[ARVADOS] updated: 364fed6e1d4036719e4c461cfe0bc24e7f52f144

Git user git at public.curoverse.com
Wed Nov 9 12:56:16 EST 2016


Summary of changes:
 doc/api/methods.html.textile.liquid                |  26 ++-
 doc/api/permission-model.html.textile.liquid       |   4 +-
 doc/api/requests.html.textile.liquid               | 256 ++++++++++++---------
 doc/api/resources.html.textile.liquid              |   4 +-
 doc/api/schema/ApiClient.html.textile.liquid       |  24 --
 .../ApiClientAuthorization.html.textile.liquid     |  29 ---
 doc/api/schema/AuthorizedKey.html.textile.liquid   |  24 --
 doc/api/schema/Collection.html.textile.liquid      |  39 ----
 doc/api/schema/Container.html.textile.liquid       |  59 -----
 .../schema/ContainerRequest.html.textile.liquid    |  70 ------
 doc/api/schema/Group.html.textile.liquid           |  25 --
 doc/api/schema/Human.html.textile.liquid           |  19 --
 doc/api/schema/Job.html.textile.liquid             |  69 ------
 doc/api/schema/JobTask.html.textile.liquid         |  47 ----
 doc/api/schema/KeepDisk.html.textile.liquid        |  31 ---
 doc/api/schema/KeepService.html.textile.liquid     |  24 --
 doc/api/schema/Link.html.textile.liquid            |  83 -------
 doc/api/schema/Log.html.textile.liquid             |  33 ---
 doc/api/schema/Node.html.textile.liquid            |  28 ---
 .../schema/PipelineInstance.html.textile.liquid    |  26 ---
 .../schema/PipelineTemplate.html.textile.liquid    | 161 -------------
 doc/api/schema/Repository.html.textile.liquid      |  25 --
 doc/api/schema/Specimen.html.textile.liquid        |  22 --
 doc/api/schema/Trait.html.textile.liquid           |  22 --
 doc/api/schema/User.html.textile.liquid            |  30 ---
 doc/api/schema/VirtualMachine.html.textile.liquid  |  21 --
 doc/api/schema/Workflow.html.textile.liquid        |  23 --
 doc/api/storage.html.textile.liquid                |  66 ++++--
 doc/api/tokens.html.textile.liquid                 |  14 +-
 29 files changed, 212 insertions(+), 1092 deletions(-)
 delete mode 100644 doc/api/schema/ApiClient.html.textile.liquid
 delete mode 100644 doc/api/schema/ApiClientAuthorization.html.textile.liquid
 delete mode 100644 doc/api/schema/AuthorizedKey.html.textile.liquid
 delete mode 100644 doc/api/schema/Collection.html.textile.liquid
 delete mode 100644 doc/api/schema/Container.html.textile.liquid
 delete mode 100644 doc/api/schema/ContainerRequest.html.textile.liquid
 delete mode 100644 doc/api/schema/Group.html.textile.liquid
 delete mode 100644 doc/api/schema/Human.html.textile.liquid
 delete mode 100644 doc/api/schema/Job.html.textile.liquid
 delete mode 100644 doc/api/schema/JobTask.html.textile.liquid
 delete mode 100644 doc/api/schema/KeepDisk.html.textile.liquid
 delete mode 100644 doc/api/schema/KeepService.html.textile.liquid
 delete mode 100644 doc/api/schema/Link.html.textile.liquid
 delete mode 100644 doc/api/schema/Log.html.textile.liquid
 delete mode 100644 doc/api/schema/Node.html.textile.liquid
 delete mode 100644 doc/api/schema/PipelineInstance.html.textile.liquid
 delete mode 100644 doc/api/schema/PipelineTemplate.html.textile.liquid
 delete mode 100644 doc/api/schema/Repository.html.textile.liquid
 delete mode 100644 doc/api/schema/Specimen.html.textile.liquid
 delete mode 100644 doc/api/schema/Trait.html.textile.liquid
 delete mode 100644 doc/api/schema/User.html.textile.liquid
 delete mode 100644 doc/api/schema/VirtualMachine.html.textile.liquid
 delete mode 100644 doc/api/schema/Workflow.html.textile.liquid

       via  364fed6e1d4036719e4c461cfe0bc24e7f52f144 (commit)
      from  26e1c10f963a586e40ea9dcb46a87b0107c97b7c (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit 364fed6e1d4036719e4c461cfe0bc24e7f52f144
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Wed Nov 9 12:56:12 2016 -0500

