook"><para>Filters by
-            service_id.</para></wadl:doc>
-</param>'>
-<!ENTITY descriptionResponseParam '
-<param name="description" style="plain"
-    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
-    required="false">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN"><para>The
-            description.</para></wadl:doc>
-</param>'>
-<!ENTITY enabledResponseParam '
-<param name="enabled" style="plain"
-    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:boolean"
-    required="false">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN"><para>If <code>true</code>,
-            the domain is enabled. If <code>false</code>, the domain is
-            disabled.</para></wadl:doc>
-</param>'>
-<!ENTITY idResponseParam '
-<param name="id" style="plain" type="csapi:uuid"
-    xmlns="http://wadl.dev.java.net/2009/02" required="false">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN"><para>The
-            ID for the resource.</para></wadl:doc>
-</param>'>
-<!ENTITY linksResponseParam '
-<param name="links" style="plain"
-    xmlns="http://wadl.dev.java.net/2009/02"
-    type="xsd:string" required="false">
+<!-- ************************************ -->
+<!-- TEMPLATE PARAMETERS                  -->
+<!-- ************************************ -->
+<!ENTITY credential_idTemplateParameter '
+<param name="credential_id" style="template"
+    type="capi:uuid" required="true"
+    xmlns="http://wadl.dev.java.net/2009/02">
     <wadl:doc
         xmlns="http://docbook.org/ns/docbook"
         xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        ><para>Links to the
-            resource.</para></wadl:doc>
-</param>'>
-<!ENTITY nameResponseParam '
-<param name="name" style="plain" type="xsd:string"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN"><para>The
-            name of the resource.</para></wadl:doc>
-</param>'>
-<!ENTITY nameEndpointResponseParam '
-<param name="name" style="plain" type="xsd:string"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN"><para>The
-            name of the endpoint.</para></wadl:doc>
-</param>'>
-<!ENTITY domain_idQueryParam '
-<param name="domain_id" style="query"
-    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
-    required="false">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>Filters on a domain_id.</para></wadl:doc>
-</param>'>
-<!ENTITY descriptionQueryParam '
-<param name="description" style="query"
-    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
-    required="false">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>Filters on a description.</para></wadl:doc>
-</param>'>
-<!ENTITY nameQueryParam '
-<param name="name" style="query"
-    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
-    required="false">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>Filters on a name.</para></wadl:doc>
-</param>'>
-<!ENTITY listRoleUsersParams '
-<param name="name" style="query" type="xsd:string"
-    xmlns="http://wadl.dev.java.net/2009/02" required="false">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN"
-            ><para>Filters on role name.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY enabledQueryParam '
-<param name="enabled" style="query"
-    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
-    required="false">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN"
-            ><para>Filters on enabled or disabled roles. Values are
-            <code>true</code> or <code>false</code>.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY emailQueryParam '
-<param name="email" style="query"
-    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
-    required="false">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN"
-            ><para>Filters on email.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY authRequestParam '
-<param name="auth" style="plain" type="xsd:string"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
-        <para>An <code>auth</code> object.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY identityRequestParam '
-<param name="identity" style="plain" type="xsd:string"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN"><para>An
-                <code>identity</code> object.</para></wadl:doc>
-</param>'>
-<!ENTITY methodsRequestParam '
-<param name="methods" style="plain" required="true"
- type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The authentication method, which is
-                <code>password</code> or <code>token</code>.</para>
-        <para>With password authentication, you can specify user ID
-            and password, user name and password scoped by domain ID
-            or name, or user ID and password scoped by project ID or
-            name with or without domain scope.</para>
-        <para>With token authentication, you specify the token
-            ID.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY passwordObjectRequestParam '
-<param name="password" style="plain" required="false"
-    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>A <code>password</code> object.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY tokenRequestParam '
-<param name="token" style="plain" required="false" type="xsd:string"  xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        xml:lang="EN">
         <para>
-            A <code>token</code> object. With token authentication, the
-            <code>id</code> uniquely identifies the token. This method is
-            typically used in combination with a request to change
-            authorization scope.
+            The UUID for the credential.
         </para>
     </wadl:doc>
 </param>'>
-<!ENTITY idRequestParam '
-<param name="id" style="plain" required="false" type="xsd:string"  xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>With password authentication, <code>id</code> uniquely
-            identifies the user. However, <code>name</code> uniquely
-            identifies the user when used in conjunction with a domain
-                <code>id</code> or <code>name</code>.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY userRequestParam '
-<param name="user" style="plain" required="false" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>A <code>user</code> object. Specify <code>id</code> or <code>name</code> to uniquely
-            identify the user and <code>password</code>. Use
-                <code>name</code> only in conjunction with a domain
-                <code>id</code> or <code>name</code>.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY domainRequestParam '
-<param name="domain" style="plain" required="false" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>Specify either <code>id</code> or <code>name</code> to
-            uniquely identify the domain.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY scopeRequestParam '
-<param name="scope" style="plain" required="false" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>Token can be scoped for a domain or project. Specify
-            either an <code>id</code> or <code>name</code> to uniquely
-            identify the domain or project. Use project <code>name</code> only in
-            conjunction with a domain <code>id</code> or
-                <code>name</code>.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY tokenRequestParam '
-<param name="token" style="plain" required="false" type="capi:UUID" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>A token ID. If you do not provide a token, you must
-            provide a user name and password.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY passwordRequestParam '
-<param name="password" style="plain" required="false" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The password.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY service_idRequestParam '
-<param name="service_id" style="plain" required="true" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The service ID.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY urlRequestParam '
-<param name="url" style="plain" required="true" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The service URL.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY regionRequestParam '
-<param name="region" style="plain" required="true" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The service region.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY regionIdRequestParam '
-<param name="region_id" style="plain" required="true" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The service region ID.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY nameRequestParam '
-<param name="name" style="plain" required="true" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The name.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY serviceNameRequestParam '
-<param name="name" style="plain" required="false" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The service name.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY interfaceRequestParam '
-<param name="interface" style="plain" required="true" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The interface type, which is <code>admin</code>, <code>public</code>, or <code>internal</code>.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY endpointRequestParam '
-<param name="endpoint" style="plain" required="true" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>An <code>endpoint</code> object.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY endpointsResponseParam '
-<param name="endpoints" style="plain" required="true" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>An <code>endpoints</code> object.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY enabledEndpointResponseParam '
-<param name="enabled" style="plain" required="true" type="xsd:boolean" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN"><para>If <code>true</code>,
-            the endpoint is enabled. If <code>false</code>, the endpoint is
-            disabled.</para></wadl:doc>
-</param>'>
-<!ENTITY idEndpointResponseParam '
-<param name="id" style="plain" required="true" type="csapi:uuid" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN"><para>The endpoint ID.</para></wadl:doc>
-</param>'>
-<!ENTITY linksEndpointResponseParam '
-<param name="links" style="plain" required="true" type="xsd:dict" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The endpoint links.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY service_idRequestParamOpt '
-<param name="service_id" style="plain" required="false" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The service ID.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY urlRequestParamOpt '
-<param name="url" style="plain" required="false" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The service URL.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY regionRequestParamOpt '
-<param name="region" style="plain" required="false" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The service region.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY user-nameRequestParamOpt '
-<param name="name" style="plain" required="false" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The user name.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY interfaceRequestParamOpt '
-<param name="interface" style="plain" required="false" type="xsd:string"
+<!ENTITY domain_idTemplateParameter '
+<param name="domain_id" style="template"
+    type="capi:uuid" required="true"
     xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook" xmlns:wadl="http://wadl.dev.java.net/2009/02"
+    <wadl:doc
+        xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
         xml:lang="EN">
-        <para>The interface type, which is <code>admin</code>, <code>public</code>, or
-                <code>internal</code>.</para>
+        <para>
+            The domain ID.
+        </para>
     </wadl:doc>
 </param>'>
-<!ENTITY tokenResponseParam '
-<param name="token" style="plain" required="true" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>A <code>token</code> object.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY domain-idResponseParam '
-<param name="id" style="plain" required="true" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The domain ID.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY domain-id-ForGroupsResponseParam '
-<param name="domain_id" style="plain" required="true" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The domain ID.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY domain-linksResponseParam '
-<param name="links" style="plain" required="true" type="xsd:dict" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The domain links.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY domain-nameResponseParam '
-<param name="name" style="plain" required="true" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The domain name.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY user-idResponseParam '
-<param name="id" style="plain" required="true" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The user ID.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY user-linksResponseParam '
-<param name="links" style="plain" required="true" type="xsd:dict" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The user links.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY user-nameResponseParam '
-<param name="name" style="plain" required="true" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The user name.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY serviceResponseParam '
-<param name="service" style="plain" required="true" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>A <code>service</code> object.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY servicesResponseParam '
-<param name="services" style="plain" required="true" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>A <code>services</code> object.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY enabledServiceResponseParam '
-<param name="enabled" style="plain"
-    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:boolean"
-    required="true">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN"><para>If <code>true</code>,
-            the service is enabled. If <code>false</code>, the service is
-            disabled.</para></wadl:doc>
-</param>'>
-<!ENTITY service_idResponseParam '
-<param name="id" style="plain" required="true" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook"
-        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
-        <para>The service ID.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY service_nameResponseParam '
-<param name="name" style="plain" required="true" type="xsd:string"
+<!ENTITY endpoint_idTemplateParameter '
+<param name="endpoint_id" style="template"
+    type="capi:uuid" required="true"
     xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook" xmlns:wadl="http://wadl.dev.java.net/2009/02"
+    <wadl:doc
+        xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
         xml:lang="EN">
-        <para>The service name.</para>
+        <para>
+            The endpoint ID.
+        </para>
     </wadl:doc>
 </param>'>
-<!ENTITY service_typeResponseParam '
-<param name="type" style="plain" required="true" type="xsd:string"
+<!ENTITY group_idTemplateParameter '
+<param name="group_id" style="template"
+    type="capi:uuid" required="true"
     xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook" xmlns:wadl="http://wadl.dev.java.net/2009/02"
+    <wadl:doc
+        xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
         xml:lang="EN">
-        <para>The service type.</para>
+        <para>
+            The group ID.
+        </para>
     </wadl:doc>
 </param>'>
-<!ENTITY service_typeRequestParam '
-<param name="type" style="plain" required="true" type="xsd:string"
+<!ENTITY domain-groupTemplateParameter '
+<param name="group" style="template"
+    type="capi:uuid" required="true"
     xmlns="http://wadl.dev.java.net/2009/02">
-    <wadl:doc xmlns="http://docbook.org/ns/docbook" xmlns:wadl="http://wadl.dev.java.net/2009/02"
+    <wadl:doc
+        xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
         xml:lang="EN">
-        <para>The service type.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY service_linksResponseParam '
-<param name="links" style="plain" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The service links.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY domainsResponseParam '
-<param name="domains" style="plain" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>A <code>domains</code> object.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY domain_descriptionRequestParam '
-<param name="description" style="plain" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
-    required="false">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The domain description.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY domain_enabledRequestParam '
-<param name="enabled" style="plain" type="xsd:boolean" xmlns="http://wadl.dev.java.net/2009/02"
-    required="false">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>Enables or disables a domain.</para>
         <para>
-            Set to <code>true</code> to enable the domain or <code>false</code> to disable the
-            domain.
+            The group name, which is <code>ldap</code> or
+            <code>identity</code>.
         </para>
     </wadl:doc>
 </param>'>
-<!ENTITY domain_nameRequestParam '
-<param name="name" style="plain" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The domain name.</para>
-    </wadl:doc>
-</param>'>
-<!-- create a role parameter -->
-<!ENTITY role_nameRequestParam '
-<param name="name" style="plain" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The role name.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY roleObjectResponseParam '
-<param name="role" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The <code>role</code> object.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY roleResponseParam '
-<param name="id" style="plain" type="csapi:uuid"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The role ID.</para>
-    </wadl:doc>
-</param>
-<param name="links" style="plain" type="xsd:dict"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The links for the role.</para>
-    </wadl:doc>
-</param>
-<param name="name" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The role name.</para>
-    </wadl:doc>
-</param>'>
-<!-- list roles parameter -->
-<!ENTITY rolesObjectResponseParam '
-<param name="roles" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The <code>roles</code> object.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY rolesLinksResponseParam '
-<param name="links" style="plain" type="xsd:dict"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The links for the <code>roles</code> resource.</para>
-    </wadl:doc>
-</param>'>
-<!-- create a group parameters -->
-<!ENTITY groupCreateRequestParams '
-<param name="description" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="false">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The group description.</para>
-    </wadl:doc>
-</param>
-<param name="domain_id" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="false">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The ID of the domain for the group.</para>
-    </wadl:doc>
-</param>
-<param name="name" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The group name.</para>
-    </wadl:doc>
-</param>'>
-<!-- create a group response parameters -->
-<!ENTITY groupObjectResponseParams '
-<param name="group" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The <code>group</code> object.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY groupResponseParams '
-<param name="group" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The <code>group</code> object.</para>
-    </wadl:doc>
-</param>
-<param name="description" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The group description.</para>
-    </wadl:doc>
-</param>
-<param name="domain_id" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The ID of the domain for the group.</para>
-    </wadl:doc>
-</param>
-<param name="id" style="plain" type="csapi:uuid"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The group ID.</para>
-    </wadl:doc>
-</param>
-<param name="links" style="plain" type="xsd:dict"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The links for the group.</para>
-    </wadl:doc>
-</param>
-<param name="name" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The group name.</para>
-    </wadl:doc>
-</param>'>
-<!-- create a project request parameters -->
-<!ENTITY projectCreateRequestParams '
-<param name="description" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="false">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The project description.</para>
-    </wadl:doc>
-</param>
-<param name="domain_id" style="plain" type="csapi:uuid"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="false">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The ID of the domain for the project.</para>
-    </wadl:doc>
-</param>
-<param name="parent_id" style="plain" type="csapi:uuid"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="false">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The ID of the parent project.</para>
-    </wadl:doc>
-</param>
-<param name="enabled" style="plain"
- type="xsd:boolean"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="false">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>Enables or disables a project.</para>
-        <para>
-            Set to <code>true</code> to enable the project or
-            <code>false</code> to disable the project. Default is
-            <code>true</code>.
-        </para>
-    </wadl:doc>
-</param>
-<param name="name" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The project name.</para>
-    </wadl:doc>
-</param>'>
-<!-- create a project response parameters -->
-<!ENTITY projectCreateResponseParams '
-<param name="description" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The project description.</para>
-    </wadl:doc>
-</param>
-<param name="domain_id" style="plain" type="csapi:uuid"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The ID of the domain for the project.</para>
-    </wadl:doc>
-</param>
-<param name="parent_id" style="plain" type="csapi:uuid"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The ID of the parent project.</para>
-    </wadl:doc>
-</param>
-<param name="enabled" style="plain"
- type="xsd:boolean"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns="http://docbook.org/ns/docbook"
+<!ENTITY domain-group-optionTemplateParameter '
+<param name="option" style="template"
+    type="capi:uuid" required="true"
+    xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc
+        xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
         xml:lang="EN">
         <para>
-            If set to <code>true</code>, project is enabled. If set to
-            <code>false</code>, project is disabled.
-        </para>
-    </wadl:doc>
-</param>
-<param name="id" style="plain" type="csapi:uuid"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN"><para>The
-            ID for the project.</para></wadl:doc>
-</param>
-<param name="links" style="plain" type="xsd:dict"
-    xmlns="http://wadl.dev.java.net/2009/02" required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN"><para>The
-            project links.</para></wadl:doc>
-</param>
-<param name="name" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The project name.</para>
-    </wadl:doc>
-</param>'>
-<!-- create a user request parameters -->
-<!ENTITY userCreateRequestParams '
-<param name="user" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>A <code>user</code> object.</para>
-    </wadl:doc>
-</param>
-<param name="default_project_id" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="false">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The default tenant for the new user.</para>
-    </wadl:doc>
-</param>
-<param name="description" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="false">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The user description.</para>
-    </wadl:doc>
-</param>
-<param name="domain_id" style="plain" type="csapi:uuid"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="false">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The ID of the domain for the new user.</para>
-    </wadl:doc>
-</param>
-<param name="email" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="false">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The email address for the new user.</para>
-    </wadl:doc>
-</param>
-<param name="enabled" style="plain" type="xsd:boolean"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="false">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>
-            Enables or disables the new user. To enable the user, set to
-            <code>true</code>. To disable the user, set to <code>false</code>.
-            Default is <code>true</code>.
-        </para>
-    </wadl:doc>
-</param>
-<param name="name" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The user name.</para>
-    </wadl:doc>
-</param>
-<param name="password" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="false">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The user password. Required for some authentication back ends.</para>
-    </wadl:doc>
-</param>'>
-<!-- create a user response parameters -->
-<!ENTITY userCreateResponseParams '
-<param name="user" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>A <code>user</code> object.</para>
-    </wadl:doc>
-</param>
-<param name="default_project_id" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The default tenant for the new user.</para>
-    </wadl:doc>
-</param>
-<param name="description" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The user description.</para>
-    </wadl:doc>
-</param>
-<param name="domain_id" style="plain" type="csapi:uuid"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The ID of the domain for the new user.</para>
-    </wadl:doc>
-</param>
-<param name="email" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The email address for the new user.</para>
-    </wadl:doc>
-</param>
-<param name="enabled" style="plain" type="xsd:boolean"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>
-            If the user is enabled, this value is <code>true</code>. If the
-            user is disabled, this value is <code>false</code>.
-        </para>
-    </wadl:doc>
-</param>
-<param name="name" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The user name.</para>
-    </wadl:doc>
-</param>
-<param name="id" style="plain" type="csapi:uuid"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The ID for the new user.</para>
-    </wadl:doc>
-</param>
-<param name="links" style="plain" type="xsd:dict"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The links for the new user.</para>
-    </wadl:doc>
-</param>
-<param name="password" style="plain" type="xsd:string"
- xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-     xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The user password. Required for some authentication back ends.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY regionObjectRequestParam '
-<param name="region" style="plain" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The <code>region</code> object.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY regionsObjectRequestParam '
-<param name="regions" style="plain" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The <code>regions</code> object.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY region_descriptionRequestParam '
-<param name="description" style="plain" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
-    required="false">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>The region description.</para>
-    </wadl:doc>
-</param>'>
-<!ENTITY parent_region_idRequestParam '
-<param name="parent_region_id" style="plain" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
-    required="false">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns="http://docbook.org/ns/docbook"
-        xml:lang="EN">
-        <para>
-            If the region is hierarchically a child of another region, set
-            this parameter to the ID of the parent region.
+            The option name. For the <code>ldap</code> group, a valid value is
+            <code>url</code> or <code>user_tree_dn</code>. For the
+            <code>identity</code> group, a valid value is <code>driver</code>.
         </para>
     </wadl:doc>
 </param>'>
-<!ENTITY region_idRequestParam '
-<param name="id" style="plain"
-type="xsd:string" required="false"
-xmlns="http://wadl.dev.java.net/2009/02">
-<wadl:doc
-    xmlns="http://docbook.org/ns/docbook"
-    xmlns:wadl="http://wadl.dev.java.net/2009/02"
-    xml:lang="EN">
-    <para>
-        The user-defined region ID.
-    </para>
-</wadl:doc>
+<!ENTITY policy_idTemplateParameter '
+<param name="policy_id" style="template"
+    type="xsd:string" required="true"
+    xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc
+        xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xml:lang="EN">
+        <para>
+            The policy ID.
+        </para>
+    </wadl:doc>
 </param>'>
-<!ENTITY user_defined_region_idRequestParam '
+<!ENTITY project_idTemplateParameter '
+<param name="project_id" style="template"
+    type="xsd:string" required="true"
+    xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc
+        xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xml:lang="EN">
+        <para>
+            The project ID.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY region_idTemplateParameter '
+<param name="region_id" style="template"
+    type="capi:uuid" required="true"
+    xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xml:lang="EN">
+        <para>
+            The region ID.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY role_idTemplateParameter '
+<param name="role_id" style="template"
+    type="capi:uuid" required="true"
+    xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc
+       xmlns="http://docbook.org/ns/docbook"
+       xmlns:wadl="http://wadl.dev.java.net/2009/02"
+       xml:lang="EN">
+        <para>
+            The role ID.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY service_idTemplateParameter '
+<param name="service_id" style="template"
+    type="capi:uuid" required="true"
+    xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc
+        xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xml:lang="EN">
+        <para>
+            The service ID.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user_defined_region_idTemplateParameter '
 <param name="user_defined_region_id" style="template"
-type="xsd:string" required="true"
-xmlns="http://wadl.dev.java.net/2009/02">
+    type="xsd:string" required="true"
+    xmlns="http://wadl.dev.java.net/2009/02">
 <wadl:doc
     xmlns="http://docbook.org/ns/docbook"
     xmlns:wadl="http://wadl.dev.java.net/2009/02"
@@ -1280,52 +324,3084 @@ xmlns="http://wadl.dev.java.net/2009/02">
     </para>
 </wadl:doc>
 </param>'>
-<!ENTITY RegionsResponseParams '
-<param name="description" style="plain" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
-    required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns="http://docbook.org/ns/docbook"
+<!ENTITY user_idTemplateParameter '
+<param name="user_id" style="template"
+    type="capi:uuid" required="true"
+    xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc
+        xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
         xml:lang="EN">
-        <para>The region description.</para>
+        <para>
+            The user ID.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- QUERY PARAMETERS                     -->
+<!-- ************************************ -->
+<!ENTITY descriptionQueryParameter '
+<param name="description" style="query"
+    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
+    required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            Filters the response by a specified description.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY domain_idQueryParameter '
+<param name="domain_id" style="query"
+    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
+    required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            Filters the response by a specified domain ID.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY emailQueryParameter '
+<param name="email" style="query"
+    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
+    required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
+         xml:lang="EN">
+        <para>
+            Filters the response by a specified email.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY domain-enabledQueryParameter '
+<param name="enabled" style="query"
+    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
+    required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            Filters the response by either enabled (<code>true</code>) or
+            disabled (<code>false</code>) domains.
+        </para>
+        <para>
+            Users can authorize against an enabled domain and any of its
+            projects. Users that are owned by an enabled domain can
+            authenticate and receive additional authorization.
+        </para>
+        <para>
+            Users cannot authorize against a disabled domain or any of its
+            projects. Users that are owned by a disabled domain cannot
+            authenticate or receive additional authorization. All tokens that
+            are authorized for a disabled domain or its projects become no
+            longer valid. If you reenable the domain, these tokens are not
+            reenabled.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY group-enabledQueryParameter '
+<param name="enabled" style="query"
+    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
+    required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            Filters the response by either enabled (<code>true</code>) or
+            disabled (<code>false</code>) groups.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY project-enabledQueryParameter '
+<param name="enabled" style="query"
+    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
+    required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            Filters the response by either enabled (<code>true</code>) or
+            disabled (<code>false</code>) projects.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY role-enabledQueryParameter '
+<param name="enabled" style="query"
+    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
+    required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            Filters the response by either enabled (<code>true</code>) or
+            disabled (<code>false</code>) roles.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user-enabledQueryParameter '
+<param name="enabled" style="query"
+    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
+    required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            Filters the response by either enabled (<code>true</code>) or
+            disabled (<code>false</code>) users.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY interfaceQueryParameter '
+<param name="interface" style="query"
+    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook">
+        <para>
+            Filters the response by a specified interface.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY domain-nameQueryParameter '
+<param name="name" style="query"
+    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
+    required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            Filters the response by a specified domain name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY group-nameQueryParameter '
+<param name="name" style="query"
+    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
+    required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            Filters the response by a specified group name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY project-nameQueryParameter '
+<param name="name" style="query"
+    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
+    required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            Filters the response by a specified project name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY role-nameQueryParameter '
+<param name="name" style="query"
+    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
+    required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            Filters the response by a specified role name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user-nameQueryParameter '
+<param name="name" style="query"
+    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
+    required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            Filters the response by a specified user name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY nocatalogQueryParameter '
+<param name="nocatalog" style="query" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            (Since v3.1) The authentication response excludes the service
+            catalog. By default, the response includes the service catalog.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY parent_idQueryParameter '
+<param name="parent_id" style="query"
+    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
+    required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            (Since v3.4) Filters the response by a specified parent ID.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY parent_region_idQueryParameter '
+<param name="parent_region_id" style="query"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            Filters the response by a specified parent region, by ID.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY project_idQueryParameter '
+<param name="project_id" style="query" type="csapi:uuid"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            Filters the response by a specified UUID for the project.
