About Smart Data Platform SSS API (2.5.2)

Download OpenAPI specification:Download

API Common information

Following knowledges are required in common to use SSS API.

What is Smart Data Platform API

  • Smart Data Platform API is a set of HTTP request / response to control your Smart Data Platform resources. Here "resources" includes not only Virtual Machine, Network, but includes your own user, tenant, contract itself.
  • In following chapters, we describe general usage of Smart Data Platform APIs.

What is SSS

  • SSS is a service conponent in Smart Data Platform, it provides some APIs to control your
    1. Contract: Smart Data Platform is a unit of billing. Each tenant, user, and other resource. belong to contract, and each contract can have separate billing address.
    2. Tenants: Tenant is a "box" which your computing resources belong.
    3. Users: User is a unit of authentication / authorization. Each user has itown API key / API sercret, and login id and password.
    4. Role: Tenant accessibility of each user for each tenant.
    5. API keys (and permissions): Set of strings which identifies / authenticates who you are in API request.

Get API Key / API Secrets

  • First of all, you have to get your own API key and API secret from SSS control panel to use API. Login to Smart Data Platform, and access to "Profile" in header.

    Get API Key 1

  • Then you can see "API key" and "API secret key" in the next screen.

Get API Key 2

  • Select "Show" and the api secret key will be displayed.

Get API Key 3

  • Note these two strings to use in the following steps, and you also can transit API Reference top page. You can check all Smart Data Platform endpoints in API Reference top page.

  • You can access to all SDPF services' API of any region with this api key pair.

  • For Example, this endpoint depends on your contract's default region. Default is GL1 (Global) region: https://api.ntt.com/sss/api

  • You can use SSS API in other regions by specifying region in endpoint. Replace {region_name} with a region name (ex: jp1).

    • https://sss-{region_name}-ecl.api.ntt.com/api
  • Note that some parameters may not be returned depends on the endpoint you selected.

Get Tenant ID

  • You have to specify tenant id (or tenant name) to control computing resources via API. First of all, select workspace to go to the workspace selection screen.

Get Tenant ID 1

  • Next, select the workspace to which the tenant to be operated belongs.

Get Tenant ID 2

  • Next, select "Detail" in the workspace.

Get Tenant ID 3

  • Then the tenant ID will be displayed.

Get Tenant ID 4

  • (This procedure is required only when you are using APIs for contorolling tenant resources. You don't need to specify tenant when you are using SSS API.)

Get Token from Keystone (API Authentication)

  • Most of Smart Data Platform API requires authentication with "Keystone", which is API authenticator defaults to Openstack (Some service in Smart Data Platform have its own authentication).

  • Keystone requires "API key" and "API secret", and "tenant id" or "tenant name" you are to control.

  • Following sample shows request sample of Keystone authentication.

curl -i \
-H "Content-Type: application/json" \
-d '
  "auth": {
      "identity": {
          "methods": [
          "password": {
              "user": {
                  "domain": {
                      "id": "default"
                  "name": "YoNZW2nvy04STyHHpzuwLkAjDuP9z4RZ",
                  "password": "ZDvAof5wKtN6AEZh"
      "scope": {
          "project": {
              "id": "bff444188b6f46adaa4e1e64051f4125"
}' \

  • ("project" is the same meaning to "tenant" in Openstack)

  • Tenant id/name is not required for using SSS API. In this case you can simply omit "scope" object from json body.

curl -i \
-H "Content-Type: application/json" \
-d '
  "auth": {
      "identity": {
          "methods": [
          "password": {
              "user": {
                  "domain": {
                      "id": "default"
                  "name": "YoNZW2nvy04STyHHpzuwLkAjDuP9z4RZ",
                  "password": "ZDvAof5wKtN6AEZh"
}' \

  • Response should includes:

    • X-Subject-Token in header (HTTP Response header name is case insensitive.)
    • JSON body (your role, tenant information, list of service endpoints)
  • if your name / password / tenant id (or tenant name) is collect.

  • X-Subject-Token is a essential information for API authentication, and you use this string in following steps. (We call this string just "token" after here.)

  • Obtained token lifetime is 1 hour.

  • See Get Keystone Token for more info.

  • Keystone is allocated in each region, so if you are trying to use regional services, you need to get token from a Keystone which the service belongs.

  • Usually, you can use GL1 (Global) APIs endpoint only. If you want to use other endpoints, please execute folowing.

    • The case you are admin user, please create the region's tenant with GL1 SSS API endpoint.
    • The case you are not admin user, please ask to the admin user to create role between you and the region's tenant.
  • Keystone API endpoints are described as follows.

Region Keystone Endpoint
GL1 (Global) https://api.ntt.com/keystone
Other regions https://keystone-{region_name}-ecl.api.ntt.com
  • For example, keystone-jp1-ecl.api.ntt.com is a Keystone URL for JP1 region.