    10346: Edits from review WIP.

diff --git a/doc/api/methods.html.textile.liquid b/doc/api/methods.html.textile.liquid
index 5b35c16..c01ab2c 100644
--- a/doc/api/methods.html.textile.liquid
+++ b/doc/api/methods.html.textile.liquid
@@ -8,11 +8,19 @@ title: Common resource methods
 
 The following methods are available for most resources.  Some resources may limit who can perform certain operations.  Consult documentation for individual resource types for details.
 
-The methods are relative to the base URI, e.g. @/arvados/v1/resource_type at .  For arguments specifying a *Location* of @path@, the value of the argument is incorporated into the path portion of the URI. Arguments specifying a *Location* of @query@ are incorporated into the query portion of the URI or request body.
+The methods are relative to the base URI, e.g. @/arvados/v1/resource_type at .  For arguments specifying a *Location* of @path@, the value of the argument is incorporated into the path portion of the URI.  For example, a @uuid@ of @aaaaa-bbbbb-ccccccccccccccc@ in a path position yields a URI of @/arvados/v1/resource_type/aaaaa-bbbbb-ccccccccccccccc at .
+
+Arguments specifying a *Location* of @query@ are incorporated into the query portion of the URI or request body.  For example, @/arvados/v1/resource_type?resource_type={}@.
 
 h2. create
 
-The @create@ method creates a new object of the specified type.  Note that only the listed attributes (and "standard metadata":resources.html) are set, unset attributes will get default values, and the attributes of a given resource type are fixed (you cannot introduce new toplevel attributes).  It corresponds to the HTTP request @POST /arvados/v1/resource_type at .  A successful create call returns a copy of the new object.
+The @create@ method creates a new object of the specified type.  Note that:
+
+* Only the listed attributes (and "standard metadata":resources.html) are set
+* Unset attributes will get default values
+* The attributes of a given resource type are fixed (you cannot introduce new toplevel attributes)
+
+This method corresponds to the HTTP request @POST /arvados/v1/resource_type at .  A successful create call returns a copy of the new object.
 
 Arguments:
 
@@ -22,7 +30,7 @@ table(table table-bordered table-condensed).
 
 h2. delete
 
-The @delete@ method deletes a object of the specified type.  It corresponds to the HTTP request @DELETE /arvados/v1/resource_type/uuid at .  A successful delete call returns a copy of the deleted object.
+The @delete@ method deletes an object of the specified type.  It corresponds to the HTTP request @DELETE /arvados/v1/resource_type/uuid at .  A successful delete call returns a copy of the deleted object.
 
 Arguments:
 
@@ -42,15 +50,15 @@ table(table table-bordered table-condensed).
 
 h2(#index). list
 
-The @list@ method requests an list of resources of that type.  It corresponds to the HTTP request @GET /arvados/v1/resource_type at .  All resources support listing with unless otherwise noted.
+The @list@ method requests an list of resources of that type.  It corresponds to the HTTP request @GET /arvados/v1/resource_type at .  All resources support "list" method unless otherwise noted.
 
 Arguments:
 
 table(table table-bordered table-condensed).
 |_. Argument |_. Type |_. Description |_. Location |
-|limit   |integer|Maximum number of resources to return.  May also be subject to server limit.|query|
-|offset  |integer|Skip the first 'offset' resources that match the given filter conditions.|query|
-|filters |array  |Conditions for selecting resources to return (see below).|query|
+|limit   |integer|Maximum number of resources to return.  If not provided, server will provide a default limit.  Server may also impose a maximum number of records that can be returned in a single request.|query|
+|offset  |integer|Skip the first 'offset' number of resources that would be returned under the given filter conditions.|query|
+|filters |array  |"Conditions for selecting resources to return.":#filters|query|
 |order   |array  |Attributes to use as sort keys to determine the order resources are returned, each optionally followed by @asc@ or @desc@ to indicate ascending or descending order.
 Example: @["head_uuid asc","modified_at desc"]@
 Default: @["created_at desc"]@|query|
@@ -60,7 +68,7 @@ Default: all available attributes.  As a special case, collections do not return
 |distinct|boolean|@true@: (default) do not return duplicate objects
 @false@: permitted to return duplicates|query|
 
-h3. filters
+h3.(#filters) Available list method filters
 
 The value of the @filters@ parameter is an array of conditions. The @list@ method returns only the resources that satisfy all of the given conditions. In other words, the conjunction @AND@ is implicit.
 