+         </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY service_idQueryParameter '
+<param name="service_id" style="query"
+    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:string"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook">
+        <para>
+            Filters the response by a specified service ID.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY policy-typeQueryParameter '
+<param name="type" style="query" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            Filters the response by a specified MIME media type for the
+            serialized policy blob. For example, <code>application/json</code>.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY service-typeQueryParameter '
+<param name="type" style="query" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            Filters the response by a specified service type. A valid value is
+            <code>compute</code>, <code>ec2</code>, <code>identity</code>,
+            <code>image</code>, <code>network</code>, or <code>volume</code>.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user_idQueryParameter '
+<param name="user_id" style="query" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            Filters the response by a specified user ID.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- VERSIONS                             -->
+<!-- ************************************ -->
+<!-- ************************************ -->
+<!-- VERSIONS RESPONSE PARAMETERS         -->
+<!-- ************************************ -->
+<!ENTITY common_versionResponseParameters '
+<param name="id" style="plain"
+    type="xsd:string" required="true"
+    xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc
+        xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xml:lang="EN">
+        <para>
+            The version, such as <code>v3.4</code>.
+        </para>
     </wadl:doc>
 </param>
-<param name="id" style="plain" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
+<param name="links" style="plain"
+    type="xsd:list" required="true"
+    xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc
+        xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xml:lang="EN">
+        <para>
+            A list of relational links.
+        </para>
+    </wadl:doc>
+</param>
+<param name="media-types" style="plain"
+    type="xsd:list" required="true"
+    xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc
+        xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xml:lang="EN">
+        <para>
+            A list of media types.
+        </para>
+    </wadl:doc>
+</param>
+<param name="status" style="plain"
+    type="xsd:string" required="true"
+    xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc
+        xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xml:lang="EN">
+        <para>
+            The current maturity level of the specification, which is
+            <code>stable</code> or <code>deprecated</code>.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY versionResponseParameters '
+<param name="version" style="plain"
+    type="xsd:dict" required="true"
+    xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc
+        xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xml:lang="EN">
+        <para>
+            A <code>version</code> object.
+        </para>
+    </wadl:doc>
+</param>
+&common_versionResponseParameters;'>
+<!ENTITY versionsResponseParameters '
+<param name="versions" style="plain"
+    type="xsd:dict" required="true"
+    xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc
+        xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xml:lang="EN">
+        <para>
+            A <code>versions</code> object.
+        </para>
+    </wadl:doc>
+</param>
+<param name="values" style="plain"
+    type="xsd:dict" required="true"
+    xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc
+        xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xml:lang="EN">
+        <para>
+            A dictionary of values.
+        </para>
+    </wadl:doc>
+</param>
+&common_versionResponseParameters;'>
+<!-- ************************************ -->
+<!-- CREDENTIALS                          -->
+<!-- ************************************ -->
+<!-- CREDENTIALS REQUEST PARAMETERS       -->
+<!-- ************************************ -->
+<!ENTITY credentialObjectParameter '
+<param name="credential" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            A <code>credential</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY credentialsObjectParameter '
+<param name="credentials" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            A <code>credentials</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY credential-blobRequestParameter '
+<param name="blob" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The credential itself, as a serialized blob.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY credential-project_idRequestParameter '
+<param name="project_id" style="plain" type="csapi:uuid"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The UUID for the associated project.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY credential-typeRequestParameter '
+<param name="type" style="plain" required="true" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+     xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xml:lang="EN">
+        <para>
+            The credential type, such as <code>ec2</code> or
+            <code>cert</code>. The implementation determines the list of
+            supported types.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY credential-user_idRequestParameter '
+<param name="user_id" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The ID of the user who owns the credential.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- **************************************** -->
+<!-- CREDENTIALS OPTIONAL REQUEST PARAMETERS  -->
+<!-- **************************************** -->
+<!ENTITY credential-blobRequestOptParameter '
+<param name="blob" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The credential itself, as a serialized blob.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY credential-project_idRequestOptParameter '
+<param name="project_id" style="plain" type="csapi:uuid"
+    xmlns="http://wadl.dev.java.net/2009/02" required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The UUID for the associated project.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY credential-typeRequestOptParameter '
+<param name="type" style="plain" required="false" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+     xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xml:lang="EN">
+        <para>
+            The credential type, such as <code>ec2</code> or
+            <code>cert</code>. The implementation determines the list of
+            supported types.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY credential-user_idRequestOptParameter '
+<param name="user_id" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The ID of the user who owns the credential.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- CREDENTIALS RESPONSE PARAMETERS      -->
+<!-- ************************************ -->
+<!ENTITY credential-blobResponseParameter '
+<param name="blob" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The credential itself, as a serialized blob.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY credential-typeResponseParameter '
+<param name="type" style="plain" required="true" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+     xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xml:lang="EN">
+        <para>
+            The credential type, such as <code>ec2</code> or
+            <code>cert</code>. The implementation determines the list of
+            supported types.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY credential-idResponseParameter '
+<param name="id" style="plain" type="csapi:uuid"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The UUID for the credential.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY credential-linksResponseParameter '
+<param name="links" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
     required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns="http://docbook.org/ns/docbook"
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The links for the <code>credential</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY credentials-linksResponseParameter '
+<param name="links" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The links for the <code>credentials</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY credential-project_idResponseParameter '
+<param name="project_id" style="plain" type="csapi:uuid"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The UUID for the associated project.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY credential-user_idResponseParameter '
+<param name="user_id" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The ID of the user who owns the credential.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- DOMAINS                              -->
+<!-- ************************************ -->
+<!-- ************************************ -->
+<!-- DOMAIN REQUEST PARAMETERS            -->
+<!-- ************************************ -->
+<!ENTITY domainObjectParameter '
+<param name="domain" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            A <code>domain</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY domainsObjectParameter '
+<param name="domains" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            A <code>domains</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY domain-descriptionRequestParameter '
+<param name="description" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The domain description.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY domain-enabledRequestParameter '
+<param name="enabled" style="plain" type="xsd:boolean"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            Enables or disables the domain.
+        </para>
+        <para>
+            Users can authorize against an enabled domain and any of its
+            projects. Users that are owned by an enabled domain can
+            authenticate and receive additional authorization.
+        </para>
+        <para>
+            Users cannot authorize against a disabled domain or any of its
+            projects. Users that are owned by a disabled domain cannot
+            authenticate or receive additional authorization. All tokens that
+            are authorized for a disabled domain or its projects become no
+            longer valid. If you reenable the domain, these tokens are not
+            reenabled.
+        </para>
+        <para>
+            To enable the domain, set to <code>true</code>. To disable the domain,
+            set to <code>false</code>. Default is <code>true</code>.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY domain-nameRequestParameter '
+<param name="name" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The domain name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- DOMAIN RESPONSE PARAMETERS           -->
+<!-- ************************************ -->
+<!ENTITY domain-descriptionResponseParameter '
+<param name="description" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The domain description.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY domain-enabledResponseParameter '
+<param name="enabled" style="plain" type="xsd:boolean"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            Indicates whether the domain is enabled or disabled.
+        </para>
+        <para>
+            If set to <code>true</code>, the domain is enabled. Users can
+            authorize against an enabled domain and any of its projects. Users
+            that are owned by an enabled domain can authenticate and receive
+            additional authorization.
+        </para>
+        <para>
+            If set to <code>false</code>, the domain is disabled. Users cannot
+            authorize against a disabled domain or any of its projects. Users
+            that are owned by a disabled domain cannot authenticate or receive
+            additional authorization. All tokens that are authorized for a
+            disabled domain or its projects become no longer valid. If you
+            reenable the domain, these tokens are not reenabled.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY domain-idResponseParameter '
+<param name="id" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The domain ID.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY domain-linksResponseParameter '
+<param name="links" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The links for the <code>domain</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY domains-linksResponseParameter '
+<param name="links" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The links for the <code>domains</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY domain-nameResponseParameter '
+<param name="name" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The domain name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- DOMAIN CONFIGURATION                 -->
+<!-- ************************************ -->
+<!-- ************************************ -->
+<!-- DOMAIN CONFIG REQUEST PARAMETERS     -->
+<!-- ************************************ -->
+<!ENTITY domain-configObjectParameter '
+<param name="config" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            A <code>config</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY domain-identityObjectParameter '
+<param name="identity" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            An <code>identity</code> object. Required to set the identity group configuration options.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY domain-ldapObjectParameter '
+<param name="ldap" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            An <code>ldap</code> object. Required to set the LDAP group configuration options.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY domain-driverRequestParameter '
+<param name="driver" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The Identity back-end driver.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY domain-user_tree_dnRequestParameter '
+<param name="user_tree_dn" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The base distinguished name (DN) of LDAP, from where all users can
+            be reached. For example, <code>ou=Users,dc=root,dc=org</code>.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY domain-urlRequestParameter '
+<param name="url" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The LDAP URL.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- DOMAIN CONFIG RESPONSE PARAMETERS    -->
+<!-- ************************************ -->
+<!ENTITY domain-driverResponseParameter '
+<param name="driver" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The Identity back-end driver.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY domain-user_tree_dnResponseParameter '
+<param name="user_tree_dn" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The base distinguished name (DN) of LDAP, from where all users can
+            be reached. For example, <code>ou=Users,dc=root,dc=org</code>.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY domain-urlResponseParameter '
+<param name="url" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The LDAP URL.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- ENDPOINTS                            -->
+<!-- ************************************ -->
+<!-- ENDPOINT REQUEST PARAMETERS          -->
+<!-- ************************************ -->
+<!ENTITY endpointObjectParameter '
+<param name="endpoint" style="plain" required="true"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            An <code>endpoint</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY endpointsObjectParameter '
+<param name="endpoints" style="plain" required="true"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            An <code>endpoints</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY endpoint-enabledRequestParameter '
+<param name="enabled" style="plain" required="false"
+ type="xsd:boolean" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            Defines whether the endpoint appears in the service catalog:
+        </para>
+        <itemizedlist>
+            <listitem>
+                <para>
+                    <code>false</code>. The endpoint does not appear
+                    in the service catalog.
+                </para>
+            </listitem>
+            <listitem>
+                <para>
+                    <code>true</code>. The endpoint appears in the service
+                    catalog.
+                </para>
+            </listitem>
+        </itemizedlist>
+        <para>
+            Default is <code>true</code>.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY endpoint-interfaceRequestParameter '
+<param name="interface" style="plain" required="true"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The interface type, which describes the visibility of the
+            endpoint.
+        </para>
+        <para>
+            A valid value is:
+        </para>
+        <itemizedlist>
+            <listitem>
+                <para>
+                    <code>public</code>. Visible by end users on a
+                    publicly available network interface.
+                </para>
+            </listitem>
+            <listitem>
+                <para>
+                    <code>internal</code>. Visible by end users on
+                    an unmetered internal network interface.
+                </para>
+            </listitem>
+            <listitem>
+                <para>
+                    <code>admin</code>. Visible by administrative users on a
+                    secure network interface.
+                </para>
+            </listitem>
+        </itemizedlist>
+    </wadl:doc>
+</param>'>
+<!ENTITY endpoint-nameRequestParameter '
+<param name="name" style="plain" required="true"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The endpoint name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY endpoint-regionRequestParameter '
+<param name="region" style="plain" required="false"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            (Deprecated in v3.2) The geographic location of the service
+            endpoint.
+         </para>
+         <para>
+            Use the <code>region_id</code> parameter instead.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY endpoint-region_idRequestParameter '
+<param name="region_id" style="plain" required="false"
+       type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            (Since v3.2) The ID of the region that contains the service
+            endpoint.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY endpoint-service_idRequestParameter '
+<param name="service_id" style="plain" required="true"
+    type="csapi:uuid" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The UUID of the service to which the endpoint belongs.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY endpoint-typeRequestParameter '
+<param name="type" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The endpoint type.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY endpoint-urlRequestParameter '
+<param name="url" style="plain" required="true"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The endpoint URL.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- ENDPOINT RESPONSE PARAMETERS         -->
+<!-- ************************************ -->
+<!ENTITY endpoint-enabledResponseParameter '
+<param name="enabled" style="plain" required="true"
+    type="xsd:boolean" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            Indicates whether the endpoint appears in the service catalog:
+        </para>
+        <itemizedlist>
+            <listitem>
+                <para>
+                    <code>false</code>. The endpoint does not appear
+                    in the service catalog.
+                </para>
+            </listitem>
+            <listitem>
+                <para>
+                    <code>true</code>. The endpoint appears in the service
+                    catalog.
+                </para>
+            </listitem>
+        </itemizedlist>
+    </wadl:doc>
+</param>'>
+<!ENTITY endpoint-idResponseParameter '
+<param name="id" style="plain" required="true"
+ type="csapi:uuid" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The endpoint UUID.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY endpoint-interfaceResponseParameter '
+<param name="interface" style="plain" required="true"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The interface type, which describes the visibility of the
+            endpoint.
+        </para>
+        <para>
+            Value is:
+        </para>
+        <itemizedlist>
+            <listitem>
+                <para>
+                    <code>public</code>. Visible by end users on a
+                    publicly available network interface.
+                </para>
+            </listitem>
+            <listitem>
+                <para>
+                    <code>internal</code>. Visible by end users on
+                    an unmetered internal network interface.
+                </para>
+            </listitem>
+            <listitem>
+                <para>
+                    <code>admin</code>. Visible by administrative users on a
+                    secure network interface.
+                </para>
+            </listitem>
+        </itemizedlist>
+    </wadl:doc>
+</param>'>
+<!ENTITY endpoint-linksResponseParameter '
+<param name="links" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The links for the <code>endpoint</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY endpoints-linksResponseParameter '
+<param name="links" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The links for the <code>endpoints</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY endpoint-nameResponseParameter '
+<param name="name" style="plain" required="true"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The endpoint name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY endpoint-regionResponseParameter '
+<param name="region" style="plain" required="true"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            (Deprecated in v3.2) The geographic location of the service
+            endpoint.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY endpoint-region_idResponseParameter '
+<param name="region_id" style="plain" required="true"
+       type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            (Since v3.2) The ID of the region that contains the service
+            endpoint.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY endpoint-service_idResponseParameter '
+<param name="service_id" style="plain" required="true"
+    type="csapi:uuid" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The UUID of the service to which the endpoint belongs.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY endpoint-typeResponseParameter '
+<param name="type" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The endpoint type.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY endpoint-urlResponseParameter '
+<param name="url" style="plain" required="true"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The endpoint URL.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- GROUPS                               -->
+<!-- ************************************ -->
+<!-- ************************************ -->
+<!-- GROUP REQUEST PARAMETERS             -->
+<!-- ************************************ -->
+<!ENTITY groupObjectParameter '
+<param name="group" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            A <code>group</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY groupsObjectParameter '
+<param name="groups" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            A <code>groups</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY group-descriptionRequestParameter '
+<param name="description" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The group description.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY group-domain_idRequestParameter '
+<param name="domain_id" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The ID of the domain that owns the group.
+        </para>
+        <para>
+            If you omit the domain ID, defaults to the domain to which the
+            client token is scoped.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY group-nameRequestParameter '
+<param name="name" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The group name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY group-nameRequestOptParameter '
+<param name="name" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The group name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY group-project_idRequestParameter '
+<param name="project_id" style="plain" type="csapi:uuid"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The UUID for the project.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY group-user_idRequestParameter '
+<param name="user_id" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The ID of the user who owns the credential.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- GROUP RESPONSE PARAMETERS            -->
+<!-- ************************************ -->
+<!ENTITY group-descriptionResponseParameter '
+<param name="description" style="plain"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The group description.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY group-domain_idResponseParameter '
+<param name="domain_id" style="plain" type="csapi:uuid"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The ID of the domain for the group.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY group-enabledResponseParameter '
+<param name="enabled" style="plain"
+    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:boolean"
+    required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            If <code>true</code>, the domain is enabled. If
+            <code>false</code>, the domain is disabled.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY group-idResponseParameter '
+<param name="id" style="plain" type="csapi:uuid"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The ID for the group.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY group-linksResponseParameter '
+<param name="links" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The links for the <code>group</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY groups-linksResponseParameter '
+<param name="links" style="plain"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    type="xsd:string" required="false">
+    <wadl:doc
+        xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02">
+        <para>
+            Links to the <code>groups</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY group-nameResponseParameter '
+<param name="name" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The name of the group.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- POLICIES                             -->
+<!-- ************************************ -->
+<!-- POLICY REQUEST PARAMETERS            -->
+<!-- ************************************ -->
+<!ENTITY policyObjectParameter '
+<param name="policy" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            A <code>policy</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY policiesObjectParameter '
+<param name="policies" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            A <code>policies</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY policy-blobRequestParameter '
+<param name="blob" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The policy rule set itself, as a serialized blob.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY policy-mime-typeRequestParameter '
+<param name="type" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The MIME media type of the serialized policy blob.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY policy-project_idRequestParameter '
+<param name="project_id" style="plain" type="csapi:uuid"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The UUID for the associated project.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY policy-typeRequestParameter '
+<param name="type" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The MIME media type of the serialized policy blob. From the
+            perspective of the Identity API, a policy blob can be based on any
+            technology. In OpenStack, the <code>policy.json</code> blob
+            (<code>type="application/json"</code>) is the conventional
+            solution. However, you might want to use an alternative policy
+            engine that uses a different policy language type. For example,
+            <code>type="application/xacml+xml"</code>.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY policy-user_idRequestParameter '
+<param name="user_id" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The ID of the user who owns the policy.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- POLICY RESPONSE PARAMETERS           -->
+<!-- ************************************ -->
+<!ENTITY policy-idResponseParameter '
+<param name="id" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The ID of the policy.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY policy-linksResponseParameter '
+<param name="links" style="plain" type="csapi:dict"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The links for the <code>policy</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY policies-linksResponseParameter '
+<param name="links" style="plain" type="csapi:dict"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The links for the <code>policies</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY policy-mime-typeResponseParameter '
+<param name="type" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The MIME media type of the serialized policy blob.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY policy-project_idResponseParameter '
+<param name="project_id" style="plain" type="csapi:uuid"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The UUID for the associated project.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY policy-rule-blobResponseParameter '
+<param name="blob" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The policy rule itself, as a serialized blob.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY policy-user_idResponseParameter '
+<param name="user_id" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The ID of the user who owns the policy.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- PROJECTS                             -->
+<!-- ************************************ -->
+<!-- ************************************ -->
+<!-- PROJECT REQUEST PARAMETERS           -->
+<!-- ************************************ -->
+<!ENTITY projectObjectParameter '
+<param name="project" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            A <code>project</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY projectsObjectParameter '
+<param name="projects" style="plain" type="xsd:dict"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            A <code>projects</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY project-descriptionRequestParameter '
+<param name="description" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The project description.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY project-domain_idRequestParameter '
+<param name="domain_id" style="plain" type="csapi:uuid"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The ID of the domain for the project.
+        </para>
+        <para>
+            If you omit the domain ID, default is the domain to which your
+            token is scoped.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY project-enabledRequestParameter '
+<param name="enabled" style="plain"
+    type="xsd:boolean"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            Enables or disables the project.
+        </para>
+        <para>
+            Users can authorize against an enabled project.
+        </para>
+        <para>
+            Users cannot authorize against a disabled project. All tokens that
+            are authorized for a disabled project become no longer valid. If
+            you reenable the project, these tokens are not reenabled.
+        </para>
+        <para>
+            To enable the project, set to <code>true</code>. To disable the project,
+            set to <code>false</code>. Default is <code>true</code>.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY project-cascade-enabledRequestParameter '
+<param name="enabled" style="plain"
+    type="xsd:boolean"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            Enables or disables the project and its subtree.
+        </para>
+        <para>
+            Users can authorize against an enabled project.
+        </para>
+        <para>
+            Users cannot authorize against a disabled project. All tokens that
+            are authorized for a disabled project become no longer valid. If
+            you reenable the project, these tokens are not reenabled.
+        </para>
+        <para>
+            To enable the project and its subtree, set to <code>true</code>.
+            To disable the project and its subtree, set to <code>false</code>.
+            Default is <code>true</code>.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY project-is_domainRequestParameter '
+<param name="is_domain" style="plain" type="xsd:boolean"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            (Since v3.6) Indicates whether the project also acts as a domain.
+        </para>
+        <para>
+            Set to <code>true</code> to define this project as both a project
+            and domain. As a domain, the project provides a name space in
+            which you can create users, groups, and other projects.
+        </para>
+        <para>
+            Set to <code>false</code> to define this project as a regular
+            project that contains only resources.
+        </para>
+        <para>
+            Default is <code>false</code>.
+        </para>
+        <para>
+            You cannot update this parameter after you create the project.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY project-nameRequestParameter '
+<param name="name" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The project name, which must be unique within the owning domain.
+            The project can have the same name as its domain.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY project-nameRequestOptParameter '
+<param name="name" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The project name, which must be unique within the owning domain.
+            The project can have the same name as its domain.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY project-parent_idRequestParameter '
+<param name="parent_id" style="plain" type="csapi:uuid"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            (Since v3.4) The ID of the parent project.
+        </para>
+        <para>
+            If you omit the parent project ID, the project is a top-level
+            project.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- PROJECT RESPONSE PARAMETERS          -->
+<!-- ************************************ -->
+<!ENTITY project-descriptionResponseParameter '
+<param name="description" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The project description.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY project-domain_idResponseParameter '
+<param name="domain_id" style="plain" type="csapi:uuid"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The ID of the domain for the project.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY project-enabledResponseParameter '
+<param name="enabled" style="plain"
+     type="xsd:boolean"
+     xmlns="http://wadl.dev.java.net/2009/02"
+     required="true">
+    <wadl:doc
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            If set to <code>true</code>, project is enabled. If set to
+            <code>false</code>, project is disabled.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY project-idResponseParameter '
+<param name="id" style="plain" type="csapi:uuid"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The ID for the project.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY project-is_domainResponseParameter '
+<param name="is_domain" style="plain" type="xsd:boolean"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            (Since v3.6) Indicates whether the project also acts as a domain.
+        </para>
+        <para>
+            If set to <code>true</code>, this project acts as both a project
+            and domain. As a domain, the project provides a name space in
+            which you can create users, groups, and other projects.
+        </para>
+        <para>
+            Otherwise, this field does not appear in the response and this
+            project behaves as a regular project that contains only resources.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY project-linksResponseParameter '
+<param name="links" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The links for the <code>project</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY projects-linksResponseParameter '
+<param name="links" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The links for the <code>projects</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY project-nameResponseParameter '
+<param name="name" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The project name. The project can have the same name as its
+            domain.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY project-parent_idResponseParameter '
+<param name="parent_id" style="plain" type="csapi:uuid"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            (Since v3.4) The ID of the parent project. If <code>null</code>,
+            the project is a top-level project.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- REGIONS                              -->
+<!-- ************************************ -->
+<!-- REGION REQUEST PARAMETERS            -->
+<!-- ************************************ -->
+<!ENTITY regionObjectParameter '
+<param name="region" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            A <code>region</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY regionsObjectParameter '
+<param name="regions" style="plain" type="xsd:string"
+        xmlns="http://wadl.dev.java.net/2009/02"
+        required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            A <code>regions</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY region-descriptionRequestParameter '
+<param name="description" style="plain"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The region description.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY region-idRequestParameter '
+<param name="id" style="plain"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            A user-defined region ID.