  • In following sections, we describe SSS API as example. See other documents for other service components' API.

SSS API Endpoints

  • Smart Data Platform SSS API endpoints are described as follows.
Region SSS Endpoint
GL1 (Global) https://api.ntt.com/sss/api
Other regions https://sss-{region_name}-ecl.api.ntt.com/api
  • The default region that newly create users belong to is GL1.

  • Whichever endpoint you use, you need to first get a token from the same region. If you use GL1, call APIs in the following order:

# Get token from below

# Then call the API with the token

  • In the same way, if you want to use JP7 region, first get a keystone token and then call the SSS API:
# Get token from below

# Then call the API with the token

  • As SSS data is synced all over the world, any region endpoint can be used for most of SSS API, but some "regional" data includes in response from the contract's default region.

SSS API Request Example

  • Once you determine SSS api endpoint, you can throw request.
    • SSS API is standard REST API, which uses json body as request / response.
    • Designate "X-Auth-Token" in header and set the token you got as value
    • TLS 1.0/1.2 algorithm is recommended for HTTP secure protocol.
    • For POST / PUT (requires body) request, set "Content-Type: application/json" in header

GET request example

curl -1 -iv -X GET -H "X-Auth-Token: 0a07185f627142fbba2f9a4b53c99015" https://api.ntt.com/sss/api/v2/workspaces

POST request example

curl -1 -iv -X POST -H "Content-Type: application/json" -H "X-Auth-Token: 0a07185f627142fbba2f9a4b53c99015" -d '{
  "login_id": "test001",
  "mail_address": "test@ntt.com",
  "password": "Dsrtf34ht",
  "contract_id": "econXXXXXXXXX",
  "notify_password": "true"
}' https://api.ntt.com/sss/api/v2/users

Revision History

Date Version Detail
2023/12/20 2.5.2 Closed v1.0 Billing APIs.
2023/08/09 2.5.1 Added v2 "Create API-Only User" API. / Added v2 "Available Menus for Channel" APIs. Migrated API documentation to OpenAPI Specification format.
2023/05/24 2.4.1 Added a new parameter "description" to v1.0/v2 Contract APIs. / Added v2 Bookmarked Menus APIs
2022/08/02 2.3.0 Added some request/response parameter of v1.0/v2 GetApprovalRequest/ListApprovalRequest API.
2022/04/19 2.2.3 Added v2 Update API Availability API.Remove/Add some parameters of v1.0/v2 user API.
2021/11/09 2.1.2 Added v2 billing API / login event API and remove some parameters of v1.0/v2 user API.
2021/05/25 2.0.0 Added v2 API and fixed some parameters of v1.0 API.
2020/03/09 1.11.0 Added some response parameter of GetContract/CreateUser/GetUser API.
2019/10/01 1.8.2 Changed service name (Enterprise Cloud 2.0 -> Smart Data Platform). Added one API of Contract API (CreateBillingBulkFile(WholeSale)_ForPartnerOnly API). Change billing infomation's format of Contract API(GetBilling API/GetBilling_ForPartnerOnly API).
2019/03/19 1.7.1 Added 2 APIs of User API(Update Auto Role Settings API)/Contract API(Search Contracts API).
2018/09/04 1.6.1 Added 7 APIs of Notification API/Contract API(about BulkBillingFile)/Update Tenant API. Modify Reason Phase of HTTP Response. (ex. 200 OK => 200 200, 404 Not Found => 404 404)
2018/06/12 1.6.0 Added an API of "Change Contract Information(For partner user only)".
2018/03/04 1.5.2 Added 11 APIs of "UserType Management API" and "Contract Group Management API".
2017/08/30 1.4.1 Added notes to GetBilling API/DeleteTenant API.
2017/05/16 1.4.1 Added an API of "Contract Owner Change" / Added a csv format of GetBilling API's response.
2017/03/30 1.4.0 Added 3 APIs of "Approval API".
2017/02/03 1.3.0 Added 2 APIs of "ECL 2.0 IAM API" / Modified CreateContract API response.
2016/10/04 1.2.0 Added "ECl 2.0 IAM API" description.
2016/05/19 1.1.0 Added 5 APIs only for Partner User.
2016/03/01 1.0.0 Initial version.

Keystone API

Infomation on Keystone API

Get Keystone Token


  • Get Keystone Token
  • There are different ways to get tokens. See Request samples for examples.
Request Body schema: application/json

An auth object.





Bad Request






Not Found


GL1 Keystone Endpoint


Regional Keystone Endpoint


Request samples

Content type

Get Keystone with specifying a tenant.

Expand all Collapse all
  • "auth":