@@ -82,7 +90,7 @@ table(table table-bordered table-condensed).
 |@in@, @not in@|array of strings|@["script_version","in",["master","d00220fb38d4b85ca8fc28a8151702a2b9d1dec5"]]@|
 |@is_a@|string|@["head_uuid","is_a","arvados#pipelineInstance"]@|
 
-h3. result
+h3. Results of list method
 
 A successful call to list will return the following object.
 
diff --git a/doc/api/permission-model.html.textile.liquid b/doc/api/permission-model.html.textile.liquid
index ae8c363..d70430a 100644
--- a/doc/api/permission-model.html.textile.liquid
+++ b/doc/api/permission-model.html.textile.liquid
@@ -7,7 +7,7 @@ title: "Permission model"
 
 * There are four levels of permission: *none*, *can_read*, *can_write*, and *can_manage*.
 ** *none* is the default state when there are no other permission grants.
-*** the object is not returned by any list query.
+*** the object is not included in any list query response.
 *** direct queries of the object by uuid return 404 Not Found.
 *** Link objects require valid identifiers in @head_uuid@ and @tail_uuid@, so an attempt to create a Link that references an unreadable object will return an error indicating the object is not found.
 ** *can_read* grants read-only access to the record.  Attempting to update or delete the record returns an error.  *can_read* does not allow a reader to see any permission grants on the object except the object's owner_uuid and the reader's own permissions.
@@ -65,4 +65,4 @@ A privileged user account exists for the use by internal Arvados components.  Th
 
 h2. Anoymous user and group
 
-An Arvado site may be configued to allow users to browse resources without requiring a log in.  In this case, permissions for non-logged-in users are associated with the "anonymous" user.  To make objects visible to the public, they can be shared with the "anonymous" group.  The anonymous user uuid is @{siteprefix}-tpzed-anonymouspublic at .
+An Arvado site may be configued to allow users to browse resources without requiring a log in.  In this case, permissions for non-logged-in users are associated with the "anonymous" user.  To make objects visible to the public, they can be shared with the "anonymous" group.  The anonymous user uuid is @{siteprefix}-tpzed-anonymouspublic at .  The anonymous group uuid is @{siteprefix}-j7d0g-anonymouspublic at .
diff --git a/doc/api/requests.html.textile.liquid b/doc/api/requests.html.textile.liquid
index 94c8bc3..e720395 100644
--- a/doc/api/requests.html.textile.liquid
+++ b/doc/api/requests.html.textile.liquid
@@ -2,10 +2,10 @@
 layout: default
 navsection: api
 navmenu: Concepts
-title: Request syntax
+title: REST API syntax
 ...
 
-API requests to Arvados are made using standard HTTP requests.
+Arvados exposes a REST API using standard HTTP requests.
 
 h3. HTTP Method
 
@@ -21,23 +21,27 @@ As a special case, a @POST@ with the query parameter @_method=GET@ will be treat
 
 h3. Request URI
 
-The URI portion of the request identifies the specific resource to operate on.
+The URI portion of the request identifies the specific resource to operate on.  For example, operations on "collections":{{site.baseurl}}/api/methods/collections.html use the @https://{{ site.arvados_api_host }}/arvados/v1/collections@ request URI prefix.
 
 h3. Authorization header
 
-Every request must include an API token.  This identifies the user making the request for the purposes of access control.  In addition, tokens may be further "restricted in scope":/api/methods/api_client_authorizations.html#scope to only access certain API endpoints.
+Every request must include an API token.  This identifies the user making the request for the purposes of access control.  In addition, tokens may be further "restricted in scope":{{site.baseurl}}/api/methods/api_client_authorizations.html#scope to only access certain API endpoints.
 