+        </para>
+        <para>
+            If you include characters in the region ID that are not allowed in
+            a URI, you must URL-encode the ID. If you omit an ID, the API
+            assigns an ID to the region.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY region-parent_region_idRequestParameter '
+<param name="parent_region_id" style="plain"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            To make this region a child of another region, set this parameter
+            to the ID of the parent region.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- REGION RESPONSE PARAMETERS           -->
+<!-- ************************************ -->
+<!ENTITY region-descriptionResponseParameter '
+<param name="description" style="plain"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The region description.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY region-idResponseParameter '
+<param name="id" style="plain" type="xsd:string"
+ xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
         xml:lang="EN">
         <para>
             The ID for the region.
         </para>
     </wadl:doc>
-</param>
+</param>'>
+<!ENTITY region-linksResponseParameter '
 <param name="links" style="plain" type="xsd:string"
     xmlns="http://wadl.dev.java.net/2009/02" required="true">
     <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN"><para>The
-         links for the region.</para></wadl:doc>
-</param>
-<param name="parent_region_id" style="plain" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The links for the <code>region</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY regions-linksResponseParameter '
+<param name="links" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The links for the <code>regions</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY region-parent_region_idResponseParameter '
+<param name="parent_region_id" style="plain" type="xsd:string"
+ xmlns="http://wadl.dev.java.net/2009/02"
     required="true">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns="http://docbook.org/ns/docbook"
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
         xml:lang="EN">
         <para>
-            The ID for the parent region.
+            If the region is a child of another region, the ID for the parent
+            region. Otherwise, this value is <code>null</code>.
         </para>
     </wadl:doc>
 </param>'>
-<!ENTITY parent_region_idQueryParam '
-<param name="parent_region_id" style="query" type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
+<!-- ************************************ -->
+<!-- ROLES                                -->
+<!-- ************************************ -->
+<!-- ************************************ -->
+<!-- ROLE REQUEST PARAMETERS              -->
+<!-- ************************************ -->
+<!ENTITY roleObjectParameter '
+<param name="role" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            A <code>role</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY rolesObjectParameter '
+<param name="roles" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            A <code>roles</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY role-nameRequestParameter '
+<param name="name" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The role name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- ROLE RESPONSE PARAMETERS             -->
+<!-- ************************************ -->
+<!ENTITY role-idResponseParameter '
+<param name="id" style="plain" type="csapi:uuid"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The role ID.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY role-linksResponseParameter '
+<param name="links" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The links for the <code>role</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY roles-linksResponseParameter '
+<param name="links" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The links for the <code>roles</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY role-nameResponseParameter '
+<param name="name" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The role name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- SERVICES                             -->
+<!-- ************************************ -->
+<!-- SERVICE REQUEST PARAMETERS           -->
+<!-- ************************************ -->
+<!ENTITY serviceObjectParameter '
+<param name="service" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            A <code>service</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY servicesObjectParameter '
+<param name="services" style="plain" required="true"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            A <code>services</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY service-descriptionRequestParameter '
+<param name="description" style="plain"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
     required="false">
-    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02" xmlns="http://docbook.org/ns/docbook"
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
         xml:lang="EN">
         <para>
-            Filters the results by a parent region, by ID.
+            The service description.
         </para>
     </wadl:doc>
 </param>'>
-<!ENTITY RegionLinksResponseParam '
+<!ENTITY service-enabledRequestParameter '
+<param name="enabled" style="plain"
+    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:boolean"
+    required="false">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            Defines whether the service and its endpoints appear in the
+            service catalog:
+        </para>
+        <itemizedlist>
+            <listitem>
+                <para>
+                    <code>false</code>. The service and its endpoints do not appear
+                    in the service catalog.
+                </para>
+            </listitem>
+            <listitem>
+                <para>
+                    <code>true</code>. The service and its endpoints appear in the service
+                    catalog.
+                </para>
+            </listitem>
+        </itemizedlist>
+        <para>
+            Default is <code>true</code>.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY service-nameRequestParameter '
+<param name="name" style="plain" required="false"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The service name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY service-region_idRequestParameter '
+<param name="region_id" style="plain" required="true"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            (Since v3.2) The ID of the region that contains the service
+            endpoint.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY service-service_idRequestParameter '
+<param name="service_id" style="plain" required="false"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The service ID.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY service-typeRequestParameter '
+<param name="type" style="plain" required="true" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+     xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xml:lang="EN">
+        <para>
+            The service type, which describes the API implemented by the
+            service.
+        </para>
+        <para>
+            A valid value is <code>compute</code>, <code>ec2</code>,
+            <code>identity</code>, <code>image</code>, <code>network</code>,
+            or <code>volume</code>.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY service-urlRequestParameter '
+<param name="url" style="plain" required="false"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The service URL.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- SERVICE RESPONSE PARAMETERS          -->
+<!-- ************************************ -->
+<!ENTITY service-descriptionResponseParameter '
+<param name="description" style="plain"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The service description.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY service-enabledResponseParameter '
+<param name="enabled" style="plain"
+    xmlns="http://wadl.dev.java.net/2009/02" type="xsd:boolean"
+    required="true">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            Defines whether the service and its endpoints appear in the
+            service catalog:
+        </para>
+        <itemizedlist>
+            <listitem>
+                <para>
+                    <code>false</code>. The service and its endpoints do not appear
+                    in the service catalog.
+                </para>
+            </listitem>
+            <listitem>
+                <para>
+                    <code>true</code>. The service and its endpoints appear in the service
+                    catalog.
+                </para>
+            </listitem>
+        </itemizedlist>
+    </wadl:doc>
+</param>'>
+<!ENTITY service-idResponseParameter '
+<param name="id" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The ID of the service.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY service-linksResponseParameter '
+<param name="links" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The links for the <code>service</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY services-linksResponseParameter '
 <param name="links" style="plain" type="xsd:string"
     xmlns="http://wadl.dev.java.net/2009/02" required="true">
     <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
-        xmlns="http://docbook.org/ns/docbook" xml:lang="EN"><para>The
-             links for the regions resource.</para></wadl:doc>
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            The links for the <code>services</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY service-nameResponseParameter '
+<param name="name" style="plain" required="true" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xml:lang="EN">
+        <para>
+            The service name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY service-regionResponseParameter '
+<param name="region" style="plain" required="true"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The service region.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY service-region_idResponseParameter '
+<param name="region_id" style="plain" required="true"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The service region ID.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY service-typeResponseParameter '
+<param name="type" style="plain" required="true" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+     xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xml:lang="EN">
+        <para>
+            The service type, which describes the API implemented by the
+            service. Value is <code>compute</code>, <code>ec2</code>,
+            <code>identity</code>, <code>image</code>, <code>network</code>,
+            or <code>volume</code>.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- TOKENS                               -->
+<!-- ************************************ -->
+<!-- TOKEN REQUEST PARAMETERS             -->
+<!-- ************************************ -->
+<!ENTITY authObjectParameter '
+<param name="auth" style="plain" type="xsd:dict"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            An <code>auth</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY auth-methods-tokenRequestParameter '
+<param name="methods" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The authentication method. For token authentication,
+            specify <code>token</code>.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY auth-methods-passwordRequestParameter '
+<param name="methods" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The authentication method. For password authentication,
+            specify <code>password</code>.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY auth-scopeRequestParameter '
+<param name="scope" style="plain" required="false"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xml:lang="EN">
+        <para>
+            The authorization scope.
+        </para>
+        <itemizedlist>
+            <listitem>
+                <para>
+                    Specify <code>project</code> to scope to a project, by ID
+                    or name. If you specify the project by name, you must also
+                    specify the project domain to uniquely identify the
+                    project. Because a project can have the same name as its
+                    owning domain, the scope is determined, as follows:
+                </para>
+                <itemizedlist>
+                    <listitem>
+                        <para>
+                            If the project name is truly unique, the token is
+                            scoped to the project.
+                        </para>
+                    </listitem>
+                    <listitem>
+                        <para>
+                            If a name clash exists between a project acting as a
+                            domain and a regular project within that domain, the token
+                            is scoped to the regular project.
+                        </para>
+                    </listitem>
+                    <listitem>
+                        <para>
+                            In a name-clash situation, if the user wants the token
+                            scoped to the project acting as the domain, you must
+                            either specify use the project ID to specify the scope or
+                            rename either the project acting as a domain or the
+                            regular project.
+                        </para>
+                    </listitem>
+                </itemizedlist>
+                <para>
+                    Alternatively, you can use a domain name to uniquely
+                    identify the project.
+                </para>
+            </listitem>
+            <listitem>
+                <para>
+                    Specify <code>domain</code> to scope to a domain, by ID
+                    or name with equivalent results to project scoping. The
+                    catalog returned from a domain-scoped request contains all
+                    endpoints of a project-scoped catalog, excluding ones that
+                    require a project ID as part of their URL.
+                </para>
+            </listitem>
+        </itemizedlist>
+        <para>
+            You cannot simultaneously scope a token to a project and domain.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY auth-unscopedRequestParameter '
+<param name="scope" style="plain" required="false"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xml:lang="EN">
+        <para>
+            The authorization scope.
+        </para>
+        <para>
+            (Since v3.4) Specify <code>unscoped</code> to make an explicit
+            unscoped token request, which returns an unscoped response without any
+            authorization. This request behaves the same as a token request with no scope
+            where the user has no default project defined.
+        </para>
+        <para>
+            If you do not make an explicit <code>unscoped</code> token request
+            and your role has a default project, the response might return a
+            project-scoped token. If a default project is not defined, a token
+            is issued without an explicit scope of authorization, which is the
+            same as asking for an explicit unscoped token.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY identityObjectParameter '
+<param name="identity" style="plain" type="xsd:dict"
+    xmlns="http://wadl.dev.java.net/2009/02" required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+        <para>
+            An <code>identity</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY passwordObjectParameter '
+<param name="password" style="plain" required="false"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            A <code>password</code> object. If specified, the password
+            authentication method is used.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY passwordObjectRequestParameter '
+<param name="password" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            A <code>password</code> object. The password authentication method
+            is used.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY tokenObjectRequestParameter '
+<param name="token" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            A <code>token</code> object. The token authentication method is
+            used. This method is typically used in combination with a request
+            to change authorization scope.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY tokenObjectParameter '
+<param name="token" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            A <code>token</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY token-idRequestParameter '
+<param name="id" style="plain" required="false"
+ type="capi:UUID" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            A token ID.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY password-auth-passwordRequestParameter '
+<param name="password" style="plain" required="true"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The password for the user.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY password-auth-user-idRequestParameter '
+<param name="id" style="plain" required="false"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The ID of the user.
+        </para>
+        <para>
+            Required if you do not specify the user name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY password-auth-user-nameRequestParameter '
+<param name="name" style="plain" required="false"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The user name.
+        </para>
+        <para>
+            Required if you do not specify the ID of the user.
+        </para>
+        <para>
+            If you specify the user name, you must also specify the domain, by
+            ID or name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY password-auth-domainRequestParameter '
+<param name="domain" style="plain" required="false"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            A <code>domain</code> object. Required if you specify a user name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY password-auth-domain-idRequestParameter '
+<param name="id" style="plain" required="false"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The ID of the domain.
+        </para>
+        <para>
+            If you specify a user name, you must specify
+            either a domain ID or domain name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY password-auth-domain-nameRequestParameter '
+<param name="name" style="plain" required="false"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The name of the domain.
+        </para>
+        <para>
+            If you specify a user name, you must specify
+            either a domain ID or domain name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY password-auth-passwordRequestParameter '
+<param name="password" style="plain" type="xsd:string"
+ xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The user password.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- TOKEN RESPONSE PARAMETERS            -->
+<!-- ************************************ -->
+<!ENTITY auth-domainResponseParameter '
+<param name="domain" style="plain" required="false"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            Specify either <code>id</code> or <code>name</code> to uniquely
+            identify the domain.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY auth-domain-idResponseParameter '
+<param name="id" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The domain ID.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY auth-domain-linksResponseParameter '
+<param name="links" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The links for the <code>domain</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY auth-domain-nameResponseParameter '
+<param name="name" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The domain name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY auth-methodsResponseParameter '
+<param name="methods" style="plain" required="true"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The authentication method, which is <code>password</code>,
+            <code>token</code>, or both methods.
+        </para>
+        <para>
+            Indicates the accumulated set of authentication methods that were
+            used to obtain the token. For example, if the token was obtained
+            by password authentication, it contains <code>password</code>.
+            Later, if the token is exchanged by using the token authentication
+            method one or more times, the subsequently created tokens contain
+            both <code>password</code> and <code>token</code> in their
+            <code>methods</code> attribute.
+        </para>
+        <para>
+            Unlike multifactor authentication, the <code>methods</code>
+            attribute merely indicates the methods that were used to
+            authenticate the user for a specified token. The client is
+            responsible for determining the total number of authentication
+            factors.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY catalogObjectParameter '
+<param name="catalog" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            A <code>catalog</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY rolesResponseParameter '
+<param name="roles" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            A <code>roles</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY roles-idResponseParameter '
+<param name="id" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The ID for the role.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY roles-nameResponseParameter '
+<param name="name" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The role name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY auth-group-idResponseParameter '
+<param name="id" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The group ID.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY auth-user-idResponseParameter '
+<param name="id" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The user ID.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY auth-user-linksResponseParameter '
+<param name="links" style="plain" type="xsd:dict"
+ xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The links for the <code>user</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY auth-user-nameResponseParameter '
+<param name="name" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The user name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY tokenObjectParameter '
+<param name="token" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            A <code>token</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY extrasResponseParameter '
+<param name="extras" style="plain" required="true"
+    type="xsd:list" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            A set of metadata key and value pairs, if any.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY audit_idsResponseParameter '
+<param name="audit_ids" style="plain" required="true"
+    type="xsd:list" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            A list of one or two audit IDs. An audit ID is a unique, randomly
+            generated, urlsafe string that you can use to track a token.
+        </para>
+        <para>
+            The first audit ID is the current audit ID for the token.
+        </para>
+        <para>
+            The second audit ID is present for only rescoped tokens and is the
+            audit ID from the token before it was rescoped. A rescoped token
+            is one that was exchanged for another token of the same or
+            different scope.
+        </para>
+        <para>
+            You can use these audit IDs to track the use of a token or chain
+            of tokens across multiple requests and endpoints without exposing
+            the token ID to non-privileged users.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY password-auth-userResponseParameter '
+<param name="user" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            A <code>user</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY password-auth-user-idResponseParameter '
+<param name="id" style="plain" required="true"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The ID of the user.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY password-auth-user-nameResponseParameter '
+<param name="name" style="plain" required="true"
+    type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The user name.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY password-auth-domainResponseParameter '
+<param name="domain" style="plain" required="true"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            A <code>domain</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY password-auth-domain-idResponseParameter '
+<param name="id" style="plain" required="true"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The ID of the domain.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY password-auth-domain-nameResponseParameter '
+<param name="name" style="plain" required="true"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The name of the domain.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- USERS                                -->
+<!-- ************************************ -->
+<!-- USER REQUEST PARAMETERS              -->
+<!-- ************************************ -->
+<!ENTITY userObjectParameter '
+<param name="user" style="plain" type="xsd:dict"
+ xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            A <code>user</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY usersObjectParameter '
+<param name="users" style="plain" required="false"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            A <code>users</code> object.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user-default_project_idRequestParameter '
+<param name="default_project_id" style="plain" type="xsd:string"
+    xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+        xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The ID of the default project for the user.
+        </para>
+        <para>
+            Setting this attribute does not grant any actual
+            authorization on the project, and is merely provided for
+            convenience. Therefore, the referenced project does not need to
+            exist within the user domain.
+        </para>
+        <para>
+            (Since v3.1) If the user does not have authorization to their
+            default project, the default project is ignored at token
+            creation.
+        </para>
+        <para>
+            (Since v3.1) Additionally, if your default project is
+            not valid, a token is issued without an explicit scope of
+            authorization.         
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user-descriptionRequestParameter '
+<param name="description" style="plain" type="xsd:string"
+ xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The user description.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user-domain_idRequestParameter '
+<param name="domain_id" style="plain" type="xsd:string"
+ xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The ID of the domain for the user.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user-emailRequestParameter '
+<param name="email" style="plain" type="xsd:string"
+ xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The email address for the user.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user-enabledRequestParameter '
+<param name="enabled" style="plain" type="xsd:boolean"
+ xmlns="http://wadl.dev.java.net/2009/02"
+    required="false">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            Enables or disables the user.
+        </para>
+        <para>
+            An enabled user can authenticate and receive authorization.
+        </para>
+        <para>
+            A disabled user cannot authenticate or receive authorization.
+            Additionally, all tokens that the user holds become no longer
+            valid. If you reenable this user, pre-existing tokens do not
+            become valid.
+        </para>
+        <para>
+            To enable the user, set to <code>true</code>. To disable the user,
+            set to <code>false</code>. Default is <code>true</code>.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user-nameRequestParameter '
+<param name="name" style="plain" type="xsd:string"
+ xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The user name, which must be unique within the owning domain.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user-passwordRequestParameter '
+<param name="password" style="plain" type="xsd:string"
+ xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The user password.
+        </para>
+    </wadl:doc>
+</param>'>
+<!-- ************************************ -->
+<!-- USER RESPONSE PARAMETERS             -->
+<!-- ************************************ -->
+<!ENTITY user-default_project_idResponseParameter '
+<param name="default_project_id" style="plain" type="xsd:string"
+ xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The ID of the default project for the user.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user-descriptionResponseParameter '
+<param name="description" style="plain" type="xsd:string"
+ xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The user description.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user-domain_idResponseParameter '
+<param name="domain_id" style="plain" type="xsd:string"
+ xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The ID of the domain for the user.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user-emailResponseParameter '
+<param name="email" style="plain" type="xsd:string"
+ xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The email address for the user.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user-enabledResponseParameter '
+<param name="enabled" style="plain" type="xsd:boolean"
+ xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            If the user is enabled, this value is <code>true</code>. If the
+            user is disabled, this value is <code>false</code>.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user-idResponseParameter '
+<param name="id" style="plain" type="csapi:uuid"
+ xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The ID for the user.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user-linksResponseParameter '
+<param name="links" style="plain" type="xsd:dict"
+ xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The links for the <code>user</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY users-linksResponseParameter '
+<param name="links" style="plain" type="xsd:dict"
+ xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The links for the <code>users</code> resource.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user-nameResponseParameter '
+<param name="name" style="plain" type="xsd:string"
+ xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The user name. Must be unique withint the domain.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user-passwordResponseParameter '
+<param name="password" style="plain" type="xsd:string"
+ xmlns="http://wadl.dev.java.net/2009/02"
+    required="true">
+    <wadl:doc xmlns:wadl="http://wadl.dev.java.net/2009/02"
+     xmlns="http://docbook.org/ns/docbook"
+        xml:lang="EN">
+        <para>
+            The user password. Required for some authentication back ends.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user-new-passwordRequestParameter '
+<param name="password" style="plain" required="false"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The new password for the user.
+        </para>
+    </wadl:doc>
+</param>'>
+<!ENTITY user-old-passwordRequestParameter '
+<param name="original_password" style="plain" required="false"
+ type="xsd:string" xmlns="http://wadl.dev.java.net/2009/02">
+    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+        xmlns:wadl="http://wadl.dev.java.net/2009/02" xml:lang="EN">
+        <para>
+            The original password for the user.