 API requests must provide the API token using the @Authorization@ header in the following format:
 
 <pre>
-Authorization: OAuth2 xxxxapitokenxxxx
+$ curl -v -H "Authorization: OAuth2 xxxxapitokenxxxx" https://192.168.5.2:8000/arvados/v1/collections
+> GET /arvados/v1/collections HTTP/1.1
+> ...
+> Authorization: OAuth2 xxxxapitokenxxxx
+> ...
 </pre>
 
 h3. Parameters
 
 Request parameters may be provided in one of two ways.  They may be provided in the "query" section of request URI, or they may be provided in the body of the request with application/x-www-form-urlencoded encoding.  If parameters are provided in both places, their values will be merged.  Parameter names must be unique.  If a parameter appears multiple times, the behavior is undefined.
 
-To support structured and nested parameter values, after urldecode the value of each parameter is parsed as JSON.  Because of this, string values must be surrounded in double quotes.
+Structured and nested parameter values must be provided as urlencoded JSON.
 
 h3. Result
 
@@ -54,16 +58,19 @@ table(table table-bordered table-condensed).
 
 h2. Examples
 
-h3. Get a specific record
+h3. Create a new record
 
 <pre>
-$ curl -v -H "Authorization: OAuth2 oz0os4nyudswvglxhdlnrgnuelxptmj7qu7dpwvyz3g9ocqtr" https://192.168.5.2:8000/arvados/v1/collections/962eh-4zz18-xi32mpz2621o8km | jq .
-> GET /arvados/v1/collections/962eh-4zz18-xi32mpz2621o8km HTTP/1.1
+$ curl -v -X POST --data-urlencode 'collection={"name":"empty collection"}' -H "Authorization: OAuth2 oz0os4nyudswvglxhdlnrgnuelxptmj7qu7dpwvyz3g9ocqtr" https://192.168.5.2:8000/arvados/v1/collections | jq .
+> POST /arvados/v1/collections HTTP/1.1
 > User-Agent: curl/7.38.0
 > Host: 192.168.5.2:8000
 > Accept: */*
 > Authorization: OAuth2 oz0os4nyudswvglxhdlnrgnuelxptmj7qu7dpwvyz3g9ocqtr
+> Content-Length: 54
+> Content-Type: application/x-www-form-urlencoded
 >
+} [data not shown]
 < HTTP/1.1 200 OK
 < Content-Type: application/json; charset=utf-8
 < Transfer-Encoding: chunked
@@ -74,29 +81,30 @@ $ curl -v -H "Authorization: OAuth2 oz0os4nyudswvglxhdlnrgnuelxptmj7qu7dpwvyz3g9
 < Access-Control-Allow-Headers: Authorization
 < Access-Control-Max-Age: 86486400
 < X-UA-Compatible: IE=Edge,chrome=1
-< ETag: "fec2ddf433a352e5a2b5d356abd6d3d4"
+< ETag: "2ec9ef5151c1f7a1486ad169c33ae462"
 < Cache-Control: max-age=0, private, must-revalidate
-< X-Request-Id: 40b447507ff202ae9a0b0b3e0ebe98da
-< X-Runtime: 0.011404
+< Set-Cookie: _server_session=BAh7BkkiD3Nlc3Npb25faWQGOgZFVEkiJTIwMjQ1NTE5YmEwMzU1MGZkMTBmYmY1YzllY2ZiMjFlBjsAVA%3D%3D--653bc9c20899d48ee8523e18d9a4c1cde0702577; path=/; HttpOnly
+< X-Request-Id: 56aa10bc49097f3b44d3ed946bf0e61e
+< X-Runtime: 0.049951
 < X-Powered-By: Phusion Passenger 4.0.41
-< Date: Fri, 28 Oct 2016 18:59:09 GMT
+< Date: Fri, 28 Oct 2016 19:20:09 GMT
 < Server: nginx/1.4.7 + Phusion Passenger 4.0.41
 <
 {
-  "href": "/collections/962eh-4zz18-xi32mpz2621o8km",
+  "href": "/collections/962eh-4zz18-m1ma0mxxfg3mbcc",
   "kind": "arvados#collection",
-  "etag": "3mmn0s9e1z5s5opfofmtb9k8p",
-  "uuid": "962eh-4zz18-xi32mpz2621o8km",
+  "etag": "c5ifrv1ox2tu6alb559ymtkb7",
+  "uuid": "962eh-4zz18-m1ma0mxxfg3mbcc",
   "owner_uuid": "962eh-tpzed-000000000000000",
-  "created_at": "2016-10-27T14:47:43.792587000Z",
+  "created_at": "2016-10-28T19:20:09.320771531Z",
   "modified_by_client_uuid": "962eh-ozdt8-lm5x8emraox8epg",
   "modified_by_user_uuid": "962eh-tpzed-000000000000000",
-  "modified_at": "2016-10-27T14:47:43.792166000Z",
-  "name": "Saved at 2016-10-27 14:47:43 UTC by peter at debian",
+  "modified_at": "2016-10-28T19:20:09.319661000Z",
+  "name": "empty collection",
   "description": null,
   "properties": {},
-  "portable_data_hash": "93a45073511646a5c3e2f4953fcf6f61+116",
-  "manifest_text": ". eff999f3b5158331eb44a9a93e3b36e1+67108864+Aad3839bea88bce22cbfe71cf4943de7dab3ea52a at 5826180f db141bfd11f7da60dce9e5ee85a988b8+34038725+Ae8f48913fed782cbe463e0499ab37697ee06a2f8 at 5826180f 0:101147589:rna.SRR948778.bam\n",
+  "portable_data_hash": "d41d8cd98f00b204e9800998ecf8427e+0",
+  "manifest_text": "",
   "replication_desired": null,
   "replication_confirmed": null,
   "replication_confirmed_at": null,
@@ -104,11 +112,11 @@ $ curl -v -H "Authorization: OAuth2 oz0os4nyudswvglxhdlnrgnuelxptmj7qu7dpwvyz3g9
 }
 </pre>
 