+        </para>
+    </wadl:doc>
 </param>'>
diff --git a/api-ref/src/wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl b/api-ref/src/wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl
index 71ebfe7f6..9a28ffe60 100644
--- a/api-ref/src/wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl
+++ b/api-ref/src/wadls/identity-api/src/v3/wadl/identity-admin-v3.wadl
@@ -1,19 +1,20 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!-- (C) 2011-2015 OpenStack Foundation, All Rights Reserved -->
-<!--*******************************************************-->
+<!-- ***************************************************** -->
 <!-- Import Common XML Entities                            -->
 <!--                                                       -->
 <!-- You can resolve the entities with xmllint             -->
 <!--                                                       -->
 <!-- xmllint -noent identity-admin-v3.wadl                 -->
-<!--*******************************************************-->
+<!-- ***************************************************** -->
 <!DOCTYPE application [
     <!ENTITY % common  SYSTEM "common.ent">
     %common;
     <!ENTITY % common_project  SYSTEM "../../../../common_project.ent">
     %common_project;
 ]>
-<application xmlns="http://wadl.dev.java.net/2009/02"
+<application
+    xmlns="http://wadl.dev.java.net/2009/02"
     xmlns:wadl="http://wadl.dev.java.net/2009/02"
     xmlns:identity="http://docs.openstack.org/identity/api/v3"
     xmlns:capi="http://docs.openstack.org/common/api/v1.0"
@@ -25,346 +26,222 @@
     xmlns:db="http://docbook.org/ns/docbook"
     xsi:schemaLocation="http://docs.openstack.org/identity/api/v3 ../xsd/api.xsd
     http://docs.openstack.org/common/api/v1.0 ../xsd/api-common.xsd
-    http://wadl.dev.java.net/2009/02 http://www.w3.org/Submission/wadl/wadl.xsd
-    ">
+    http://wadl.dev.java.net/2009/02 http://www.w3.org/Submission/wadl/wadl.xsd">
     <grammars>
         <include href="../xsd/api.xsd"/>
         <include href="../xsd/api-common.xsd"/>
     </grammars>
-    <!--*******************************************************-->
+    <!-- ***************************************************** -->
     <!--             All Resources                             -->
-    <!--*******************************************************-->
-    <!-- We should use SSL in production -->
-    <resources base="http://localhost:35357"
-        xml:id="os-identity-admin-v3">
+    <!-- ***************************************************** -->
+    <!-- We should use SSL in production                       -->
+    <resources base="http://localhost:35357" xml:id="os-identity-admin-v3">
         <!-- FYI: double slash needed in path to get a single slash to display -->
         <resource id="versions" path="//">
-            <method href="#getVersions-identity-v3"/>
+            <method href="#listIdentityVersions"/>
         </resource>
         <resource id="version" path="//v3">
-            <method href="#showVersionDetails-identity-v3"/>
-            <resource id="tokens" path="auth/tokens">
-                <method href="#authenticate"/>
-                <method href="#validateTokens"/>
-                <method href="#checkTokens"/>
-                <method href="#revokeTokens"/>
-            </resource>
-            <resource id="os-pki" path="OS-PKI/revoked">
-                <method href="#listRevokedTokens"/>
-            </resource>
-            <resource id="services" path="services"> &authTokenHeader;
-                <method href="#createService"/>
-                <method href="#listServices"/>
-                <resource id="service_id" path="{service_id}">
-                    <param name="service_id" style="template"
-                        type="capi:uuid" required="true"
-                        xmlns="http://wadl.dev.java.net/2009/02">
-                        <wadl:doc
-                            xmlns="http://docbook.org/ns/docbook"
-                            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                            xml:lang="EN"><para>The service
-                            ID.</para></wadl:doc>
-                    </param>
-                    <method href="#getService"/>
-                    <method href="#updateService"/>
-                    <method href="#deleteService"/>
-                </resource>
-            </resource>
-            <resource id="endpoints" path="endpoints">
-                &authTokenHeader; <method href="#createEndpoint"/>
-                <method href="#listEndpoints"/>
-                <resource id="endpoint_id" path="{endpoint_id}">
-                    <param name="endpoint_id" style="template"
-                        type="capi:uuid" required="true"
-                        xmlns="http://wadl.dev.java.net/2009/02">
-                        <wadl:doc
-                            xmlns="http://docbook.org/ns/docbook"
-                            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                            xml:lang="EN"><para>The endpoint
-                                ID.</para></wadl:doc>
-                    </param>
-                    <method href="#updateEndpoint"/>
-                    <method href="#deleteEndpoint"/>
-                </resource>
-            </resource>
-            <resource id="domains" path="domains">
-                &authTokenHeader; <method href="#createDomain"/>
-                <method href="#listDomains"/>
-                <resource id="domain_id" path="{domain_id}">
-                    <param name="domain_id" style="template"
-                        type="capi:uuid" required="true"
-                        xmlns="http://wadl.dev.java.net/2009/02">
-                        <wadl:doc
-                            xmlns="http://docbook.org/ns/docbook"
-                            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                            xml:lang="EN"><para>The domain
-                            ID.</para></wadl:doc>
-                    </param>
-                    <method href="#getDomain"/>
-                    <method href="#updateDomain"/>
-                    <method href="#deleteDomain"/>
-                    <resource id="users_user_id_roles"
-                        path="users/{user_id}/roles">
-                        <param name="user_id" style="template"
-                            type="capi:uuid" required="true"
-                            xmlns="http://wadl.dev.java.net/2009/02">
-                            <wadl:doc
-                                xmlns="http://docbook.org/ns/docbook"
-                                xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                                xml:lang="EN"><para>The user
-                                   ID.</para></wadl:doc>
-                        </param>
-                        <method href="#listDomainUserRoles"/>
-                        <resource id="role_id-domainusers"
-                            path="{role_id}">
-                            <param name="role_id" style="template"
-                                type="capi:uuid" required="true"
-                                xmlns="http://wadl.dev.java.net/2009/02">
-                                <wadl:doc
-                                   xmlns="http://docbook.org/ns/docbook"
-                                   xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                                   xml:lang="EN"><para>The role
-                                   ID.</para></wadl:doc>
-                            </param>
-                            <method href="#grantDomainUserRole"/>
-                            <method href="#checkDomainUserRole"/>
-                            <method href="#revokeDomainUserRole"/>
-                        </resource>
-                    </resource>
-                    <resource id="groups_group_id_roles"
-                        path="groups/{group_id}/roles">
-                        <param name="group_id" style="template"
-                            type="capi:uuid" required="true"
-                            xmlns="http://wadl.dev.java.net/2009/02">
-                            <wadl:doc
-                                xmlns="http://docbook.org/ns/docbook"
-                                xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                                xml:lang="EN"><para>The group
-                                   ID.</para></wadl:doc>
-                        </param>
-                        <method href="#listDomainGroupRoles"/>
-                        <resource id="domain-group-role_id"
-                            path="{role_id}">
-                            <param name="role_id" style="template"
-                                type="capi:uuid" required="true"
-                                xmlns="http://wadl.dev.java.net/2009/02">
-                                <wadl:doc
-                                   xmlns="http://docbook.org/ns/docbook"
-                                   xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                                   xml:lang="EN">The role
-                                   ID.</wadl:doc>
-                            </param>
-                            <method href="#grantDomainGroupRole"/>
-                            <method href="#checkDomainGroupRole"/>
-                            <method href="#revokeDomainGroupRole"/>
-                        </resource>
-                    </resource>
-                </resource>
-            </resource>
-            <resource id="projects" path="projects"> &authTokenHeader;
-                <method href="#createProject"/>
-                <method href="#listProjects"/>
-                <resource id="project_id" path="{project_id}">
-                    <param name="project_id" style="template"
-                        type="xsd:string" required="true"
-                        xmlns="http://wadl.dev.java.net/2009/02">
-                        <wadl:doc
-                            xmlns="http://docbook.org/ns/docbook"
-                            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                            xml:lang="EN">The project ID.</wadl:doc>
-                    </param>
-                    <method href="#getProject"/>
-                    <method href="#updateProject"/>
-                    <method href="#deleteProject"/>
-                    <resource id="users" path="users">
-                        &descriptionQueryParam; &domain_idQueryParam;
-                        &enabledQueryParam;
-                        &nameQueryParam;
-                        <!--<method
-                            href="#listProjectUsers"/>-->
-                        <resource id="user_id_roles"
-                            path="{user_id}/roles">
-                            <param name="user_id" style="template"
-                                type="capi:uuid" required="true"
-                                xmlns="http://wadl.dev.java.net/2009/02">
-                                <wadl:doc
-                                   xmlns="http://docbook.org/ns/docbook"
-                                   xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                                   xml:lang="EN"><para>The user
-                                   ID.</para></wadl:doc>
-                            </param>
-                            <method href="#listProjectUserRoles"/>
-                            <resource id="project-user-role_id"
-                                path="{role_id}">
-                                <param name="role_id" style="template"
-                                   type="capi:uuid" required="true"
-                                   xmlns="http://wadl.dev.java.net/2009/02">
-                                   <wadl:doc
-                                      xmlns="http://docbook.org/ns/docbook"
-                                      xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                                      xml:lang="EN"><para>The role
-                                      ID.</para></wadl:doc>
-                                </param>
-                                <method href="#grantProjectUserRole"/>
-                                <method href="#checkProjectUserRole"/>
-                                <method href="#revokeProjectUserRole"
-                                />
-                            </resource>
-                        </resource>
-                    </resource>
-                    <resource id="project-groups-roles"
-                        path="groups/{group_id}/roles">
-                        <param name="group_id" style="template" type="capi:uuid"
-                            required="true"
-                            xmlns="http://wadl.dev.java.net/2009/02">
-                            <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                                xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                                xml:lang="EN"><para>The group
-                                ID.</para></wadl:doc>
-                        </param>
-                        <method href="#listProjectGroupRoles"/>
-                        <resource id="project-groups-roles_id"
-                            path="{role_id}">
-                            <param name="role_id" style="template"
-                               type="capi:uuid" required="true"
-                               xmlns="http://wadl.dev.java.net/2009/02">
-                               <wadl:doc
-                                  xmlns="http://docbook.org/ns/docbook"
-                                  xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                                  xml:lang="EN"><para>The role
-                                  ID.</para></wadl:doc>
-                            </param>
-                            <method href="#grantProjectGroupRole"/>
-                            <method href="#checkProjectGroupRole"/>
-                            <method href="#revokeProjectGroupRole"/>
-                        </resource>
-                    </resource>
-                 </resource>
-            </resource>
-            <resource id="create-users" path="users">
-                &authTokenHeader; <method href="#createUser"/>
-                <method href="#listUsers"/>
-                <resource id="user_id" path="{user_id}">
-                    <param name="user_id" style="template"
-                        type="capi:uuid" required="true"
-                        xmlns="http://wadl.dev.java.net/2009/02">
-                        <wadl:doc
-                            xmlns="http://docbook.org/ns/docbook"
-                            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                            xml:lang="EN">The user ID.</wadl:doc>
-                    </param>
-                    <method href="#getUser"/>
-                    <method href="#updateUser"/>
-                    <method href="#deleteUser"/>
-                    <resource id="groups" path="groups">
-                        <method href="#listUserGroups"/>
-                    </resource>
-                    <resource id="user-projects" path="projects">
-                        <method href="#listUserProjects"/>
-                    </resource>
-                    <resource id="user-roles" path="roles">
-                        &nameQueryParam; &project_idQueryParam;
-                        &domain_idQueryParam; <method
-                            href="#listUserRoles"/>
-                    </resource>
-                </resource>
-            </resource>
-            <resource id="create-groups" path="groups">
-                &authTokenHeader; <method href="#createGroup"/>
-                <method href="#listGroups"/>
-                <resource id="group-group_id" path="{group_id}">
-                    <param name="group_id" style="template"
-                        type="capi:uuid" required="true"
-                        xmlns="http://wadl.dev.java.net/2009/02">
-                        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                            xml:lang="EN">
-                            <para>
-                                The group ID.
-                            </para>
-                        </wadl:doc>
-                    </param>
-                    <method href="#getGroup"/>
-                    <method href="#updateGroup"/>
-                    <method href="#deleteGroup"/>
-                    <resource id="group-users" path="users">
-                        &nameQueryParam;
-                        <method href="#listGroupUsers"/>
-                        <resource id="group-user-user_id" path="{user_id}">
-                            <param name="user_id" style="template"
-                                    type="capi:uuid" required="true"
-                                    xmlns="http://wadl.dev.java.net/2009/02">
-                                <wadl:doc
-                                    xmlns="http://docbook.org/ns/docbook"
-                                    xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                                    xml:lang="EN">
-                                    <para>
-                                        The user ID.
-                                    </para>
-                               </wadl:doc>
-                            </param>
-                            <method href="#assignUserToGroup"/>
-                            <method href="#deleteGroupUser"/>
-                            <method href="#checkGroupUser"/>
-                        </resource>
-                    </resource>
-                </resource>
-            </resource>
+            <method href="#showIdentityV3Details"/>
             <resource id="credentials" path="credentials">
-                &authTokenHeader; <method href="#createCredential"/>
+                <method href="#createCredential"/>
                 <method href="#listCredentials"/>
                 <resource id="credential_id" path="{credential_id}">
-                    <param name="credential_id" style="template"
-                        type="capi:uuid" required="true"
-                        xmlns="http://wadl.dev.java.net/2009/02">
-                        <wadl:doc
-                            xmlns="http://docbook.org/ns/docbook"
-                            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                            xml:lang="EN">The credential
-                            ID.</wadl:doc>
-                    </param>
+                    &credential_idTemplateParameter;
                     <method href="#getCredential"/>
                     <method href="#updateCredential"/>
                     <method href="#deleteCredential"/>
                 </resource>
             </resource>
-            <resource id="create-roles" path="roles">
-                &authTokenHeader; <method href="#createRole"/>
+            <resource id="domains" path="domains">
+                <method href="#listDomains"/>
+                <method href="#createDomain"/>
+                <resource id="domain_id" path="{domain_id}">
+                    &domain_idTemplateParameter;
+                    <method href="#getDomain"/>
+                    <method href="#updateDomain"/>
+                    <method href="#deleteDomain"/>
+                    <resource id="domains-users" path="users">
+                        <resource id="domains-users-user_id" path="{user_id}">
+                            <resource id="domains-users-roles" path="roles">
+                                &user_idTemplateParameter;
+                                <method href="#listDomainUserRoles"/>
+                                <resource id="domains-users-roles-role_id"
+                                    path="{role_id}">
+                                    &role_idTemplateParameter;
+                                    <method href="#grantDomainUserRole"/>
+                                    <method href="#checkDomainUserRole"/>
+                                    <method href="#revokeDomainUserRole"/>
+                                </resource>
+                            </resource>
+                        </resource>
+                    </resource>
+                    <resource id="config" path="config">
+                        <method href="#getDomainConfig"/>
+                        <method href="#updateDomainConfig"/>
+                        <method href="#deleteDomainConfig"/>
+                        <resource id="config-group" path="{group}">
+                            &domain-groupTemplateParameter;
+                            <method href="#getDomainConfigGroup"/>
+                            <method href="#updateDomainConfigGroup"/>
+                            <method href="#deleteDomainConfigGroup"/>
+                            <resource id="config-option" path="{option}">
+                                &domain-group-optionTemplateParameter;
+                                <method href="#getDomainConfigGroupOption"/>
+                                <method href="#updateDomainConfigGroupOption"/>
+                                <method href="#deleteDomainConfigGroupOption"/>
+                            </resource>
+                        </resource>
+                    </resource>
+                    <resource id="domains-groups" path="groups">
+                        <resource id="domains-groups-group_id" path="{group_id}">
+                            <resource id="domains-groups-roles" path="roles">
+                                &group_idTemplateParameter;
+                                <method href="#listDomainGroupRoles"/>
+                                <resource id="domains-groups-roles-role_id"
+                                    path="{role_id}">
+                                    &role_idTemplateParameter;
+                                    <method href="#grantDomainGroupRole"/>
+                                    <method href="#checkDomainGroupRole"/>
+                                    <method href="#revokeDomainGroupRole"/>
+                                </resource>
+                            </resource>
+                        </resource>
+                    </resource>
+                </resource>
+            </resource>
+            <resource id="endpoints" path="endpoints">
+                <method href="#listEndpoints"/>
+                <method href="#createEndpoint"/>
+                <resource id="endpoint_id" path="{endpoint_id}">
+                    &endpoint_idTemplateParameter;
+                    <method href="#getEndpoint"/>
+                    <method href="#updateEndpoint"/>
+                    <method href="#deleteEndpoint"/>
+                </resource>
+            </resource>
+            <resource id="group-groups" path="groups">
+                <method href="#createGroup"/>
+                <method href="#listGroups"/>
+                <resource id="group-group_id" path="{group_id}">
+                    &group_idTemplateParameter;
+                    <method href="#getGroup"/>
+                    <method href="#updateGroup"/>
+                    <method href="#deleteGroup"/>
+                    <resource id="group-users" path="users">
+                        &domain_idQueryParameter;
+                        &descriptionQueryParameter;
+                        &group-nameQueryParameter;
+                        &group-enabledQueryParameter;
+                        <method href="#listGroupUsers"/>
+                        <resource id="group-user-user_id" path="{user_id}">
+                            &user_idTemplateParameter;
+                            <method href="#addUserToGroup"/>
+                            <method href="#checkUserInGroup"/>
+                            <method href="#removeUserFromGroup"/>
+                        </resource>
+                    </resource>
+                </resource>
+            </resource>
+            <resource id="policies" path="policies">
+                <method href="#listPolicies"/>
+                <method href="#createPolicy"/>
+                <resource id="policy_id" path="{policy_id}">
+                    &policy_idTemplateParameter;
+                    <method href="#getPolicy"/>
+                    <method href="#updatePolicy"/>
+                    <method href="#deletePolicy"/>
+                </resource>
+            </resource>
+            <resource id="projects" path="projects">
+                <method href="#listProjects"/>
+                <method href="#createProject"/>
+                <resource id="project_id" path="{project_id}">
+                    &project_idTemplateParameter;
+                    <method href="#getProject"/>
+                    <method href="#updateProject"/>
+                    <method href="#deleteProject"/>
+                    <resource id="cascade" path="cascade">
+                        <method href="#enableProject"/>
+                        <method href="#deleteProjectSubtree"/>
+                    </resource>
+                    <resource id="projects-users" path="users">
+                        <resource id="projects-users-user_id" path="{user_id}">
+                            <resource id="projects-users-roles" path="roles">
+                                &user_idTemplateParameter;
+                                <method href="#listProjectUserRoles"/>
+                                <resource id="projects-users-role_id"
+                                    path="{role_id}">
+                                    &role_idTemplateParameter;
+                                    <method href="#grantProjectUserRole"/>
+                                    <method href="#checkProjectUserRole"/>
+                                    <method href="#revokeProjectUserRole"/>
+                                </resource>
+                            </resource>
+                        </resource>
+                    </resource>
+                    <resource id="projects-groups" path="groups">
+                        <resource id="projects-groups-group_id" path="{group_id}">
+                            <resource id="projects-groups-roles" path="roles">
+                                &group_idTemplateParameter;
+                                <method href="#listProjectGroupRoles"/>
+                                <resource id="projects-groups-role_id"
+                                    path="{role_id}">
+                                    &role_idTemplateParameter;
+                                    <method href="#grantProjectGroupRole"/>
+                                    <method href="#checkProjectGroupRole"/>
+                                    <method href="#revokeProjectGroupRole"/>
+                                </resource>
+                            </resource>
+                        </resource>
+                    </resource>
+                 </resource>
+            </resource>
+            <resource id="regions" path="regions">
+                <method href="#listRegions"/>
+                <method href="#createRegion"/>
+                <resource id="region_id" path="{region_id}">
+                    &region_idTemplateParameter;
+                    <method href="#getRegion"/>
+                    <method href="#updateRegion"/>
+                    <method href="#deleteRegion"/>
+                </resource>
+            </resource>
+            <resource id="roles" path="roles">
                 <method href="#listRoles"/>
-                <resource id="role-role_id" path="{role_id}">
-                    <param name="role_id" style="template"
-                        type="capi:uuid" required="true"
-                        xmlns="http://wadl.dev.java.net/2009/02">
-                        <wadl:doc
-                            xmlns="http://docbook.org/ns/docbook"
-                            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                            xml:lang="EN">The role ID.</wadl:doc>
-                    </param>
+                <method href="#createRole"/>
+                <resource id="roles-role_id" path="{role_id}">
+                    &role_idTemplateParameter;
                     <method href="#getRole"/>
                     <method href="#updateRole"/>
                     <method href="#deleteRole"/>
                 </resource>
             </resource>
             <resource id="role_assignments" path="role_assignments">
-                &authTokenHeader; <param name="group.id" style="query" type="xsd:string"
+                <param name="group.id" style="query" type="xsd:string"
                     xmlns="http://wadl.dev.java.net/2009/02"
                     required="false">
                     <wadl:doc xmlns="http://docbook.org/ns/docbook"
                         xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                        xml:lang="EN"><para>Filters on group ID.
-                            Specify <code>group.id={group_id}</code>
-                            to list all role assignments for the
-                             group.</para></wadl:doc>
+                        xml:lang="EN">
+                        <para>
+                            Filters the response by a group ID. To list all
+                            role assignments for a group, specify
+                            <code>group.id={group_id}</code>.
+                        </para>
+                    </wadl:doc>
                 </param>
                 <param name="role.id" style="query" type="xsd:string"
                     xmlns="http://wadl.dev.java.net/2009/02"
                     required="false">
                     <wadl:doc xmlns="http://docbook.org/ns/docbook"
                         xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                        xml:lang="EN"><para>Filters on role ID.
-                            Specify <code>role.id={role_id}</code> to
-                            list all role assignments for the
-                             role.</para></wadl:doc>
+                        xml:lang="EN">
+                        <para>
+                            Filters the response by a role ID. To list all
+                            role assignments for a role, specify
+                            <code>role.id={role_id}</code>.
+                        </para>
+                    </wadl:doc>
                 </param>
                 <param name="scope.domain.id" style="query"
                     type="xsd:string"
@@ -372,11 +249,13 @@
                     required="false">
                     <wadl:doc xmlns="http://docbook.org/ns/docbook"
                         xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                        xml:lang="EN"><para>Filters on domain ID.
-                            Specify
-                                <code>scope.domain.id={domain_id}</code>
-                            to list all role assignments for the
-                             domain.</para></wadl:doc>
+                        xml:lang="EN">
+                        <para>
+                            Filters the response by a domain ID. To list all
+                            role assignments for a domain, specify
+                            <code>scope.domain.id={domain_id}</code>.
+                        </para>
+                    </wadl:doc>
                 </param>
                 <param name="scope.project.id" style="query"
                     type="xsd:string"
@@ -384,388 +263,248 @@
                     required="false">
                     <wadl:doc xmlns="http://docbook.org/ns/docbook"
                         xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                        xml:lang="EN"><para>Filters on project ID.
-                            Specify
-                                <code>scope.project.id={project_id}</code>
-                            to list all role assignments for the
-                             project.</para></wadl:doc>
+                        xml:lang="EN">
+                        <para>
+                            Filters the response by a project ID. To list all
+                            role assignments for a project, specify
+                            <code>scope.project.id={project_id}</code>.
+                        </para>
+                    </wadl:doc>
                 </param>
                 <param name="user.id" style="query" type="xsd:string"
                     xmlns="http://wadl.dev.java.net/2009/02"
                     required="false">
                     <wadl:doc xmlns="http://docbook.org/ns/docbook"
                         xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                        xml:lang="EN"><para>Filters on user ID.
-                            Specify <code>user.id={user_id}</code> to
-                            list all role assignments for the
-                             user.</para></wadl:doc>
+                        xml:lang="EN">
+                        <para>
+                            Filters the response by a user ID. To list all
+                            role assignments for a user, specify
+                            <code>user.id={user_id}</code>.
+                        </para>
+                    </wadl:doc>
                 </param>
                 <param name="effective" style="query" type="xsd:key"
                     xmlns="http://wadl.dev.java.net/2009/02"
                     required="false">
                     <wadl:doc xmlns="http://docbook.org/ns/docbook"
                         xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                        xml:lang="EN"><para>Lists effective
-                            assignments at the user, project, and
-                            domain level, allowing for the effects of
-                            group membership.</para>
-                        <para>The group role assignment entities
-                            themselves are not returned in the
-                            collection.</para>
-                        <para>This represents the effective role
-                            assignments that would be included in a
-                            scoped token. You can use the other query
-                            parameters with the <code>effective</code>
-                            parameter.</para>
+                        xml:lang="EN">
+                        <para>
+                            Lists effective assignments at the user, project,
+                            and domain level, allowing for the effects of
+                            group membership.
+                        </para>
+                        <para>
+                            The group role assignment entities themselves are
+                            not returned in the collection.
+                        </para>
+                        <para>
+                            This represents the effective role assignments
+                            that would be included in a scoped token. You can
+                            use the other query parameters with the
+                            <code>effective</code> parameter.
+                        </para>
+                    </wadl:doc>
+                </param>
+                <param name="include_subtree" style="query" type="xsd:boolean"
+                    xmlns="http://wadl.dev.java.net/2009/02"
+                    required="false">
+                    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                        xmlns:wadl="http://wadl.dev.java.net/2009/02"
+                        xml:lang="EN">
+                        <para>
+                            (Since v3.6) Lists all role assignments within a tree of
+                            projects. The following call lists all role
+                            assignments for a project and its sub-projects:
+                        </para>
+            <para><code>GET /role_assignments?scope.project.id={project_id}?include_subtree=true</code></para>
+                        <para>
+                            You can specify <code>include_subtree=true</code> only in
+                            combination with <code>scope.project.id</code>. If you do not
+                            include the project ID, this call returns the <code>Bad Request
+                            (400)</code> response code.
+                        </para>
+                        <para>
+                            Each role assignment entity in the collection contains a link
+                            to the assignment that created the entity.