-h3. List records and filter by uuid
+h3. Delete a record
 
 <pre>
-$ curl -v -G --data-urlencode 'filters=[["uuid", "=", "962eh-4zz18-xi32mpz2621o8km"]]' -H "Authorization: OAuth2 oz0os4nyudswvglxhdlnrgnuelxptmj7qu7dpwvyz3g9ocqtr" https://192.168.5.2:8000/arvados/v1/collections | jq .
-> GET /arvados/v1/collections?filters=%5B%5B%22uuid%22%2C%20%22%3D%22%2C%20%22962eh-4zz18-xi32mpz2621o8km%22%5D%5D HTTP/1.1
+$ curl -X DELETE -v -H "Authorization: OAuth2 oz0os4nyudswvglxhdlnrgnuelxptmj7qu7dpwvyz3g9ocqtr" https://192.168.5.2:8000/arvados/v1/collections/962eh-4zz18-m1ma0mxxfg3mbcc | jq .
+> DELETE /arvados/v1/collections/962eh-4zz18-m1ma0mxxfg3mbcc HTTP/1.1
 > User-Agent: curl/7.38.0
 > Host: 192.168.5.2:8000
 > Accept: */*
@@ -124,58 +132,47 @@ $ curl -v -G --data-urlencode 'filters=[["uuid", "=", "962eh-4zz18-xi32mpz2621o8
 < Access-Control-Allow-Headers: Authorization
 < Access-Control-Max-Age: 86486400
 < X-UA-Compatible: IE=Edge,chrome=1
-< ETag: "76345ef24952f073acc3a0c550241d4e"
+< ETag: "1e8f72802cf1a6d0a5c4a1ebbfcc46a9"
 < Cache-Control: max-age=0, private, must-revalidate
-< X-Request-Id: d34b8ede4ffc707d8ed172dc2f47ff5e
-< X-Runtime: 0.012727
+< Set-Cookie: _server_session=BAh7BkkiD3Nlc3Npb25faWQGOgZFVEkiJTc2NDYyY2M0NTNlNmU3M2Y2M2E3YmFiMWQ1MTEyZGZkBjsAVA%3D%3D--d28c7dd640bd24e2b12f01e77088072138dcf145; path=/; HttpOnly
+< X-Request-Id: e66fd3ab825bdb87301f5456161fb641
+< X-Runtime: 0.028788
 < X-Powered-By: Phusion Passenger 4.0.41
-< Date: Fri, 28 Oct 2016 19:08:52 GMT
+< Date: Fri, 28 Oct 2016 19:33:31 GMT
 < Server: nginx/1.4.7 + Phusion Passenger 4.0.41
 <
 {
-  "kind": "arvados#collectionList",
-  "etag": "",
-  "self_link": "",
-  "offset": 0,
-  "limit": 100,
-  "items": [
-    {
-      "href": "/collections/962eh-4zz18-xi32mpz2621o8km",
-      "kind": "arvados#collection",
-      "etag": "78tpra4ms5o67mngyd0dr4n9e",
-      "uuid": "962eh-4zz18-xi32mpz2621o8km",
-      "owner_uuid": "962eh-tpzed-000000000000000",
-      "created_at": "2016-10-27T14:47:43.792587000Z",
-      "modified_by_client_uuid": "962eh-ozdt8-lm5x8emraox8epg",
-      "modified_by_user_uuid": "962eh-tpzed-000000000000000",
-      "modified_at": "2016-10-27T14:47:43.792166000Z",
-      "name": "Saved at 2016-10-27 14:47:43 UTC by peter at debian",
-      "description": null,
-      "properties": {},
-      "portable_data_hash": "93a45073511646a5c3e2f4953fcf6f61+116",
-      "replication_desired": null,
-      "replication_confirmed": null,
-      "replication_confirmed_at": null,
-      "expires_at": null
-    }
-  ],
-  "items_available": 1
+  "href": "/collections/962eh-4zz18-m1ma0mxxfg3mbcc",
+  "kind": "arvados#collection",
+  "etag": "c5ifrv1ox2tu6alb559ymtkb7",
+  "uuid": "962eh-4zz18-m1ma0mxxfg3mbcc",
+  "owner_uuid": "962eh-tpzed-000000000000000",
+  "created_at": "2016-10-28T19:20:09.320771000Z",
+  "modified_by_client_uuid": "962eh-ozdt8-lm5x8emraox8epg",
+  "modified_by_user_uuid": "962eh-tpzed-000000000000000",
+  "modified_at": "2016-10-28T19:20:09.319661000Z",
+  "name": "empty collection",
+  "description": null,
+  "properties": {},
+  "portable_data_hash": "d41d8cd98f00b204e9800998ecf8427e+0",
+  "manifest_text": "",
+  "replication_desired": null,
+  "replication_confirmed": null,
+  "replication_confirmed_at": null,
+  "expires_at": null
 }
 </pre>
 
-h3. Update a field
+h3. Get a specific record
 
 <pre>
-$ curl -v -X PUT --data-urlencode 'collection={"name":"rna.SRR948778.bam"}' -H "Authorization: OAuth2 $ARVADOS_API_TOKEN" https://$ARVADOS_API_HOST/arvados/v1/collections/962eh-4zz18-xi32mpz2621o8km | jq .
-> PUT /arvados/v1/collections/962eh-4zz18-xi32mpz2621o8km HTTP/1.1
+$ curl -v -H "Authorization: OAuth2 oz0os4nyudswvglxhdlnrgnuelxptmj7qu7dpwvyz3g9ocqtr" https://192.168.5.2:8000/arvados/v1/collections/962eh-4zz18-xi32mpz2621o8km | jq .
+> GET /arvados/v1/collections/962eh-4zz18-xi32mpz2621o8km HTTP/1.1
 > User-Agent: curl/7.38.0
 > Host: 192.168.5.2:8000
 > Accept: */*
 > Authorization: OAuth2 oz0os4nyudswvglxhdlnrgnuelxptmj7qu7dpwvyz3g9ocqtr
-> Content-Length: 53
-> Content-Type: application/x-www-form-urlencoded
 >
-} [data not shown]
 < HTTP/1.1 200 OK
 < Content-Type: application/json; charset=utf-8
 < Transfer-Encoding: chunked
@@ -186,30 +183,29 @@ $ curl -v -X PUT --data-urlencode 'collection={"name":"rna.SRR948778.bam"}' -H "
 < Access-Control-Allow-Headers: Authorization
 < Access-Control-Max-Age: 86486400
 < X-UA-Compatible: IE=Edge,chrome=1
-< ETag: "fbb50d2847426eab793e3fcf346ca9eb"
+< ETag: "fec2ddf433a352e5a2b5d356abd6d3d4"
 < Cache-Control: max-age=0, private, must-revalidate
-< Set-Cookie: _server_session=BAh7BkkiD3Nlc3Npb25faWQGOgZFVEkiJWI3NjFjMzVjMGI5OGExYmNjZDg0ZTg5MjZhMzcwMDE1BjsAVA%3D%3D--0e005d71fad15cb366e47361c38474b7447ba155; path=/; HttpOnly
-< X-Request-Id: 76d3cb3c0995af6133b0a73a64f57354
-< X-Runtime: 0.030756
+< X-Request-Id: 40b447507ff202ae9a0b0b3e0ebe98da
+< X-Runtime: 0.011404
 < X-Powered-By: Phusion Passenger 4.0.41
-< Date: Fri, 28 Oct 2016 19:15:16 GMT
+< Date: Fri, 28 Oct 2016 18:59:09 GMT
 < Server: nginx/1.4.7 + Phusion Passenger 4.0.41
 <
 {
   "href": "/collections/962eh-4zz18-xi32mpz2621o8km",
   "kind": "arvados#collection",
-  "etag": "51509hhxo9qqjxqewnoz1b7og",
+  "etag": "3mmn0s9e1z5s5opfofmtb9k8p",
   "uuid": "962eh-4zz18-xi32mpz2621o8km",
   "owner_uuid": "962eh-tpzed-000000000000000",
   "created_at": "2016-10-27T14:47:43.792587000Z",
   "modified_by_client_uuid": "962eh-ozdt8-lm5x8emraox8epg",
   "modified_by_user_uuid": "962eh-tpzed-000000000000000",
-  "modified_at": "2016-10-28T19:15:16.137814000Z",
-  "name": "rna.SRR948778.bam",
+  "modified_at": "2016-10-27T14:47:43.792166000Z",
+  "name": "Saved at 2016-10-27 14:47:43 UTC by peter at debian",
   "description": null,
   "properties": {},
   "portable_data_hash": "93a45073511646a5c3e2f4953fcf6f61+116",
-  "manifest_text": ". eff999f3b5158331eb44a9a93e3b36e1+67108864+Acca57af82cc18c5dfa47bdfd16e335fccd09dfa5 at 582618c4 db141bfd11f7da60dce9e5ee85a988b8+34038725+A7764f122f41f92c2d5bde1852fcdd1bea5f8bd78 at 582618c4 0:101147589:rna.SRR948778.bam\n",
+  "manifest_text": ". eff999f3b5158331eb44a9a93e3b36e1+67108864+Aad3839bea88bce22cbfe71cf4943de7dab3ea52a at 5826180f db141bfd11f7da60dce9e5ee85a988b8+34038725+Ae8f48913fed782cbe463e0499ab37697ee06a2f8 at 5826180f 0:101147589:rna.SRR948778.bam\n",
   "replication_desired": null,
   "replication_confirmed": null,
   "replication_confirmed_at": null,
@@ -217,19 +213,18 @@ $ curl -v -X PUT --data-urlencode 'collection={"name":"rna.SRR948778.bam"}' -H "
 }
 </pre>
 
-h3. Create a new record
+h3. List records and filter by date
+
+(Note, return result is truncated).
 