+                        </para>
                     </wadl:doc>
                 </param>
                 <method href="#listRoleAssignments"/>
             </resource>
-            <resource id="policies" path="policies"> &authTokenHeader;
-                <method href="#createPolicy"/>
-                <method href="#listPolicies"/>
-                <resource id="policy_id" path="{policy_id}">
-                    <param name="policy_id" style="template"
-                        type="capi:uuid" required="true">
-                        <wadl:doc
-                            xmlns="http://docbook.org/ns/docbook"
-                            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                            xml:lang="EN">The policy ID.</wadl:doc>
-                    </param>
-                    <method href="#getPolicy"/>
-                    <method href="#updatePolicy"/>
-                    <method href="#deletePolicy"/>
+            <resource id="services" path="services">
+                &authTokenHeader;
+                <method href="#listServices"/>
+                <method href="#createService"/>
+                <resource id="service_id" path="{service_id}">
+                    &service_idTemplateParameter;
+                    <method href="#getService"/>
+                    <method href="#updateService"/>
+                    <method href="#deleteService"/>
                 </resource>
             </resource>
-            <resource id="regions" path="regions"> &authTokenHeader;
-                <method href="#listRegions"/>
-                <method href="#createRegion"/>
-                <resource id="region_id" path="{region_id}">
-                    <param name="region_id" style="template"
-                        type="capi:uuid" required="true"
-                        xmlns="http://wadl.dev.java.net/2009/02">
-                        <wadl:doc
-                            xmlns="http://docbook.org/ns/docbook"
-                            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-                            xml:lang="EN"><para>The region
-                            ID.</para></wadl:doc>
-                    </param>
-                    <method href="#getRegion"/>
-                    <method href="#updateRegion"/>
-                    <method href="#deleteRegion"/>
-                </resource>
-                <resource id="user_defined_region_id" path="{user_defined_region_id}">
-                    &user_defined_region_idRequestParam;
-                    <method href="#createRegionWithID"/>
+            <resource id="tokens" path="auth/tokens">
+                <method href="#authenticatePasswordUnscoped"/>
+                <method href="#authenticatePasswordScoped"/>
+                <method href="#authenticatePasswordExplicitUnscoped"/>
+                <method href="#authenticateTokenUnscoped"/>
+                <method href="#authenticateTokenScoped"/>
+                <method href="#validateToken"/>
+                <method href="#checkToken"/>
+                <method href="#revokeTokens"/>
+            </resource>
+            <resource id="os-pki" path="OS-PKI/revoked">
+                <method href="#listRevokedPKITokens"/>
+            </resource>
+            <resource id="users-users" path="users">
+                <method href="#listUsers"/>
+                <method href="#createUser"/>
+                <resource id="users-user_id" path="{user_id}">
+                    &user_idTemplateParameter;
+                    <method href="#getUser"/>
+                    <method href="#updateUser"/>
+                    <method href="#deleteUser"/>
+                    <resource id="password" path="password">
+                        <method href="#changeUserPassword"/>
+                    </resource>
+                    <resource id="user-groups" path="groups">
+                        <method href="#listUserGroups"/>
+                    </resource>
+                    <resource id="user-projects" path="projects">
+                        <method href="#listUserProjects"/>
+                    </resource>
                 </resource>
             </resource>
         </resource>
     </resources>
-    <!--*******************************************************-->
-    <!--               All Methods                             -->
-    <!--*******************************************************-->
-    <!--Version Operations-->
-    <method name="GET" id="getVersions-identity-v3">
+    <!-- ***************************************************** -->
+    <!-- METHODS                                               -->
+    <!-- ***************************************************** -->
+    <!-- ***************************************************** -->
+    <!-- VERSIONS                                              -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="listIdentityVersions">
         <wadl:doc xml:lang="EN" title="List versions"
-            xmlns="http://docbook.org/ns/docbook"><para
-                role="shortdesc">Lists information about all Identity
-                API versions.</para>
+            xmlns="http://docbook.org/ns/docbook">
+            <para role="shortdesc">
+                Lists information about all Identity API versions.
+            </para>
         </wadl:doc>
         <response status="200">
             <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:code
-                        href="../samples/identity-versions-response.json"
-                    />
+                <wadl:doc xmlns="http://docbook.org/ns/docbook" xml:lang="EN">
+                    <xsdxt:code href="../samples/admin/identity-versions-response.json"/>
                 </wadl:doc>
+                &versionsResponseParameters;
+                &updatedResponseParameter;
             </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="GET" id="showVersionDetails-identity-v3">
+        </response>
+        &getFaults;
+    </method>
+    <method name="GET" id="showIdentityV3Details">
         <wadl:doc xmlns="http://docbook.org/ns/docbook" xml:lang="EN"
-            title="Show API version details">
-            <para>Shows details for the Identity API
-            v3.</para></wadl:doc> &commonFaults; &getFaults; <response
-            status="200">
+            title="Show API v3 details">
+            <para role="shortdesc">
+                Shows details for the latest Identity API v3 micro-version.
+            </para>
+        </wadl:doc>
+        <request>
+            &AcceptRequestHeader;
+        </request>
+        <response status="200">
             <representation mediaType="application/json">
                 <wadl:doc xmlns="http://docbook.org/ns/docbook"
                     xml:lang="EN">
                     <xsdxt:sample>
                         <xsdxt:code
-                            href="../samples/identity-version-resp.json"
-                        />
+                            href="../samples/admin/identity-version-resp.json"/>
                     </xsdxt:sample>
                 </wadl:doc>
-                &versionParam; &statusParam; &updated_at-ResponseParameter;
-                &media-typesParam; &version-idParam;
-                &version-linksParam; </representation>
+                &versionResponseParameters;
+                &updatedResponseParameter;
+            </representation>
         </response>
+        &getFaults;
     </method>
-    <!--Token Operations-->
-    <method name="POST" id="authenticate">
+    <!-- ***************************************************** -->
+    <!-- CREDENTIALS                                           -->
+    <!-- ***************************************************** -->
+    <!-- ***************************************************** -->
+    <!-- CREATE CREDENTIAL                                     -->
+    <!-- ***************************************************** -->
+    <method name="POST" id="createCredential">
         <wadl:doc xmlns="http://docbook.org/ns/docbook"
             xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Authenticate">
+            xml:lang="EN" title="Create credential">
             <para role="shortdesc">
-                Authenticates and generates a token.
+                Creates a credential.
             </para>
             <para>
-                Each REST request against the Identity Service requires the
-                <code>X-Auth-Token</code> header. Clients obtain this token
-                and the URL endpoints for other service APIs by supplying
-                their valid credentials to the authentication service.
-            </para>
-            <para>
-                A REST interface provides client authentication by using the
-                &POST; method with <code>auth/tokens</code> the path. The body
-                of the request must include a payload of credentials including
-                the authentication method and, optionally, the authorization
-                scope. The scope includes either a project or domain. If you
-                include both project and domain, this call returns the HTTP
-                <code>Bad Request (400)</code> status code because a token
-                cannot be simultaneously scoped as both a project and domain.
-            </para>
-            <important>
-                <para>
-                    If you do not include the optional scope and the
-                    authenticating user has a defined default project (the
-                    <code>default_project_id</code> attribute for the user),
-                    that default project is treated as the preferred
-                    authorization scope.
-                </para>
-                <para>
-                    If no default project is defined, the token is issued
-                    without an explicit scope of authorization.
-                </para>
-            </important>
-            <para>
-                Provide one of the following sets of credentials to
-                authenticate: User ID and password, user name and password
-                scoped by domain ID or name, user ID and password scoped by
-                project ID or name with or without domain scope, or token.
-            </para>
-            <para>
-                The following examples demonstrate authentication requests
-                with different types of credentials.
-            </para>
-            <note>
-                <para>
-                    If <code>scope</code> is included, <code>project id</code>
-                    uniquely identifies the <code>project</code>. However,
-                    <code>project name</code> uniquely identifies the
-                    <code>project</code> only when used in conjunction with a
-                    <code>domain ID</code> or a <code>domain name</code>.
-                </para>
-            </note>
-            <para>
-                If the authentication token has expired, this call returns the
-                HTTP <code>401</code> status code.
-            </para>
-            <para>If the subject token has expired, this call returns
-                the HTTP <code>404</code> status code.</para>
-            <para>The Identity API treats expired tokens as no longer valid
-                tokens.</para>
-            <para>The deployment determines how long expired tokens
-                are stored.</para>
-            <para>As the following example responses show, the
-                response to an authentication request returns the
-                token ID in the <code>X-Subject-Token</code> header
-                instead of in the token data.</para>
-            <para>
-                If the call has no explicit authorization scope, the response
-                does not contain the <code>catalog</code>,
-                <code>project</code>, <code>domain</code>, or
-                <code>roles</code> fields. However, the response still
-                uniquely identifies the user.
-            </para>
-            <para>
-                A token scoped to a <code>project</code> also has both a
-                service <code>catalog</code> and the user's roles applicable
-                to the <code>project</code>.
-            </para>
-            <para>A token scoped to a <code>domain</code> also has
-                both a service <code>catalog</code> and the user's
-                roles applicable to the <code>project</code>.</para>
-            <para>
-                Optionally, the Identity API implementation might return an
-                <code>authentication</code> attribute to indicate the
-                supported authentication methods.
-            </para>
-            <para>
-                For authentication processes that require multiple round
-                trips, The Identity API implementation might return an HTTP
-                <code>Unauthorized (401)</code> status code with additional
-                information for the next authentication step.
-            </para>
-            <para>
-                The following examples illustrate several possible HTTP
-                <code>Unauthorized (401)</code> authentication errors. Other
-                errors, like HTTP <code>Forbidden (403)</code>, are also
-                possible.
+                The following example shows how to create an EC2-style
+                credential. The credential blob is a string that contains a
+                JSON-serialized dictionary with the <code>access</code> and
+                <code>secret</code> keys. This format is required when you
+                specify the <code>ec2</code> type. To specify other credentials,
+                such as <code>access_key</code>, change the type and contents of
+                the data blob.
             </para>
         </wadl:doc>
         <request>
             <representation mediaType="application/json">
                 <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    title="Authenticate with user ID and password: JSON request">
+                    xml:lang="EN">
                     <xsdxt:sample>
                         <xsdxt:code
-                            href="../samples/TokenAuthPasswordIDRequest.json"
-                        />
+                            href="../samples/admin/CredentialCreateRequest.json"/>
                     </xsdxt:sample>
                 </wadl:doc>
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    title="Authenticate with domain ID, user name, and password: JSON request">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/TokenAuthPasswordNameRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    title="Authenticate with domain name, user name, and password: JSON request">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/TokenAuthPasswordDomainRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    title="Authenticate with token JSON request">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/TokenAuthTokenRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    title="Authenticate with user ID, password, and project ID scope: JSON request">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/TokenAuthPasswordIDScopeProjIDRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    title="Authenticate with user ID, password, and domain ID scope: JSON request">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/TokenAuthPasswordIDScopeDomainIDRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    title="Authenticate with user ID, password, and domain ID and project name scope: JSON request">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/TokenAuthPasswordIDScopeProjNameRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    title="Authenticate with User ID, password, and domain name and project name scope: JSON request">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/TokenAuthPasswordIDScopeProjDomainNameRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc> &authRequestParam; &identityRequestParam;
-                &methodsRequestParam; &passwordObjectRequestParam;
-                &scopeRequestParam; &tokenRequestParam;
-                &userRequestParam; &idRequestParam;
-                &user-nameRequestParamOpt; &passwordRequestParam;
+                &credentialObjectParameter;
+                &credential-blobRequestParameter;
+                &credential-project_idRequestParameter;
+                &credential-typeRequestParameter;
+                &credential-user_idRequestParameter;
             </representation>
         </request>
         <response status="201">
             <representation mediaType="application/json">
                 <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    title="Authenticate without scope: JSON response">
+                    xml:lang="EN">
                     <xsdxt:sample>
                         <xsdxt:code
-                            href="../samples/TokenAuthNoScopeResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    title="Authenticate with project scope: JSON response">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/TokenAuthScopeProjectResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    title="Authenticate with domain scope: JSON response">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/TokenAuthScopeDomainResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    title="Authenticate with token: JSON response">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/TokenAuthTokenResponse.json"
-                        />
+                            href="../samples/admin/CredentialCreateResponse.json"/>
                     </xsdxt:sample>
                 </wadl:doc>
+                &credentialObjectParameter;
+                &credential-user_idResponseParameter;
+                &credential-linksResponseParameter;
+                &credential-blobResponseParameter;
+                &credential-project_idResponseParameter;
+                &credential-typeResponseParameter;
+                &credential-idResponseParameter;
             </representation>
         </response>
-        &fault400;
-        <response status="401" xmlns:rax="http://docs.rackspace.com/api" rax:phrase="Unauthorized">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    title="Error: Basic HTTP 401 Not Authorized: JSON Response">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/TokenAuthFail401aResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    title="Error: HTTP 401 Not Authorized with Supported Methods: JSON Response">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/TokenAuthFail401bResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    title="Error: HTTP 401 Not Authorized with Next Step Information: JSON Response"><xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/TokenAuthFail401cResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </response>
-        &fault403; &fault405; &fault413; &fault503; &getFaults; </method>
-    <method name="GET" id="validateTokens">
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- LIST CREDENTIALS                                      -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="listCredentials">
         <wadl:doc xmlns="http://docbook.org/ns/docbook"
             xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Validate token">
+            xml:lang="EN" title="List credentials">
             <para role="shortdesc">
-                Validates a token.
+                Lists all credentials.
             </para>
             <para>
-                Pass your own token in the <code>X-Auth-Token</code> header.
-                Pass the token to be validated in the <code>X-Subject-Token</code>
-                header. The Identity API returns the same
-                response as when the subject token was issued by <code>POST
-                /auth/tokens</code>.
+                Optionally, you can include the <code>user_id</code> query
+                parameter in the URI to filter the response by a specified
+                user.
             </para>
         </wadl:doc>
         <request>
             <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/TokenValidateRequest.txt"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>&authTokenHeader; &subjectTokenHeader;
+                &user_idQueryParameter;
             </representation>
         </request>
         <response status="200">
@@ -774,18 +513,2794 @@
                     xml:lang="EN">
                     <xsdxt:sample>
                         <xsdxt:code
-                            href="../samples/TokenAuthNoScopeResponse.json"
+                            href="../samples/admin/CredentialsListResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &credentialsObjectParameter;
+                &credential-user_idResponseParameter;
+                &credential-linksResponseParameter;
+                &credential-blobResponseParameter;
+                &credential-project_idResponseParameter;
+                &credential-typeResponseParameter;
+                &credential-idResponseParameter;
+                &credentials-linksResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- SHOW CREDENTIAL DETAILS                               -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="getCredential">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Show credential details">
+            <para role="shortdesc">
+                Shows details for a credential.
+            </para>
+        </wadl:doc>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/CredentialGetResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &credentialObjectParameter;
+                &credential-user_idResponseParameter;
+                &credential-linksResponseParameter;
+                &credential-blobResponseParameter;
+                &credential-project_idResponseParameter;
+                &credential-typeResponseParameter;
+                &credential-idResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- UPDATE CREDENTIAL                                     -->
+    <!-- ***************************************************** -->
+    <method name="PATCH" id="updateCredential">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Update credential">
+            <para role="shortdesc">
+                Updates a credential.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/CredentialUpdateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &credentialObjectParameter;
+                &credential-blobRequestOptParameter;
+                &credential-project_idRequestOptParameter;
+                &credential-typeRequestOptParameter;
+                &credential-user_idRequestOptParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/CredentialUpdateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &credentialObjectParameter;
+                &credential-user_idResponseParameter;
+                &credential-linksResponseParameter;
+                &credential-blobResponseParameter;
+                &credential-project_idResponseParameter;
+                &credential-typeResponseParameter;
+                &credential-idResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- DELETE CREDENTIAL                                     -->
+    <!-- ***************************************************** -->
+    <method name="DELETE" id="deleteCredential">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Delete credential">
+            <para role="shortdesc">
+                Deletes a credential.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- DOMAINS                                               -->
+    <!-- ***************************************************** -->
+    <!-- ***************************************************** -->
+    <!-- List domains                                          -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="listDomains">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="List domains">
+            <para role="shortdesc">
+                Lists all domains.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                &domain-nameQueryParameter;
+                &domain-enabledQueryParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    title="List domains: JSON response">
+                    <xsdxt:sample title="List domains: JSON response">
+                        <xsdxt:code
+                            href="../samples/admin/DomainsListResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &domainsObjectParameter;
+                &domain-descriptionResponseParameter;
+                &domain-enabledResponseParameter;
+                &domain-idResponseParameter;
+                &domain-linksResponseParameter;
+                &domain-nameResponseParameter;
+                &domains-linksResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Create domain                                         -->
+    <!-- ***************************************************** -->
+    <method name="POST" id="createDomain">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Create domain">
+            <para role="shortdesc">
+                Creates a domain.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/DomainCreateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &domainObjectParameter;
+                &domain-descriptionRequestParameter;
+                &domain-enabledRequestParameter;
+                &domain-nameRequestParameter;
+            </representation>
+        </request>
+        <response status="201">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/DomainCreateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &domainObjectParameter;
+                &domain-descriptionResponseParameter;
+                &domain-enabledResponseParameter;
+                &domain-idResponseParameter;
+                &domain-linksResponseParameter;
+                &domain-nameResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Show domain details                                   -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="getDomain">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Show domain details">
+            <para role="shortdesc">
+                Shows details for a domain.
+            </para>
+        </wadl:doc>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/DomainGetResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &domainObjectParameter;
+                &domain-descriptionResponseParameter;
+                &domain-enabledResponseParameter;
+                &domain-idResponseParameter;
+                &domain-linksResponseParameter;
+                &domain-nameResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Update domain                                         -->
+    <!-- ***************************************************** -->
+    <method name="PATCH" id="updateDomain">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Update domain">
+            <para role="shortdesc">
+                Updates a domain.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/DomainUpdateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &domainObjectParameter;
+                &domain-enabledRequestParameter;
+                &domain-descriptionRequestParameter;
+                &domain-nameRequestParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/DomainUpdateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &domainObjectParameter;
+                &domain-linksResponseParameter;
+                &domain-enabledResponseParameter;
+                &domain-descriptionResponseParameter;
+                &domain-nameResponseParameter;
+                &domain-idResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Delete domain                                         -->
+    <!-- ***************************************************** -->
+    <method name="DELETE" id="deleteDomain">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Delete domain">
+            <para role="shortdesc">
+                Deletes a domain.
+            </para>
+            <para>
+                To minimize the risk of accidentally deleting a domain, you
+                must first disable the domain by using the update domain
+                method.
+            </para>
+            <warning>
+                <para>
+                    When you delete a domain, this call also deletes all
+                    entities owned by it, such as users, groups, and projects,
+                    and any credentials and granted roles that relate to those
+                    entities.
+                </para>
+            </warning>
+            <para>
+                (Since v3.6) The deletion of a non-leaf domain in a domain
+                hierarchy tree is not allowed and fails with a <code>Bad
+                Request (400)</code> response code.
+            </para>
+            <para>
+                If you try to delete an enabled domain, this call returns the
+                <code>Forbidden (403)</code> response code.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Show domain configuration details                     -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="getDomainConfig">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Show domain configuration">
+            <para role="shortdesc">
+                Shows details for a domain configuration.
+            </para>
+        </wadl:doc>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/DomainConfigGetResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &domain-configObjectParameter;
+                &domain-identityObjectParameter;
+                &domain-driverResponseParameter;
+                &domain-ldapObjectParameter;
+                &domain-urlResponseParameter;
+                &domain-user_tree_dnResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Update domain configuration                           -->
+    <!-- ***************************************************** -->
+    <method name="PATCH" id="updateDomainConfig">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Update domain configuration">
+            <para role="shortdesc">
+                Updates a domain configuration.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/DomainConfigUpdateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &domain-configObjectParameter;
+                &domain-identityObjectParameter;
+                &domain-driverResponseParameter;
+                &domain-ldapObjectParameter;
+                &domain-urlResponseParameter;
+                &domain-user_tree_dnResponseParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/DomainConfigUpdateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &domain-configObjectParameter;
+                &domain-identityObjectParameter;
+                &domain-driverResponseParameter;
+                &domain-ldapObjectParameter;
+                &domain-urlResponseParameter;
+                &domain-user_tree_dnResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Delete domain configuration                           -->
+    <!-- ***************************************************** -->
+    <method name="DELETE" id="deleteDomainConfig">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Delete domain configuration">
+            <para role="shortdesc">
+                Deletes a domain configuration.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Show domain group configuration details                -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="getDomainConfigGroup">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Show domain group configuration">
+            <para role="shortdesc">
+                Shows details for a domain group configuration.
+            </para>
+            <para>
+                The API supports only the <code>identity</code> and
+                <code>ldap</code> groups.
+            </para>
+        </wadl:doc>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/DomainConfigGroupGetResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &domain-configObjectParameter;
+                &domain-identityObjectParameter;
+                &domain-driverResponseParameter;
+                &domain-ldapObjectParameter;
+                &domain-urlResponseParameter;
+                &domain-user_tree_dnResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Update domain group configuration                      -->
+    <!-- ***************************************************** -->
+    <method name="PATCH" id="updateDomainConfigGroup">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Update domain group configuration">
+            <para role="shortdesc">
+                Updates a domain group configuration.
+            </para>
+            <para>
+                The API supports only the <code>identity</code> and
+                <code>ldap</code> groups. If you try to set configuration
+                options for other groups, this call fails with the
+                <code>Forbidden (403)</code> response code.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/DomainConfigGroupUpdateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &domain-configObjectParameter;
+                &domain-identityObjectParameter;
+                &domain-driverRequestParameter;
+                &domain-ldapObjectParameter;
+                &domain-urlRequestParameter;
+                &domain-user_tree_dnRequestParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/DomainConfigGroupUpdateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &domain-configObjectParameter;
+                &domain-identityObjectParameter;
+                &domain-driverResponseParameter;
+                &domain-ldapObjectParameter;
+                &domain-urlResponseParameter;
+                &domain-user_tree_dnResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Delete domain group configuration                     -->
+    <!-- ***************************************************** -->
+    <method name="DELETE" id="deleteDomainConfigGroup">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Delete domain group configuration">
+            <para role="shortdesc">
+                Deletes a domain group configuration.
+            </para>
+            <para>
+                The API supports only the <code>identity</code> and
+                <code>ldap</code> groups.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Show domain group option configuration details        -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="getDomainConfigGroupOption">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Show domain group option configuration">
+            <para role="shortdesc">
+                Shows details for a domain group option configuration.
+            </para>
+            <para>
+                The API supports only the <code>identity</code> and
+                <code>ldap</code> groups. For the <code>ldap</code> group, a
+                valid value is <code>url</code> or <code>user_tree_dn</code>.
+                For the <code>identity</code> group, a valid value is
+                <code>driver</code>.
+            </para>
+        </wadl:doc>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/DomainConfigGroupOptionGetResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &domain-configObjectParameter;
+                &domain-identityObjectParameter;
+                &domain-driverResponseParameter;
+                &domain-ldapObjectParameter;
+                &domain-urlResponseParameter;
+                &domain-user_tree_dnResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Update domain group option configuration details      -->
+    <!-- ***************************************************** -->
+    <method name="PATCH" id="updateDomainConfigGroupOption">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Update domain group option configuration">
+            <para role="shortdesc">
+                Updates a domain group option configuration.
+            </para>
+            <para>
+                The API supports only the <code>identity</code> and
+                <code>ldap</code> groups. For the <code>ldap</code> group, a
+                valid value is <code>url</code> or <code>user_tree_dn</code>.
+                For the <code>identity</code> group, a valid value is
+                <code>driver</code>.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/DomainConfigGroupOptionUpdateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &domain-configObjectParameter;
+                &domain-identityObjectParameter;
+                &domain-driverRequestParameter;
+                &domain-ldapObjectParameter;
+                &domain-urlRequestParameter;
+                &domain-user_tree_dnRequestParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/DomainConfigGroupOptionUpdateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &domain-configObjectParameter;
+                &domain-identityObjectParameter;
+                &domain-driverResponseParameter;
+                &domain-ldapObjectParameter;
+                &domain-urlResponseParameter;
+                &domain-user_tree_dnResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Delete domain group option configuration              -->
+    <!-- ***************************************************** -->
+    <method name="DELETE" id="deleteDomainConfigGroupOption">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Delete domain group option configuration">
+            <para role="shortdesc">
+                Deletes a domain group option configuration.
+            </para>
+            <para>
+                The API supports only the <code>identity</code> and
+                <code>ldap</code> groups. For the <code>ldap</code> group, a
+                valid value is <code>url</code> or <code>user_tree_dn</code>.
+                For the <code>identity</code> group, a valid value is
+                <code>driver</code>.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- ENDPOINTS                                             -->
+    <!-- ***************************************************** -->
+    <!-- ***************************************************** -->
+    <!-- List endpoints                                        -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="listEndpoints">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="List endpoints">
+            <para role="shortdesc">
+                Lists all available endpoints.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                &interfaceQueryParameter;
+                &service_idQueryParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/EndpointsListResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &endpointsObjectParameter;
+                &endpoint-enabledResponseParameter;
+                &endpoint-idResponseParameter;
+                &endpoint-interfaceResponseParameter;
+                &endpoint-linksResponseParameter;
+                &endpoint-regionResponseParameter;
+                &endpoint-region_idResponseParameter;
+                &endpoint-service_idResponseParameter;
+                &endpoint-urlResponseParameter;
+                &endpoints-linksResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Create endpoint                                       -->
+    <!-- ***************************************************** -->
+    <method name="POST" id="createEndpoint">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Create endpoint">
+            <para role="shortdesc">
+                Creates an endpoint.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/EndpointCreateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &endpointObjectParameter;
+                &endpoint-interfaceRequestParameter;
+                &endpoint-nameRequestParameter;
+                &endpoint-region_idRequestParameter;
+                &endpoint-urlRequestParameter;
+                &endpoint-service_idRequestParameter;
+                &endpoint-enabledRequestParameter;
+            </representation>
+        </request>
+        <response status="201">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/EndpointCreateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &endpointObjectParameter;
+                &endpoint-region_idResponseParameter;
+                &endpoint-linksResponseParameter;
+                &endpoint-urlResponseParameter;
+                &endpoint-regionResponseParameter;
+                &endpoint-enabledResponseParameter;
+                &endpoint-interfaceResponseParameter;
+                &endpoint-service_idResponseParameter;
+                &endpoint-idResponseParameter;
+                &endpoint-nameResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Show endpoint details                                 -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="getEndpoint">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Show endpoint details">
+            <para role="shortdesc">
+                Shows details for an endpoint.
+            </para>
+        </wadl:doc>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/EndpointGetResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &endpointObjectParameter;
+                &endpoint-interfaceResponseParameter;
+                &endpoint-linksResponseParameter;
+                &endpoint-nameResponseParameter;
+                &endpoint-regionResponseParameter;
+                &endpoint-urlResponseParameter;
+                &endpoint-service_idResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Update endpoint                                       -->
+    <!-- ***************************************************** -->
+    <method name="PATCH" id="updateEndpoint">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Update endpoint">
+            <para role="shortdesc">
+                Updates an endpoint.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/EndpointUpdateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &endpointObjectParameter;
+                &endpoint-interfaceRequestParameter;
+                &endpoint-nameRequestParameter;
+                &endpoint-regionRequestParameter;
+                &endpoint-urlRequestParameter;
+                &endpoint-service_idRequestParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/EndpointUpdateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &endpointObjectParameter;
+                &endpoint-interfaceResponseParameter;
+                &endpoint-linksResponseParameter;
+                &endpoint-nameResponseParameter;
+                &endpoint-regionResponseParameter;
+                &endpoint-urlResponseParameter;
+                &endpoint-service_idResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Delete endpoint                                       -->
+    <!-- ***************************************************** -->
+    <method name="DELETE" id="deleteEndpoint">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Delete endpoint">
+            <para role="shortdesc">
+                Deletes an endpoint.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- GROUPS                                                -->
+    <!-- ***************************************************** -->
+    <!-- ***************************************************** -->
+    <!-- Create group                                          -->
+    <!-- ***************************************************** -->
+    <method name="POST" id="createGroup">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Create group">
+            <para role="shortdesc">
+                Creates a group.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/GroupCreateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &groupObjectParameter;
+                &group-nameRequestParameter;
+                &group-descriptionRequestParameter;
+                &group-domain_idRequestParameter;
+            </representation>
+        </request>
+        <response status="201">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/GroupCreateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &groupObjectParameter;
+                &group-domain_idResponseParameter;
+                &group-descriptionResponseParameter;
+                &group-idResponseParameter;
+                &group-linksResponseParameter;
+                &group-nameResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- List groups                                           -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="listGroups">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="List groups">
+            <para role="shortdesc">
+                Lists groups.
+            </para>
+        </wadl:doc>
+        <request>
+            &domain_idQueryParameter;
+            &group-nameQueryParameter;
+            <representation mediaType="application/json"/>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/GroupsListResponse.json"/>
+                        </xsdxt:sample>
+                </wadl:doc>
+                &groups-linksResponseParameter;
+                &groupsObjectParameter;
+                &group-domain_idResponseParameter;
+                &group-descriptionResponseParameter;
+                &group-idResponseParameter;
+                &group-linksResponseParameter;
+                &group-nameResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Show group details                                    -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="getGroup">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Show group details">
+            <para role="shortdesc">
+                Shows details for a group.
+            </para>
+        </wadl:doc>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/GroupGetResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &groupObjectParameter;
+                &group-domain_idResponseParameter;
+                &group-descriptionResponseParameter;
+                &group-idResponseParameter;
+                &group-linksResponseParameter;
+                &group-nameResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Update group                                          -->
+    <!-- ***************************************************** -->
+    <method name="PATCH" id="updateGroup">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Update group">
+            <para role="shortdesc">
+                Updates a group.
+            </para>
+            <para>
+                If the back-end driver does not support this functionality,
+                the call returns the <code>Not Implemented (501)</code>
+                response code.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/GroupUpdateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &groupObjectParameter;
+                &group-nameRequestOptParameter;
+                &group-descriptionRequestParameter;
+                &group-domain_idRequestParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/GroupUpdateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &groupObjectParameter;
+                &group-domain_idResponseParameter;
+                &group-descriptionResponseParameter;
+                &group-idResponseParameter;
+                &group-linksResponseParameter;
+                &group-nameResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Delete group                                          -->
+    <!-- ***************************************************** -->
+    <method name="DELETE" id="deleteGroup">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Delete group">
+            <para role="shortdesc">
+                Deletes a group.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Add user to group                                     -->
+    <!-- ***************************************************** -->
+    <method name="PUT" id="addUserToGroup">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Add user to group">
+            <para role="shortdesc">
+                Adds a user to a group.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Remove user from group                                -->
+    <!-- ***************************************************** -->
+    <method name="DELETE" id="removeUserFromGroup">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Remove user from group">
+            <para role="shortdesc">
+                Removes a user from a group.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Check whether user is member of group                 -->
+    <!-- ***************************************************** -->
+    <method name="HEAD" id="checkUserInGroup">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Check whether user belongs to group">
+            <para role="shortdesc">
+                Validates that a user belongs to a group.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Lists users that belong to a group                    -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="listGroupUsers">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="List users in group">
+            <para role="shortdesc">
+                Lists the users that belong to a group.
+            </para>
+        </wadl:doc>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/GroupListUsersResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &usersObjectParameter;
+                &user-nameResponseParameter;
+                &user-linksResponseParameter;
+                &user-domain_idResponseParameter;
+                &user-enabledResponseParameter;
+                &user-emailResponseParameter;
+                &user-idResponseParameter;
+                &users-linksResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- POLICIES                                              -->
+    <!-- ***************************************************** -->
+    <!-- ***************************************************** -->
+    <!-- Create policy                                         -->
+    <!-- ***************************************************** -->
+    <method name="POST" id="createPolicy">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Create policy">
+            <para role="shortdesc">
+                Creates a policy.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/PolicyCreateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &policyObjectParameter;
+                &policy-blobRequestParameter;
+                &policy-project_idRequestParameter;
+                &policy-mime-typeRequestParameter;
+                &policy-user_idRequestParameter;
+            </representation>
+        </request>
+        <response status="201">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/PolicyCreateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &policyObjectParameter;
+                &policy-rule-blobResponseParameter;
+                &policy-idResponseParameter;
+                &policy-linksResponseParameter;
+                &policy-project_idResponseParameter;
+                &policy-mime-typeResponseParameter;
+                &policy-user_idResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- List policies                                         -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="listPolicies">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="List policies">
+            <para role="shortdesc">
+                Lists policies.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                &policy-typeQueryParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/PoliciesListResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &policiesObjectParameter;
+                &policies-linksResponseParameter;
+                &policy-rule-blobResponseParameter;
+                &policy-idResponseParameter;
+                &policy-linksResponseParameter;
+                &policy-project_idResponseParameter;
+                &policy-mime-typeResponseParameter;
+                &policy-user_idResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Show policy details                                   -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="getPolicy">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Show policy details">
+            <para role="shortdesc">
+                Shows details for a policy.
+            </para>
+        </wadl:doc>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/PolicyGetResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &policyObjectParameter;
+                &policy-rule-blobResponseParameter;
+                &policy-idResponseParameter;
+                &policy-linksResponseParameter;
+                &policy-project_idResponseParameter;
+                &policy-mime-typeResponseParameter;
+                &policy-user_idResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Update policy                                         -->
+    <!-- ***************************************************** -->
+    <method name="PATCH" id="updatePolicy">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Update policy">
+            <para role="shortdesc">
+                Updates a policy.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/PolicyUpdateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &policyObjectParameter;
+                &policy-blobRequestParameter;
+                &policy-project_idRequestParameter;
+                &policy-mime-typeRequestParameter;
+                &policy-user_idRequestParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/PolicyUpdateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &policyObjectParameter;
+                &policy-rule-blobResponseParameter;
+                &policy-idResponseParameter;
+                &policy-linksResponseParameter;
+                &policy-project_idResponseParameter;
+                &policy-mime-typeResponseParameter;
+                &policy-user_idResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Delete policy                                         -->
+    <!-- ***************************************************** -->
+    <method name="DELETE" id="deletePolicy">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Delete policy">
+            <para role="shortdesc">
+                Deletes a policy.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- PROJECTS                                              -->
+    <!-- ***************************************************** -->
+    <!-- ***************************************************** -->
+    <!-- List projects                                         -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="listProjects">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="List projects">
+            <para role="shortdesc">Lists projects.</para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                &domain_idQueryParameter;
+                &parent_idQueryParameter;
+                &project-nameQueryParameter;
+                &project-enabledQueryParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/ProjectsListResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &projects-linksResponseParameter;
+                &projectsObjectParameter;
+                &project-descriptionResponseParameter;
+                &project-domain_idResponseParameter;
+                &project-enabledResponseParameter;
+                &project-idResponseParameter;
+                &project-is_domainResponseParameter;
+                &project-linksResponseParameter;
+                &project-nameResponseParameter;
+                &project-parent_idResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Create project                                        -->
+    <!-- ***************************************************** -->
+    <method name="POST" id="createProject">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Create project">
+            <para role="shortdesc">
+                Creates a project.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/ProjectCreateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &projectObjectParameter;
+                &project-descriptionRequestParameter;
+                &project-domain_idRequestParameter;
+                &project-enabledRequestParameter;
+                &project-is_domainRequestParameter;
+                &project-nameRequestParameter;
+                &project-parent_idRequestParameter;
+            </representation>
+        </request>
+        <response status="201">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/ProjectCreateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &projectObjectParameter;
+                &project-is_domainResponseParameter;
+                &project-descriptionResponseParameter;
+                &project-linksResponseParameter;
+                &project-enabledResponseParameter;
+                &project-idResponseParameter;
+                &project-parent_idResponseParameter;
+                &project-domain_idResponseParameter;
+                &project-nameResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Show project details                                  -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="getProject">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Show project details">
+            <para role="shortdesc">
+                Shows details for a project.
+            </para>
+        </wadl:doc>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/ProjectGetResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &projectObjectParameter;
+                &project-is_domainResponseParameter;
+                &project-descriptionResponseParameter;
+                &project-linksResponseParameter;
+                &project-enabledResponseParameter;
+                &project-idResponseParameter;
+                &project-parent_idResponseParameter;
+                &project-domain_idResponseParameter;
+                &project-nameResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Update project                                        -->
+    <!-- ***************************************************** -->
+    <method name="PATCH" id="updateProject">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Update project">
+            <para role="shortdesc">
+                Updates a project.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/ProjectUpdateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &projectObjectParameter;
+                &project-descriptionRequestParameter;
+                &project-domain_idRequestParameter;
+                &project-enabledRequestParameter;
+                &project-nameRequestOptParameter;
+                &project-parent_idRequestParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/ProjectUpdateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &projectObjectParameter;
+                &project-is_domainResponseParameter;
+                &project-descriptionResponseParameter;
+                &project-linksResponseParameter;
+                &project-enabledResponseParameter;
+                &project-idResponseParameter;
+                &project-parent_idResponseParameter;
+                &project-domain_idResponseParameter;
+                &project-nameResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Delete project                                        -->
+    <!-- ***************************************************** -->
+    <method name="DELETE" id="deleteProject">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Delete project">
+            <para role="shortdesc">
+                Deletes a project.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Enable or disable project and subtree                 -->
+    <!-- ***************************************************** -->
+    <method name="PATCH" id="enableProject">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Enable or disable project and its subtree">
+            <para role="shortdesc">
+                (Since v3.6) Enables or disables a project and its entire
+                subtree.
+            </para>
+            <para>
+                A project subtree includes all projects beneath the parent
+                project in the hierarchy.
+            </para>
+            <para>
+                If you include attributes other than the <code>enabled</code>
+                attribute, this call fails and returns the <code>Bad Request
+                (400)</code> response code.
+            </para>
+            <para>
+                If you perform this action against a project that acts as a
+                domain (<code>is_domain</code> is set to <code>true</code>,
+                this call fails and returns the <code>Forbidden (403)</code>
+                response code.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/ProjectEnableRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &projectObjectParameter;
+                &project-cascade-enabledRequestParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/ProjectUpdateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &projectObjectParameter;
+                &project-is_domainResponseParameter;
+                &project-descriptionResponseParameter;
+                &project-linksResponseParameter;
+                &project-enabledResponseParameter;
+                &project-idResponseParameter;
+                &project-parent_idResponseParameter;
+                &project-domain_idResponseParameter;
+                &project-nameResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Delete project subtree                                -->
+    <!-- ***************************************************** -->
+    <method name="DELETE" id="deleteProjectSubtree">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Delete project subtree">
+            <para role="shortdesc">
+                (Since v3.6) Deletes a project and its entire
+                subtree.
+            </para>
+            <para>
+                 A project subtree includes all projects beneath the parent
+                 project in the hierarchy. You must disable the projects in
+                 the subtree before you perform this operation.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- REGIONS                                               -->
+    <!-- ***************************************************** -->
+    <!-- ***************************************************** -->
+    <!-- List regions                                          -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="listRegions">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="List regions">
+            <para role="shortdesc">
+                Lists regions.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                &parent_region_idQueryParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/RegionsListResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &regions-linksResponseParameter;
+                &regionsObjectParameter;
+                &region-descriptionResponseParameter;
+                &region-idResponseParameter;
+                &region-linksResponseParameter;
+                &region-parent_region_idResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Create region                                         -->
+    <!-- ***************************************************** -->
+    <method name="POST" id="createRegion">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Create region">
+            <para role="shortdesc">
+                Creates a region.
+            </para>
+            <para>
+                When you create the region, you can optionally specify a
+                region ID. If you include characters in the region ID that are
+                not allowed in a URI, you must URL-encode the ID. If you omit
+                an ID, the API assigns an ID to the region.
+            </para>
+            <para>
+                The following errors might occur:
+            </para>
+            <itemizedlist>
+                <listitem>
+                    <para>
+                        <code>Not Found (404)</code>. The specified parent
+                        region ID does not exist.
+                    </para>
+                </listitem>
+                <listitem>
+                    <para>
+                        <code>Conflict (409)</code>. The specified
+                        parent region ID would form a circular relationship.
+                    </para>
+                </listitem>
+                <listitem>
+                    <para>
+                        <code>Conflict (409)</code>. The specified user-defined
+                        region ID is not unique to the OpenStack deployment.
+                    </para>
+                </listitem>
+            </itemizedlist>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/RegionCreateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &regionObjectParameter;
+                &region-descriptionRequestParameter;
+                &region-idRequestParameter;
+                &region-parent_region_idRequestParameter;
+            </representation>
+        </request>
+        <response status="201">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/RegionCreateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &regionObjectParameter;
+                &region-descriptionResponseParameter;
+                &region-idResponseParameter;
+                &region-linksResponseParameter;
+                &region-parent_region_idResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Show region details                                   -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="getRegion">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Show region details">
+            <para role="shortdesc">
+                Shows details for a region, by ID.
+            </para>
+        </wadl:doc>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/RegionGetResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &regionObjectParameter;
+                &region-descriptionResponseParameter;
+                &region-idResponseParameter;
+                &region-linksResponseParameter;
+                &region-parent_region_idResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Update region                                         -->
+    <!-- ***************************************************** -->
+    <method name="PATCH" id="updateRegion">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Update region">
+            <para role="shortdesc">
+                Updates a region.
+            </para>
+            <para>
+                You can update the description or parent region ID for a region.
+                You cannot update the region ID.
+            </para>
+            <para>
+                The following error might occur:
+            </para>
+            <itemizedlist>
+                <listitem>
+                    <para>
+                        <code>Not Found (404)</code>. The specified parent
+                        region ID does not exist.
+                    </para>
+                </listitem>
+           </itemizedlist>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/RegionUpdateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &regionObjectParameter;
+                &region-descriptionRequestParameter;
+                &region-parent_region_idRequestParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/RegionUpdateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &regionObjectParameter;
+                &region-descriptionResponseParameter;
+                &region-idResponseParameter;
+                &region-linksResponseParameter;
+                &region-parent_region_idResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Delete region                                         -->
+    <!-- ***************************************************** -->
+    <method name="DELETE" id="deleteRegion">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Delete region">
+            <para role="shortdesc">
+                Deletes a region.
+            </para>
+            <para>
+                The following error might occur:
+            </para>
+            <itemizedlist>
+                <listitem>
+                    <para>
+                        <code>Conflict (409)</code>. The specified region
+                        cannot be deleted because it has child regions.
+                    </para>
+                </listitem>
+            </itemizedlist>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- ROLES                                                 -->
+    <!-- ***************************************************** -->
+    <!-- ***************************************************** -->
+    <!-- List roles                                            -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="listRoles">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="List roles">
+            <para role="shortdesc">
+                Lists roles.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                &role-nameQueryParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/RolesListResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &roles-linksResponseParameter;
+                &rolesObjectParameter;
+                &role-idResponseParameter;
+                &role-linksResponseParameter;
+                &role-nameResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Create role                                           -->
+    <!-- ***************************************************** -->
+    <method name="POST" id="createRole">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Create role">
+            <para role="shortdesc">
+                Creates a role.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/RoleCreateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &roleObjectParameter;
+                &role-nameRequestParameter;
+            </representation>
+        </request>
+        <response status="201">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/RoleCreateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &roleObjectParameter;
+                &role-idResponseParameter;
+                &role-linksResponseParameter;
+                &role-nameResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Show role details                                     -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="getRole">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Show role details">
+            <para role="shortdesc">
+                Shows details for a role.
+            </para>
+        </wadl:doc>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/RoleGetResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &roleObjectParameter;
+                &role-idResponseParameter;
+                &role-linksResponseParameter;
+                &role-nameResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Update role                                           -->
+    <!-- ***************************************************** -->
+    <method name="PATCH" id="updateRole">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Update role">
+            <para role="shortdesc">
+                Updates a role.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/RoleUpdateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &roleObjectParameter;
+                &role-nameRequestParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/RoleUpdateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &roleObjectParameter;
+                &role-idResponseParameter;
+                &role-linksResponseParameter;
+                &role-nameResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Delete role                                           -->
+    <!-- ***************************************************** -->
+    <method name="DELETE" id="deleteRole">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Delete role">
+            <para role="shortdesc">
+                Deletes a role.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Grant role to user on domain                          -->
+    <!-- ***************************************************** -->
+    <method name="PUT" id="grantDomainUserRole">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Grant role to user on domain">
+            <para role="shortdesc">
+                Grants a role to a user on a domain.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Grant role to group on domain                         -->
+    <!-- ***************************************************** -->
+    <method name="PUT" id="grantDomainGroupRole">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Grant role to group on domain">
+            <para role="shortdesc">
+                Grants a role to a group on a domain.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- The following call doesn't seem to work -->
+    <!-- ***************************************************** -->
+    <!-- List roles for user on domain                         -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="listDomainUserRoles">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="List roles for user on domain">
+            <para role="shortdesc">
+                Lists roles for a user on a domain.
+            </para>
+        </wadl:doc>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/DomainListUserRolesResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &rolesObjectParameter;
+                &role-idResponseParameter;
+                &role-linksResponseParameter;
+                &role-nameResponseParameter;
+                &roles-linksResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- List roles for group on domain                        -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="listDomainGroupRoles">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="List roles for group on domain">
+            <para role="shortdesc">
+                Lists roles for a group on a domain.
+            </para>
+        </wadl:doc>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/DomainListGroupRolesResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Check whether user has role on domain                 -->
+    <!-- ***************************************************** -->
+    <method name="HEAD" id="checkDomainUserRole">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Check whether user has role on domain">
+            <para role="shortdesc">
+                Validates that a user has a role on a domain.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Check whether group has role on domain                -->
+    <!-- ***************************************************** -->
+    <method name="HEAD" id="checkDomainGroupRole">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Check whether group has role on domain">
+            <para role="shortdesc">
+                Validates that a group has a role on a domain.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Revoke role from user on domain                       -->
+    <!-- ***************************************************** -->
+    <method name="DELETE" id="revokeDomainUserRole">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Revoke role from user on domain">
+            <para role="shortdesc">
+                Revokes a role from a user on a domain.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Revoke role from group on domain                      -->
+    <!-- ***************************************************** -->
+    <method name="DELETE" id="revokeDomainGroupRole">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Revoke role from group on domain">
+            <para role="shortdesc">
+                Revokes a role from a group on a domain.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- GRANT ROLE TO USER ON PROJECT                         -->
+    <!-- ***************************************************** -->
+    <method name="PUT" id="grantProjectUserRole">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Grant role to user on project">
+            <para role="shortdesc">
+                Grants a role to a user on a project.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- GRANT ROLE TO GROUP ON PROJECT                        -->
+    <!-- ***************************************************** -->
+    <method name="PUT" id="grantProjectGroupRole">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Grant role to group on project">
+            <para role="shortdesc">
+                Grants a role to a group on a project.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- LIST ROLES FOR USER ON PROJECT                        -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="listProjectUserRoles">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="List roles for user on project">
+            <para role="shortdesc">
+                Lists roles for a user on a project.
+            </para>
+        </wadl:doc>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/ProjectListUserRolesResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- LIST ROLES FOR GROUP ON PROJECT                       -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="listProjectGroupRoles">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="List roles for group on project">
+            <para role="shortdesc">
+                Lists roles for a group on a project.
+            </para>
+        </wadl:doc>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/ProjectListGroupRolesResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- CHECK WHETHER USER HAS ROLE ON PROJECT                -->
+    <!-- ***************************************************** -->
+    <method name="HEAD" id="checkProjectUserRole">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Check whether user has role on project">
+            <para role="shortdesc">
+                Validates that a user has a role on a project.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- CHECK WHETHER GROUP HAS ROLE ON PROJECT               -->
+    <!-- ***************************************************** -->
+    <method name="HEAD" id="checkProjectGroupRole">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Check whether group has role on project">
+            <para role="shortdesc">
+                Validates that a group has a role on a project.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- REVOKE ROLE FROM USER ON PROJECT                      -->
+    <!-- ***************************************************** -->
+    <method name="DELETE" id="revokeProjectUserRole">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Revoke role from user on project">
+            <para role="shortdesc">
+                Revokes a role from a user on a project.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- REVOKE ROLE FROM GROUP ON PROJECT                     -->
+    <!-- ***************************************************** -->
+    <method name="DELETE" id="revokeProjectGroupRole">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Revoke role from group on project">
+            <para role="shortdesc">
+                Revokes a role from a group on a project.
+            </para>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- ROLE ASSIGNMENTS                                      -->
+    <!-- ***************************************************** -->
+    <!-- LIST EFFECTIVE ROLE ASSIGNMENTS                       -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="listRoleAssignments">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="List role assignments">
+            <para role="shortdesc">
+                Lists role assignments.
+            </para>
+        </wadl:doc>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    title="List all role assignments: JSON response">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/RoleAssignmentsList.txt"
                         />
                     </xsdxt:sample>
-                </wadl:doc> &tokenResponseParam;
-                &expires_at-ResponseParameter; &issued_at-ResponseParameter;
-                &methodsRequestParam; &userRequestParam;
-                &domainRequestParam; &domain-idResponseParam;
-                &domain-linksResponseParam; &domain-nameResponseParam;
-                &user-idResponseParam; &user-linksResponseParam;
-                &user-nameResponseParam; </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="HEAD" id="checkTokens">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/RoleAssignmentsListResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                <param name="role_assignments" style="plain" type="xsd:string"
+                    xmlns="http://wadl.dev.java.net/2009/02"
+                    required="true">
+                    <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                        xmlns:wadl="http://wadl.dev.java.net/2009/02"
+                        xml:lang="EN">
+                        <para>
+                            A <code>role_assignments</code> object.
+                        </para>
+                    </wadl:doc>
+                </param>
+            </representation>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    title="List effective role assignments: JSON response">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/RoleAssignmentsEffectiveList.txt"
+                        />
+                    </xsdxt:sample>
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/RoleAssignmentsEffectiveListResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- SERVICE CATALOG                                       -->
+    <!-- ***************************************************** -->
+    <!-- ***************************************************** -->
+    <!-- List services                                         -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="listServices">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="List services">
+            <para role="shortdesc">
+                Lists all services.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                &service-typeQueryParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/ServicesListResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &services-linksResponseParameter;
+                &servicesObjectParameter;
+                &service-descriptionResponseParameter;
+                &service-enabledResponseParameter;
+                &service-idResponseParameter;
+                &service-linksResponseParameter;
+                &service-nameResponseParameter;
+                &service-typeResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Create service                                        -->
+    <!-- ***************************************************** -->
+    <method name="POST" id="createService">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Create service">
+            <para role="shortdesc">
+                Creates a service.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/ServiceCreateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &service-typeRequestParameter;
+                &service-service_idRequestParameter;
+                &service-nameRequestParameter;
+                &service-descriptionRequestParameter;
+                &service-enabledRequestParameter;
+            </representation>
+        </request>
+        <response status="201">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/ServiceCreateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &service-linksResponseParameter;
+                &servicesObjectParameter;
+                &service-descriptionResponseParameter;
+                &service-idResponseParameter;
+                &service-nameResponseParameter;
+                &service-typeResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Show service detail                                   -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="getService">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Show service details">
+            <para role="shortdesc">
+                Shows details for a service.
+            </para>
+        </wadl:doc>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/ServiceGetResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &service-linksResponseParameter;
+                &servicesObjectParameter;
+                &service-descriptionResponseParameter;
+                &service-idResponseParameter;
+                &service-nameResponseParameter;
+                &service-typeResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Update service                                        -->
+    <!-- ***************************************************** -->
+    <method name="PATCH" id="updateService">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Update service">
+            <para role="shortdesc">
+                Updates a service.
+            </para>
+            <para>
+                The request body is the same as the create service request
+                body, except that you include only those attributes that you
+                want to update.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/ServiceUpdateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &service-typeRequestParameter;
+                &service-nameRequestParameter;
+                &service-descriptionRequestParameter;
+                &service-enabledRequestParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/ServiceUpdateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &service-linksResponseParameter;
+                &servicesObjectParameter;
+                &service-descriptionResponseParameter;
+                &service-idResponseParameter;
+                &service-nameResponseParameter;
+                &service-typeResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Delete service                                        -->
+    <!-- ***************************************************** -->
+    <method name="DELETE" id="deleteService">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Delete service">
+            <para role="shortdesc">
+                Deletes a service.
+            </para>
+            <warning>
+                <para>
+                    If you try to delete a service that still has associated
+                    endpoints, this call either deletes all associated
+                    endpoints or fails until all endpoints are deleted.
+                </para>
+            </warning>
+        </wadl:doc>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- TOKENS                                                -->
+    <!-- ***************************************************** -->
+    <!-- ************************************************************* -->
+    <!-- Authenticate - password method with unscoped authorization    -->
+    <!-- ************************************************************* -->
+    <method name="POST" id="authenticatePasswordUnscoped">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Password authentication with unscoped authorization">
+            <para role="shortdesc">
+                Authenticates an identity and generates a token. Uses the
+                password authentication method. Authorization is unscoped.
+            </para>
+            <para>
+                The request body must include a payload that specifies
+                the authentication method, which is <code>password</code>, and
+                the user, by ID or name, and password credentials.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    title="Password authentication with user ID: JSON request">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/Auth-Password-UnscopedRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    title="Password authentication with user name and domain: JSON request">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/Auth-Password-UserName-UnscopedRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &nocatalogQueryParameter;
+                &authObjectParameter;
+                &identityObjectParameter;
+                &auth-methods-passwordRequestParameter;
+                &passwordObjectRequestParameter;
+                &userObjectParameter;
+                &password-auth-user-idRequestParameter;
+                &password-auth-user-nameRequestParameter;
+                &password-auth-domainRequestParameter;
+                &password-auth-domain-idRequestParameter;
+                &password-auth-domain-nameRequestParameter;
+                &password-auth-passwordRequestParameter;
+            </representation>
+        </request>
+        <response status="201">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    title="Password authentication with user ID: JSON response">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/Auth-Password-UnscopedResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &subjectTokenResponseHeader;
+                &tokenObjectParameter;
+                &auth-methodsResponseParameter;
+                &expires_at-ResponseParameter;
+                &extrasResponseParameter;
+                &password-auth-userResponseParameter;
+                &password-auth-domainResponseParameter;
+                &password-auth-domain-idResponseParameter;
+                &password-auth-domain-nameResponseParameter;
+                &password-auth-user-idResponseParameter;
+                &password-auth-user-nameResponseParameter;
+                &audit_idsResponseParameter;
+                &issued_at-ResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Authenticate - password method - scoped               -->
+    <!-- ***************************************************** -->
+    <method name="POST" id="authenticatePasswordScoped">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Password authentication with scoped authorization">
+            <para role="shortdesc">
+                Authenticates an identity and generates a token. Uses the
+                password authentication method and scopes authorization to a
+                project or domain.
+            </para>
+            <para>
+                The request body must include a payload that specifies the
+                <code>password</code> authentication method, the credentials,
+                and the <code>project</code> or <code>domain</code>
+                authorization scope.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    title="Password authentication with project scope: JSON request">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/Auth-Password-Project-ScopedRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &nocatalogQueryParameter;
+                &authObjectParameter;
+                &identityObjectParameter;
+                &auth-methods-passwordRequestParameter;
+                &passwordObjectRequestParameter;
+                &auth-scopeRequestParameter;
+                &userObjectParameter;
+                &password-auth-user-idRequestParameter;
+                &password-auth-user-nameRequestParameter;
+                &user-passwordRequestParameter;
+            </representation>
+        </request>
+        <response status="201">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    title="Password authentication with project scope: JSON response">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/Auth-Password-Project-ScopedResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &subjectTokenResponseHeader;
+                &tokenObjectParameter;
+                &auth-methodsResponseParameter;
+                &rolesResponseParameter;
+                &roles-idResponseParameter;
+                &roles-nameResponseParameter;
+                &projectObjectParameter;
+                &domainObjectParameter;
+                &domain-idResponseParameter;
+                &domain-nameResponseParameter;
+                &project-idResponseParameter;
+                &project-nameResponseParameter;
+                &catalogObjectParameter;
+                &endpointsObjectParameter;
+                &endpoint-region_idResponseParameter;
+                &endpoint-urlResponseParameter;
+                &endpoint-regionResponseParameter;
+                &endpoint-interfaceResponseParameter;
+                &region-idResponseParameter;
+                &endpoint-typeResponseParameter;
+                &endpoint-idResponseParameter;
+                &endpoint-nameResponseParameter;
+                &expires_at-ResponseParameter;
+                &extrasResponseParameter;
+                &password-auth-userResponseParameter;
+                &password-auth-domainResponseParameter;
+                &password-auth-domain-idResponseParameter;
+                &password-auth-domain-nameResponseParameter;
+                &password-auth-user-idResponseParameter;
+                &password-auth-user-nameResponseParameter;
+                &audit_idsResponseParameter;
+                &issued_at-ResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Authenticate - password method - explicit unscoped    -->
+    <!-- ***************************************************** -->
+    <method name="POST" id="authenticatePasswordExplicitUnscoped">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Password authentication with explicit unscoped authorization">
+            <para role="shortdesc">
+                Authenticates an identity and generates a token. Uses the
+                password authentication method with explicit unscoped
+                authorization.
+            </para>
+            <para>
+                The request body must include a payload that specifies the
+                <code>password</code> authentication method, the credentials,
+                and the <code>unscoped</code> authorization scope.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    title="Password authentication explicit unscoped: JSON request">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/Auth-Password-Explicit-UnscopedRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &nocatalogQueryParameter;
+                &authObjectParameter;
+                &identityObjectParameter;
+                &auth-methods-passwordRequestParameter;
+                &passwordObjectRequestParameter;
+                &auth-unscopedRequestParameter;
+                &userObjectParameter;
+                &password-auth-user-idRequestParameter;
+                &password-auth-user-nameRequestParameter;
+                &user-passwordRequestParameter;
+            </representation>
+        </request>
+        <response status="201">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    title="Password authentication explicit unscoped: JSON request">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/Auth-Password-Explicit-UnscopedResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &subjectTokenResponseHeader;
+                &tokenObjectParameter;
+                &auth-methodsResponseParameter;
+                &rolesResponseParameter;
+                &roles-idResponseParameter;
+                &roles-nameResponseParameter;
+                &expires_at-ResponseParameter;
+                &extrasResponseParameter;
+                &password-auth-userResponseParameter;
+                &password-auth-domainResponseParameter;
+                &password-auth-domain-idResponseParameter;
+                &password-auth-domain-nameResponseParameter;
+                &password-auth-user-idResponseParameter;
+                &password-auth-user-nameResponseParameter;
+                &audit_idsResponseParameter;
+                &issued_at-ResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ******************************************************** -->
+    <!-- Authenticate - token method with unscoped authorization  -->
+    <!-- ******************************************************** -->
+    <method name="POST" id="authenticateTokenUnscoped">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Token authentication with unscoped authorization">
+            <para role="shortdesc">
+                Authenticates an identity and generates a token. Uses the
+                token authentication method. Authorization is unscoped.
+            </para>
+            <para>
+                In the request body, provide the token ID.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    title="Token authentication unscoped: JSON request">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/Auth-Token-UnscopedRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &nocatalogQueryParameter;
+                &authObjectParameter;
+                &identityObjectParameter;
+                &auth-methods-tokenRequestParameter;
+                &tokenObjectRequestParameter;
+                &token-idRequestParameter;
+            </representation>
+        </request>
+        <response status="201">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    title="Token authentication unscoped: JSON response">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/Auth-Token-UnscopedResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &authTokenHeader;
+                &subjectTokenResponseHeader;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Authenticate - token method - scoped                  -->
+    <!-- ***************************************************** -->
+    <method name="POST" id="authenticateTokenScoped">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Token authentication with scoped authorization">
+            <para role="shortdesc">
+                Authenticates an identity and generates a token. Uses the
+                token authentication method and scopes authorization to a
+                project or domain.
+            </para>
+            <para>
+                In the request body, provide the token ID and the <code>project</code> or
+                <code>domain</code> authorization scope.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    title="Token authentication with project scope: JSON request">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/Auth-Token-ScopedRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &nocatalogQueryParameter;
+                &authObjectParameter;
+                &identityObjectParameter;
+                &auth-methods-tokenRequestParameter;
+                &tokenObjectRequestParameter;
+                &token-idRequestParameter;
+                &auth-scopeRequestParameter;
+            </representation>
+        </request>
+        <response status="201">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    title="Token authentication with project scope: JSON response">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/Auth-Token-ScopedResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &authTokenHeader;
+                &subjectTokenResponseHeader;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Validate and show information for token               -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="validateToken">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Validate and show information for token">
+            <para role="shortdesc">
+                Validates and shows information for a token, including its expiration date and
+                authorization scope.
+            </para>
+            <para>
+                Pass your own token in the <code>X-Auth-Token</code> request header.
+            </para>
+            <para>
+                Pass the token to be validated in the <code>X-Subject-Token</code> request header.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/TokenValidateRequest.txt"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &authTokenHeader;
+                &subjectTokenRequestHeader;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/Auth-Token-UnscopedResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &authTokenHeader;
+                &subjectTokenResponseHeader;
+                &tokenObjectParameter;
+                &expires_at-ResponseParameter;
+                &issued_at-ResponseParameter;
+                &auth-methodsResponseParameter;
+                &userObjectParameter;
+                &auth-domainResponseParameter;
+                &auth-domain-idResponseParameter;
+                &auth-domain-linksResponseParameter;
+                &auth-domain-nameResponseParameter;
+                &auth-user-idResponseParameter;
+                &auth-user-linksResponseParameter;
+                &auth-user-nameResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Validates a token                                     -->
+    <!-- ***************************************************** -->
+    <method name="HEAD" id="checkToken">
         <wadl:doc xmlns="http://docbook.org/ns/docbook"
             xmlns:wadl="http://wadl.dev.java.net/2009/02"
             xml:lang="EN" title="Check token">
@@ -802,7 +3317,7 @@
                     The Identity API returns the same response as when the
                     subject token was issued by <code>POST /auth/tokens</code>
                     even if an error occurs because the token is not valid. An
-                    HTTP <code>204</code> status code indicates that the
+                    HTTP <code>204</code> response code indicates that the
                     <code>X-Subject-Token</code> is valid.
                 </para>
             </important>
@@ -813,14 +3328,22 @@
                     xml:lang="EN">
                     <xsdxt:sample>
                         <xsdxt:code
-                            href="../samples/TokenValidateRequest.txt"
-                        />
+                            href="../samples/admin/TokenValidateRequest.txt"/>
                     </xsdxt:sample>
-                </wadl:doc> &authTokenHeader; &subjectTokenHeader;
+                </wadl:doc>
+                &authTokenHeader;
+                &subjectTokenRequestHeader;
             </representation>
         </request>
-        <!--There is no response.  As noted above, an HTTP 204 indicates success-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
+        <response status="200">
+            &authTokenHeader;
+            &subjectTokenResponseHeader;
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Revoke token                                          -->
+    <!-- ***************************************************** -->
     <method name="DELETE" id="revokeTokens">
         <wadl:doc xmlns="http://docbook.org/ns/docbook"
             xmlns:wadl="http://wadl.dev.java.net/2009/02"
@@ -829,10 +3352,10 @@
                 Revokes a token.
             </para>
             <para>
-                This call is similar to <code>HEAD /auth/tokens</code> except
-                that the <code>X-Subject-Token</code> token is immediately not
-                valid, regardless of the <code>expires_at</code> attribute
-                value. An additional <code>X-Auth-Token</code> is not
+                This call is similar to the &HEAD; <code>/auth/tokens</code>
+                call except that the <code>X-Subject-Token</code> token is
+                immediately not valid, regardless of the <code>expires_at</code>
+                attribute value. An additional <code>X-Auth-Token</code> is not
                 required.
             </para>
         </wadl:doc>
@@ -842,818 +3365,21 @@
                     xml:lang="EN">
                     <xsdxt:sample>
                         <xsdxt:code
-                            href="../samples/TokenValidateRequest.txt"
-                        />
+                            href="../samples/admin/TokenValidateRequest.txt"/>
                     </xsdxt:sample>
-                </wadl:doc> &authTokenHeader; &subjectTokenHeader;
-            </representation>
-        </request> &commonFaults; &getFaults; </method>
-    <method name="GET" id="listRevokedTokens">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="List revoked tokens">
-            <para role="shortdesc">
-                Lists revoked PKI tokens.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/RevokedListRequest.txt"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc> &authTokenHeader; &subjectTokenHeader;
+                </wadl:doc>
+                &authTokenHeader;
+                &subjectTokenRequestHeader;
             </representation>
         </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/RevokedListResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc> &authTokenHeader; &subjectTokenHeader;
-            </representation>
-        </response>
-        &commonFaults; &getFaults;
+        &postPutDeleteFaults;
     </method>
-    <!--Catalog Operations-->
-    <method name="GET" id="listServices">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="List services">
-            <para role="shortdesc">
-                Lists services.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <request>
-            <representation mediaType="application/json">
-                &typeQueryParam; </representation>
-        </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/ServicesListResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc> &servicesResponseParam;
-                &descriptionResponseParam;
-                &enabledServiceResponseParam;
-                &service_idResponseParam;
-                &service_linksResponseParam;
-                &service_nameResponseParam;
-                &service_typeResponseParam;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="POST" id="createService">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Create service">
-            <para role="shortdesc">
-                Creates a service.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/ServiceCreateRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                &service_typeRequestParam;
-                &serviceNameRequestParam;
-                &enabledServiceRequestParam;
-            </representation>
-        </request>
-        <response status="201">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/ServiceCreateResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc> &linksResponseParam;
-                &servicesResponseParam; &descriptionResponseParam;
-                &service_idResponseParam; &service_linksResponseParam;
-                &service_nameResponseParam;
-                &service_typeResponseParam; </representation>
-        </response> &commonFaults; &getFaults; </method>
-
-    <method name="GET" id="getService">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Show service details">
-            <para role="shortdesc">
-                Shows details for a service.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/ServiceGetResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc> &serviceResponseParam;
-                &descriptionResponseParam;
-                &enabledServiceResponseParam;
-                &service_idResponseParam;
-                &service_linksResponseParam;
-                &service_nameResponseParam;
-                &service_typeResponseParam; </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="PATCH" id="updateService">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Update service">
-            <para role="shortdesc">
-                Updates a service.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/ServiceUpdateRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>&service_typeRequestParam; </representation>
-        </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/ServiceUpdateResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc> &servicesResponseParam;
-                &service_idResponseParam; &service_typeResponseParam;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="DELETE" id="deleteService">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Delete service">
-            <para role="shortdesc">
-                Deletes a service.
-            </para>
-            <warning>
-                <para>
-                    If you try to delete a service when endpoints exist, this
-                    call either deletes all associated endpoints or fails
-                    until all endpoints are deleted.
-                </para>
-            </warning>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <!--Endpoint Operations-->
-    <method name="GET" id="listEndpoints">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="List endpoints">
-            <para role="shortdesc">
-                Lists available endpoints.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <request>
-            <representation mediaType="application/json">
-                &interfaceQueryParam;
-                &service_idQueryParam;
-            </representation>
-        </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/EndpointsListResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                &endpointsResponseParam;
-                &enabledEndpointResponseParam;
-                &idEndpointResponseParam;
-                &interfaceRequestParam;
-                &linksEndpointResponseParam;
-                &regionRequestParam;
-                &regionIdRequestParam;
-                &service_idRequestParam;
-                &urlRequestParam;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="POST" id="createEndpoint">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Create endpoint">
-            <para role="shortdesc">
-                Creates an endpoint.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/EndpointCreateRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>&endpointRequestParam;
-                &interfaceRequestParam; &nameRequestParam;
-                &regionIdRequestParam; &urlRequestParam;
-                &service_idRequestParam; </representation>
-        </request>
-        <response status="201">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/EndpointCreateResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>&endpointRequestParam;
-                &interfaceRequestParam; &linksResponseParam;
-                &nameRequestParam; &regionIdRequestParam;
-                &urlRequestParam; &service_idRequestParam;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="PATCH" id="updateEndpoint">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Update endpoint">
-            <para role="shortdesc">
-                Updates an endpoint.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/EndpointUpdateRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>&endpointRequestParam;
-                &interfaceRequestParamOpt; &nameRequestParam;
-                &regionIdRequestParam; &urlRequestParamOpt;
-                &service_idRequestParamOpt; </representation>
-        </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/EndpointUpdateResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc> &endpointRequestParam;
-                &interfaceRequestParam; &linksResponseParam;
-                &nameRequestParam; &regionIdRequestParam;
-                &urlRequestParam; &service_idRequestParam;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="DELETE" id="deleteEndpoint">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Delete endpoint">
-            <para role="shortdesc">
-                Deletes an endpoint.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <!--Domain Operations-->
-    <method name="GET" id="listDomains">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="List domains">
-            <para role="shortdesc">
-                Lists domains.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <request>
-            <representation mediaType="application/json">
-                &nameQueryParam; &enabledQueryParam; </representation>
-        </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    title="List domains: JSON response">
-                    <xsdxt:sample title="List domains: JSON response">
-                        <xsdxt:code
-                            href="../samples/DomainsListResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc> &descriptionResponseParam;
-                &enabledResponseParam; &domain-idResponseParam;
-                &linksResponseParam; &nameResponseParam;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="POST" id="createDomain">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Create domain">
-            <para role="shortdesc">
-                Creates a domain.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/DomainCreateRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                &domain_descriptionRequestParam;
-                &domain_enabledRequestParam; &domain_nameRequestParam;
-            </representation>
-        </request>
-        <response status="201">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/DomainCreateResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc> &descriptionResponseParam;
-                &enabledResponseParam; &domain-idResponseParam;
-                &linksResponseParam; &nameResponseParam;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="GET" id="getDomain">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Show domain details">
-            <para role="shortdesc">
-                Shows details for a domain.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/DomainGetResponse.json"/>
-                    </xsdxt:sample>
-                </wadl:doc> &domainsResponseParam;
-                &descriptionResponseParam; &enabledResponseParam;
-                &domain-idResponseParam; &linksResponseParam;
-                &nameResponseParam; </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="PATCH" id="updateDomain">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Update domain">
-            <para role="shortdesc">
-                Updates a domain.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/DomainUpdateRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                &domain_descriptionRequestParam;
-                &domain_enabledRequestParam; &domain_nameRequestParam;
-            </representation>
-        </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/DomainUpdateResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="DELETE" id="deleteDomain">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Delete domain">
-            <para role="shortdesc">
-                Deletes a domain.
-            </para>
-            <para>
-                To minimize the risk of accidentally deleting a domain, you
-                must first disable the domain by using the update domain method.
-                If you try to delete an enabled domain, this call returns an
-                HTTP <code>Forbidden (403)</code> status code.
-            </para>
-            <warning>
-                <para>
-                    When you delete a domain, this call also deletes all
-                    entities owned by it, such as users, groups, and projects,
-                    and any credentials and granted roles that relate to those
-                    entities.
-                </para>
-            </warning>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <method name="GET" id="listDomainUserRoles">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="List roles for domain user">
-            <para role="shortdesc">
-                Lists roles for a user on a domain.
-            </para>
-        </wadl:doc>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/DomainListUserRolesResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="PUT" id="grantDomainUserRole">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Grant role to domain user">
-            <para role="shortdesc">
-                Grants a role to a domain user.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <method name="HEAD" id="checkDomainUserRole">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Check role for domain user">
-            <para role="shortdesc">
-                Validates that a user has a role on a
-                domain.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <method name="DELETE" id="revokeDomainUserRole">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Revoke role from domain user">
-            <para role="shortdesc">
-                Revokes a role from a domain user.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <method name="GET" id="listDomainGroupRoles">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="List roles for domain group">
-            <para role="shortdesc">
-                Lists roles for a domain group.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/DomainListGroupRolesResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="PUT" id="grantDomainGroupRole">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Grant role to domain group">
-            <para role="shortdesc">Grants a role to a
-                 domain group.</para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <method name="HEAD" id="checkDomainGroupRole">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Check role for domain group">
-            <para role="shortdesc">
-                Validates that a group has a role on a
-                domain.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <method name="DELETE" id="revokeDomainGroupRole">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Revoke role from domain group">
-            <para role="shortdesc">
-                Revokes a role from a group on a domain.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <!--Project Operations-->
-    <method name="GET" id="listProjects">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="List projects">
-            <para role="shortdesc">Lists projects.</para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <request>
-            <representation mediaType="application/json">
-                &domain_idQueryParam; &parent_idQueryParam;
-                &nameQueryParam; &enabledQueryParam;
-            </representation>
-        </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/ProjectsListResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="POST" id="createProject">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Create project">
-            <para role="shortdesc">
-                Creates a project.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/ProjectCreateRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                &projectCreateRequestParams;
-            </representation>
-        </request>
-        <response status="201">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/ProjectCreateResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                &projectCreateResponseParams;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="GET" id="getProject">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Show project details">
-            <para role="shortdesc">
-                Shows details for a project.
-            </para>
-        </wadl:doc>
-
-        <!--No request body is provided-->
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/ProjectGetResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="PATCH" id="updateProject">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Update project">
-            <para role="shortdesc">
-                Updates a project.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/ProjectUpdateRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/ProjectUpdateResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="DELETE" id="deleteProject">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Delete project">
-            <para role="shortdesc">
-                Deletes a project.
-            </para>
-        </wadl:doc>
-        <!--No request body is accepted -->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <method name="GET" id="listProjectUserRoles">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="List roles for project user">
-            <para role="shortdesc">
-                Lists roles for a user in a project.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/ProjectListUserRolesResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="PUT" id="grantProjectUserRole">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Grant role to project user">
-            <para role="shortdesc">
-                Grants a role to a user in a
-                project.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <method name="HEAD" id="checkProjectUserRole">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Check role for project user">
-            <para role="shortdesc">
-                Validates that a user has a
-                 role in a project.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <method name="DELETE" id="revokeProjectUserRole">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Revoke role from project user">
-            <para role="shortdesc">
-                Revokes a role from a project
-                user.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <method name="GET" id="listProjectGroupRoles">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="List roles for project group">
-            <para role="shortdesc">
-                Lists roles for a project
-                group.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/ProjectListGroupRolesResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="PUT" id="grantProjectGroupRole">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Grant role to project group">
-            <para role="shortdesc">
-                Grants a role to a project
-                group.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <method name="HEAD" id="checkProjectGroupRole">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Check role for project group">
-            <para role="shortdesc">
-                Validates that a project group has
-                a role.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <method name="DELETE" id="revokeProjectGroupRole">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Revoke role from project group">
-            <para role="shortdesc">
-                Revokes a role from a project
-                group.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <!--User Operations-->
-    <method name="GET" id="listUsers">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="List users">
-            <para role="shortdesc">
-                Lists users.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <request>
-            <representation mediaType="application/json">
-                &domain_idQueryParam;
-                &nameQueryParam; &enabledQueryParam; </representation>
-        </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/UsersListResponse.json"/>
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
+    <!-- ***************************************************** -->
+    <!-- USERS                                                 -->
+    <!-- ***************************************************** -->
+    <!-- ***************************************************** -->
+    <!-- Create user                                           -->
+    <!-- ***************************************************** -->
     <method name="POST" id="createUser">
         <wadl:doc xmlns="http://docbook.org/ns/docbook"
             xmlns:wadl="http://wadl.dev.java.net/2009/02"
@@ -1668,10 +3394,17 @@
                     xml:lang="EN">
                     <xsdxt:sample>
                         <xsdxt:code
-                            href="../samples/UserCreateRequest.json"/>
+                            href="../samples/admin/UserCreateRequest.json"/>
                     </xsdxt:sample>
                 </wadl:doc>
-                &userCreateRequestParams;
+                &userObjectParameter;
+                &user-default_project_idRequestParameter;
+                &user-descriptionRequestParameter;
+                &user-domain_idRequestParameter;
+                &user-emailRequestParameter;
+                &user-enabledRequestParameter;
+                &user-nameRequestParameter;
+                &user-passwordRequestParameter;
             </representation>
         </request>
         <response status="201">
@@ -1680,57 +3413,37 @@
                     xml:lang="EN">
                     <xsdxt:sample>
                         <xsdxt:code
-                            href="../samples/UserCreateResponse.json"
-                        />
+                            href="../samples/admin/UserCreateResponse.json"/>
                     </xsdxt:sample>
                 </wadl:doc>
-                &userCreateResponseParams;
+                &userObjectParameter;
+                &user-default_project_idResponseParameter;
+                &user-descriptionResponseParameter;
+                &user-domain_idResponseParameter;
+                &user-emailResponseParameter;
+                &user-enabledResponseParameter;
+                &user-nameResponseParameter;
+                &user-passwordResponseParameter;
             </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="GET" id="getUser">
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- List users                                            -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="listUsers">
         <wadl:doc xmlns="http://docbook.org/ns/docbook"
             xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Show user details">
+            xml:lang="EN" title="List users">
             <para role="shortdesc">
-                Shows details for a
-                user.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/UserGetResponse.json"/>
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="PATCH" id="updateUser">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Update user">
-            <para role="shortdesc">
-                Updates the password for or enables
-                or disables a user.
-            </para>
-            <para>
-                If the back-end driver does not allow this functionality, this
-                call might return the HTTP <code>Not Implemented (501)</code>
-                status code.
+                Lists users.
             </para>
         </wadl:doc>
         <request>
             <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/UserUpdateRequest.json"/>
-                    </xsdxt:sample>
-                </wadl:doc>
+                &domain_idQueryParameter;
+                &user-nameQueryParameter;
+                &user-enabledQueryParameter;
             </representation>
         </request>
         <response status="200">
@@ -1739,12 +3452,112 @@
                     xml:lang="EN">
                     <xsdxt:sample>
                         <xsdxt:code
-                            href="../samples/UserUpdateResponse.json"
-                        />
+                            href="../samples/admin/UsersListResponse.json"/>
                     </xsdxt:sample>
                 </wadl:doc>
+                &usersObjectParameter;
+                &user-default_project_idResponseParameter;
+                &user-descriptionResponseParameter;
+                &user-domain_idResponseParameter;
+                &user-emailResponseParameter;
+                &user-enabledResponseParameter;
+                &user-nameResponseParameter;
+                &user-passwordResponseParameter;
             </representation>
-        </response> &commonFaults; &getFaults; </method>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Get user                                              -->
+    <!-- ***************************************************** -->
+    <method name="GET" id="getUser">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Show user details">
+            <para role="shortdesc">
+                Shows details for a user.
+            </para>
+        </wadl:doc>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/UserGetResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &userObjectParameter;
+                &user-default_project_idResponseParameter;
+                &user-descriptionResponseParameter;
+                &user-domain_idResponseParameter;
+                &user-emailResponseParameter;
+                &user-enabledResponseParameter;
+                &user-nameResponseParameter;
+                &user-passwordResponseParameter;
+            </representation>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Update user                                           -->
+    <!-- ***************************************************** -->
+    <method name="PATCH" id="updateUser">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Update user">
+            <para role="shortdesc">
+                Updates the password for or enables or disables a user.
+            </para>
+            <para>
+                If the back-end driver does not support this functionality, this
+                call might return the HTTP <code>Not Implemented (501)</code>
+                response code.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/UserUpdateRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &userObjectParameter;
+                &user-default_project_idRequestParameter;
+                &user-descriptionRequestParameter;
+                &user-domain_idRequestParameter;
+                &user-emailRequestParameter;
+                &user-enabledRequestParameter;
+                &user-nameRequestParameter;
+                &user-passwordRequestParameter;
+            </representation>
+        </request>
+        <response status="200">
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/UserUpdateResponse.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &userObjectParameter;
+                &user-default_project_idResponseParameter;
+                &user-descriptionResponseParameter;
+                &user-domain_idResponseParameter;
+                &user-emailResponseParameter;
+                &user-enabledResponseParameter;
+                &user-nameResponseParameter;
+                &user-passwordResponseParameter;
+            </representation>
+        </response>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Delete user                                           -->
+    <!-- ***************************************************** -->
     <method name="DELETE" id="deleteUser">
         <wadl:doc xmlns="http://docbook.org/ns/docbook"
             xmlns:wadl="http://wadl.dev.java.net/2009/02"
@@ -1753,8 +3566,40 @@
                 Deletes a user.
             </para>
         </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- Change user password                                  -->
+    <!-- ***************************************************** -->
+    <method name="POST" id="changeUserPassword">
+        <wadl:doc xmlns="http://docbook.org/ns/docbook"
+            xmlns:wadl="http://wadl.dev.java.net/2009/02"
+            xml:lang="EN" title="Change password for user">
+            <para role="shortdesc">
+                Changes the password for a user.
+            </para>
+        </wadl:doc>
+        <request>
+            <representation mediaType="application/json">
+                <wadl:doc xmlns="http://docbook.org/ns/docbook"
+                    xml:lang="EN">
+                    <xsdxt:sample>
+                        <xsdxt:code
+                            href="../samples/admin/UserUpdatePasswordRequest.json"/>
+                    </xsdxt:sample>
+                </wadl:doc>
+                &userObjectParameter;
+                &user-new-passwordRequestParameter;
+                &user-old-passwordRequestParameter;
+            </representation>
+        </request>
+        <response status="204"/>
+        &postPutDeleteFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- List user projects                                    -->
+    <!-- ***************************************************** -->
     <method name="GET" id="listUserProjects">
         <wadl:doc xmlns="http://docbook.org/ns/docbook"
             xmlns:wadl="http://wadl.dev.java.net/2009/02"
@@ -1763,849 +3608,28 @@
                 List projects for a user.
             </para>
         </wadl:doc>
-        <!--No request body is provided-->
         <response status="200">
             <representation mediaType="application/json">
                 <wadl:doc xmlns="http://docbook.org/ns/docbook"
                     xml:lang="EN">
                     <xsdxt:sample>
                         <xsdxt:code
-                            href="../samples/UserListProjectsResponse.json"
-                        />
+                            href="../samples/admin/UserListProjectsResponse.json"/>
                     </xsdxt:sample>
                 </wadl:doc>
             </representation>
-        </response> &commonFaults; &getFaults; </method>
+        </response>
+        &getFaults;
+    </method>
+    <!-- ***************************************************** -->
+    <!-- List groups to which a user belongs                   -->
+    <!-- ***************************************************** -->
     <method name="GET" id="listUserGroups">
         <wadl:doc xmlns="http://docbook.org/ns/docbook"
             xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="List groups for user">
+            xml:lang="EN" title="List groups to which a user belongs">
             <para role="shortdesc">
-                Lists groups for a user.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/UserListGroupsResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <!--Group Operations-->
-    <method name="GET" id="listGroups">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="List groups">
-            <para role="shortdesc">
-                Lists groups.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <request> &domain_idQueryParam; <representation
-                mediaType="application/json"/>
-            <representation mediaType="application/xml"/>
-        </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/GroupsListResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc> &descriptionResponseParam;
-                &domain-id-ForGroupsResponseParam; &idResponseParam;
-                &linksResponseParam; &nameResponseParam;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="POST" id="createGroup">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Create group">
-            <para role="shortdesc">
-                Creates a group.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/GroupCreateRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                &groupCreateRequestParams;
-            </representation>
-        </request>
-        <response status="201">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/GroupCreateResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                &groupObjectResponseParams;
-                &groupResponseParams;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="GET" id="getGroup">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Show group details">
-            <para role="shortdesc">
-                Shows details for a
-                group.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/GroupGetResponse.json"/>
-                    </xsdxt:sample>
-                </wadl:doc> &descriptionResponseParam;
-                &domain-id-ForGroupsResponseParam; &idResponseParam;
-                &linksResponseParam; &nameResponseParam;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="PATCH" id="updateGroup">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Update group">
-            <para role="shortdesc">
-                Updates a group.
-            </para>
-            <para>
-                If the back-end driver does not allow this functionality, this
-                operation might return the HTTP <code>Not Implemented
-                (501)</code> status code.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/GroupUpdateRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/GroupUpdateResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="DELETE" id="deleteGroup">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Delete group">
-            <para role="shortdesc">
-                Deletes a group.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <method name="PUT" id="assignUserToGroup">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Assign user to group">
-            <para role="shortdesc">
-                Assigns a user to a group.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <method name="DELETE" id="deleteGroupUser">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Remove user from group">
-            <para role="shortdesc">
-                Removes a user from a group.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <method name="HEAD" id="checkGroupUser">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Check user membership in group">
-            <para role="shortdesc">
-                Validates that a user is in a group.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <method name="GET" id="listGroupUsers">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="List users in group">
-            <para role="shortdesc">
-                Lists users in a group.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <request>
-            <representation mediaType="application/json">
-                &domain_idQueryParam; &descriptionQueryParam;
-                &nameQueryParam; &enabledQueryParam;
-            </representation>
-        </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/GroupListUsersResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <!--Credential Operations-->
-    <method name="GET" id="listCredentials">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="List credentials">
-            <para role="shortdesc">
-                Lists credentials.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <request>
-            <representation mediaType="application/json">
-                &user_idQueryParam; </representation>
-        </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/CredentialsListResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc> &blobResponseParam; &idResponseParam;
-                &linksResponseParam; &project_idResponseParam;
-                &typeResponseParam; &user_idResponseParam;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="POST" id="createCredential">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Create credential">
-            <para role="shortdesc">
-                Creates a credential.
-            </para>
-            <para>
-                The following example shows how to create an EC2-style
-                credential. The credential blob is a string that contains a
-                JSON-serialized dictionary with the <code>access</code> and
-                <code>secret</code> keys. This format is required when you
-                specify the <code>ec2</code> type. To specify other
-                credentials such as <code>access_key</code>, change the type
-                and contents of the data blob.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/CredentialCreateRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </request>
-        <response status="201">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/CredentialCreateResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="GET" id="getCredential">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Show credential details">
-            <para role="shortdesc">
-                Shows details for a credential.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/CredentialGetResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="PATCH" id="updateCredential">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Update credential">
-            <para role="shortdesc">
-                Updates a credential.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/CredentialUpdateRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/CredentialUpdateResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="DELETE" id="deleteCredential">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Delete credential">
-            <para role="shortdesc">
-                Deletes a credential.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <!--Role Operations-->
-    <method name="GET" id="listRoles">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="List roles">
-            <para role="shortdesc">
-                Lists roles.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <request>
-            <representation mediaType="application/json">
-                &nameQueryParam;
-            </representation>
-        </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/RolesListResponse.json"/>
-                    </xsdxt:sample>
-                </wadl:doc>
-                &rolesObjectResponseParam;
-                &roleResponseParam;
-                &rolesLinksResponseParam;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="POST" id="createRole">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Create role">
-            <para role="shortdesc">
-                Creates a role.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/RoleCreateRequest.json"/>
-                    </xsdxt:sample>
-                </wadl:doc>
-                &roleObjectResponseParam;
-                &role_nameRequestParam;
-            </representation>
-        </request>
-        <response status="201">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/RoleCreateResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                &roleObjectResponseParam;
-                &roleResponseParam;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="GET" id="getRole">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Show role details">
-            <para role="shortdesc">
-                Shows details for a
-                role.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/RoleGetResponse.json"/>
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="PATCH" id="updateRole">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Update role">
-            <para role="shortdesc">
-                Updates a role.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/RoleUpdateRequest.json"/>
-                    </xsdxt:sample>
-                </wadl:doc>
-                &roleObjectResponseParam;
-                &role_nameRequestParam;
-            </representation>
-        </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/RoleUpdateResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                &roleObjectResponseParam;
-                &roleResponseParam;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="DELETE" id="deleteRole">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Delete role">
-            <para role="shortdesc">
-                Deletes a role.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <method name="GET" id="listRoleAssignments">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="List role assignments">
-            <para role="shortdesc">
-                Lists role assignments.
-            </para>
-            <para>
-                Because the role assignments list can be long, use the query
-                parameters to filter the list.
-            </para>
-            <para>
-                Some typical examples are:
-            </para>
-            <para>
-                <code>GET /role_assignments?user.id={user_id}</code> lists
-                role assignments for a user.
-            </para>
-            <para>
-                <code>GET
-                /role_assignments?scope.project.id={project_id}</code>
-                lists role assignments for a project.
-            </para>
-            <para>
-                Each role assignment entity in the collection contains a link
-                to the assignment that created this entity.
-            </para>
-            <para>
-                Use the <code>effective</code> query parameter to list
-                effective assignments at the user, project, and domain level.
-                This parameter allows for the effects of group membership. The
-                group role assignment entities themselves are not returned in
-                the collection. This represents the effective role assignments
-                that would be included in a scoped token. You can use the
-                other query parameters with the <code>effective</code>
-                parameter.
-            </para>
-            <para>
-                For example, to determine what a user can actually do, issue
-                the <code>GET
-                /role_assignments?user.id={user_id}&amp;effective</code>
-                request.
-            </para>
-            <para>
-                To return the equivalent set of role assignments that would be
-                included in the token response of a project-scoped token,
-                issue the <code>GET /role_assignments?user.id={user_id}&amp;s
-                cope.project.id={project_id}&amp;effective</code> request.
-            </para>
-            <para>
-                In the response, the <code>links</code> entity section for
-                entities that are included by virtue of group members also
-                contains a URL that you can use to access the membership of
-                the group.
-            </para>
-        </wadl:doc>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    title="List all role assignments: JSON response">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/listRoleAssignments.txt"
-                        />
-                    </xsdxt:sample>
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/RoleAssignmentsListResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    title="List effective role assignments: JSON response">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/listRoleAssignmentsEffective.txt"
-                        />
-                    </xsdxt:sample>
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/RoleAssignmentsEffectiveListResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <!--Policy Operations-->
-    <method name="GET" id="listPolicies">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="List policies">
-            <para role="shortdesc">
-                Lists policies.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <request>
-            <representation mediaType="application/json">
-                &typeQueryParam;
-            </representation>
-        </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/PoliciesListResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc> &blobResponseParam; &idResponseParam;
-                &linksResponseParam; &project_idResponseParam;
-                &typeResponseParam; &user_idResponseParam;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="POST" id="createPolicy">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Create policy">
-            <para role="shortdesc">
-                Creates a policy.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/PolicyCreateRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>&blobRequestParam; &project_idRequestParam;
-                &typeRequestParam; &user_idRequestParam;
-            </representation>
-        </request>
-        <response status="201">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/PolicyCreateResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc> &blobResponseParam; &idResponseParam;
-                &linksResponseParam; &project_idResponseParam;
-                &typeResponseParam; &user_idResponseParam;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="GET" id="getPolicy">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Show policy details">
-            <para role="shortdesc">
-                Shows details for a
-                policy.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/PolicyGetResponse.json"/>
-                    </xsdxt:sample>
-                </wadl:doc> &blobResponseParam; &idResponseParam;
-                &linksResponseParam; &project_idResponseParam;
-                &typeResponseParam; &user_idResponseParam;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="PATCH" id="updatePolicy">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Update policy">
-            <para role="shortdesc">
-                Updates a policy.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/PolicyUpdateRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-            </representation>
-        </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/PolicyUpdateResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc> &blobResponseParam; &idResponseParam;
-                &linksResponseParam; &project_idResponseParam;
-                &typeResponseParam; &user_idResponseParam;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="DELETE" id="deletePolicy">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Delete policy">
-            <para role="shortdesc">
-                Deletes a policy.
-            </para>
-        </wadl:doc>
-        <!--No request body is provided-->
-        <response status="204"/> &commonFaults; &getFaults; </method>
-    <!-- REGIONS -->
-    <method name="POST" id="createRegion">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Create region">
-            <para role="shortdesc">
-                Creates a region.
-            </para>
-            <para>
-                If you try to add a region with a parent region ID that does
-                not exist, this call returns the HTTP <code>Not Found
-                (404)</code> status code.
-            </para>
-            <para>
-                If you try to add a region with a parent region ID that would
-                form a circular relationship, this call returns the HTTP
-                <code>Conflict (409)</code> status code.
-            </para>
-            <para>
-                The user-defined region ID must be unique to the OpenStack
-                deployment. Otherwise, this call returns the HTTP
-                <code>Conflict (409)</code> status code.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/RegionCreateRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                &regionObjectRequestParam;
-                &region_descriptionRequestParam;
-                &parent_region_idRequestParam;
-                &region_idRequestParam;
-            </representation>
-        </request>
-        <response status="201">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/RegionCreateResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc> &regionObjectRequestParam; &RegionsResponseParams; </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="PUT" id="createRegionWithID">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Create region with user-defined ID">
-            <para role="shortdesc">
-                Creates a region with a user-defined region ID.
-            </para>
-            <para>
-                You must URL-encode the user-defined region ID if it contains
-                characters that are not allowed in an URI.
-            </para>
-            <para>
-                If you try to add a region with a parent region ID that does
-                not exist, this call returns the HTTP <code>Not Found
-                (404)</code> status code.
-            </para>
-            <para>
-                If you try to add a region with a parent region ID that would
-                form a circular relationship, this call returns the HTTP
-                <code>Conflict (409)</code> status code.
-            </para>
-            <para>
-                The user-defined region ID must be unique to the OpenStack
-                deployment. Otherwise, this call returns the HTTP
-                <code>Conflict (409)</code> status code.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/RegionCreateRequest.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                &regionObjectRequestParam;
-                &region_descriptionRequestParam;
-                &parent_region_idRequestParam;
-            </representation>
-        </request>
-        <response status="201">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/RegionCreateResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc> &regionObjectRequestParam; &RegionsResponseParams; </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="GET" id="listRegions">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="List regions">
-            <para role="shortdesc">
-                Lists regions.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                &parent_region_idQueryParam;
-            </representation>
-        </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/RegionsListResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                &regionsObjectRequestParam;
-                &RegionsResponseParams;
-                &RegionLinksResponseParam;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="GET" id="getRegion">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Show region details">
-            <para role="shortdesc">
-                Shows details for a region, by ID.
+                Lists groups to which a user belongs.
             </para>
         </wadl:doc>
         <response status="200">
@@ -2614,68 +3638,11 @@
                     xml:lang="EN">
                     <xsdxt:sample>
                         <xsdxt:code
-                            href="../samples/RegionGetResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc> &regionObjectRequestParam;
-                &RegionsResponseParams; </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="PATCH" id="updateRegion">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Update region">
-            <para role="shortdesc">
-                Updates a region.
-            </para>
-            <para>
-                If you try to update a region with a parent region ID that
-                does not exist, this call returns the HTTP <code>Not Found
-                (404)</code> status code.
-            </para>
-        </wadl:doc>
-        <request>
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/RegionUpdateRequest.json"
-                        />
+                            href="../samples/admin/UserListGroupsResponse.json"/>
                     </xsdxt:sample>
                 </wadl:doc>
-                &regionObjectRequestParam;
-                &region_descriptionRequestParam;
-                &parent_region_idRequestParam;
             </representation>
-        </request>
-        <response status="200">
-            <representation mediaType="application/json">
-                <wadl:doc xmlns="http://docbook.org/ns/docbook"
-                    xml:lang="EN">
-                    <xsdxt:sample>
-                        <xsdxt:code
-                            href="../samples/RegionUpdateResponse.json"
-                        />
-                    </xsdxt:sample>
-                </wadl:doc>
-                &regionObjectRequestParam; &RegionsResponseParams;
-            </representation>
-        </response> &commonFaults; &getFaults; </method>
-    <method name="DELETE" id="deleteRegion">
-        <wadl:doc xmlns="http://docbook.org/ns/docbook"
-            xmlns:wadl="http://wadl.dev.java.net/2009/02"
-            xml:lang="EN" title="Delete region">
-            <para role="shortdesc">
-                Deletes a region.
-            </para>
-            <warning>
-                <para>
-                    If you try to delete a region that has child regions, this
-                    call returns the HTTP <code>Conflict (409)</code> status
-                    code.
-                </para>
-            </warning>
-        </wadl:doc>
-        <response status="204"/> &commonFaults; &getFaults;
+        </response>
+        &getFaults;
     </method>
 </application>