 <pre>
-$ curl -v -X POST --data-urlencode 'collection={"name":"empty collection"}' -H "Authorization: OAuth2 $ARVADOS_API_TOKEN" https://$ARVADOS_API_HOST/arvados/v1/collections | jq .
-> POST /arvados/v1/collections HTTP/1.1
+$ curl -v -G --data-urlencode 'filters=[["created_at",">","2016-11-08T21:38:24.124834000Z"]]' -H "Authorization: OAuth2 oz0os4nyudswvglxhdlnrgnuelxptmj7qu7dpwvyz3g9ocqtr" https://192.168.5.2:8000/arvados/v1/collections | jq .
+> GET /arvados/v1/collections?filters=%5B%5B%22uuid%22%2C%20%22%3D%22%2C%20%22962eh-4zz18-xi32mpz2621o8km%22%5D%5D HTTP/1.1
 > User-Agent: curl/7.38.0
 > Host: 192.168.5.2:8000
 > Accept: */*
 > Authorization: OAuth2 oz0os4nyudswvglxhdlnrgnuelxptmj7qu7dpwvyz3g9ocqtr
-> Content-Length: 54
-> Content-Type: application/x-www-form-urlencoded
 >
-} [data not shown]
 < HTTP/1.1 200 OK
 < Content-Type: application/json; charset=utf-8
 < Transfer-Encoding: chunked
@@ -240,47 +235,78 @@ $ curl -v -X POST --data-urlencode 'collection={"name":"empty collection"}' -H "
 < Access-Control-Allow-Headers: Authorization
 < Access-Control-Max-Age: 86486400
 < X-UA-Compatible: IE=Edge,chrome=1
-< ETag: "2ec9ef5151c1f7a1486ad169c33ae462"
+< ETag: "76345ef24952f073acc3a0c550241d4e"
 < Cache-Control: max-age=0, private, must-revalidate
-< Set-Cookie: _server_session=BAh7BkkiD3Nlc3Npb25faWQGOgZFVEkiJTIwMjQ1NTE5YmEwMzU1MGZkMTBmYmY1YzllY2ZiMjFlBjsAVA%3D%3D--653bc9c20899d48ee8523e18d9a4c1cde0702577; path=/; HttpOnly
-< X-Request-Id: 56aa10bc49097f3b44d3ed946bf0e61e
-< X-Runtime: 0.049951
+< X-Request-Id: d34b8ede4ffc707d8ed172dc2f47ff5e
+< X-Runtime: 0.012727
 < X-Powered-By: Phusion Passenger 4.0.41
-< Date: Fri, 28 Oct 2016 19:20:09 GMT
+< Date: Fri, 28 Oct 2016 19:08:52 GMT
 < Server: nginx/1.4.7 + Phusion Passenger 4.0.41
 <
 {
-  "href": "/collections/962eh-4zz18-m1ma0mxxfg3mbcc",
-  "kind": "arvados#collection",
-  "etag": "c5ifrv1ox2tu6alb559ymtkb7",
-  "uuid": "962eh-4zz18-m1ma0mxxfg3mbcc",
-  "owner_uuid": "962eh-tpzed-000000000000000",
-  "created_at": "2016-10-28T19:20:09.320771531Z",
-  "modified_by_client_uuid": "962eh-ozdt8-lm5x8emraox8epg",
-  "modified_by_user_uuid": "962eh-tpzed-000000000000000",
-  "modified_at": "2016-10-28T19:20:09.319661000Z",
-  "name": "empty collection",
-  "description": null,
-  "properties": {},
-  "portable_data_hash": "d41d8cd98f00b204e9800998ecf8427e+0",
-  "manifest_text": "",
-  "replication_desired": null,
-  "replication_confirmed": null,
-  "replication_confirmed_at": null,
-  "expires_at": null
+  "kind": "arvados#collectionList",
+  "etag": "",
+  "self_link": "",
+  "offset": 0,
+  "limit": 100,
+  "items": [
+    {
+      "href": "/collections/962eh-4zz18-ybggo9im899vv60",
+      "kind": "arvados#collection",
+      "etag": "bvgrrsg63zsenb9wnpnp0nsgl",
+      "uuid": "962eh-4zz18-ybggo9im899vv60",
+      "owner_uuid": "962eh-tpzed-000000000000000",
+      "created_at": "2016-11-08T21:47:36.937106000Z",
+      "modified_by_client_uuid": null,
+      "modified_by_user_uuid": "962eh-tpzed-000000000000000",
+      "modified_at": "2016-11-08T21:47:36.936625000Z",
+      "name": "Log from cwl-runner job 962eh-8i9sb-45jww0k15fi5ldd",
+      "description": null,
+      "properties": {},
+      "portable_data_hash": "a7820b94717eff86229927565fedbd72+85",
+      "replication_desired": null,
+      "replication_confirmed": null,
+      "replication_confirmed_at": null,
+      "expires_at": null
+    },
+   ...
+    {
+      "href": "/collections/962eh-4zz18-37i1tfl5de5ild9",
+      "kind": "arvados#collection",
+      "etag": "2fa07dx52lux8wa1loehwyrc5",
+      "uuid": "962eh-4zz18-37i1tfl5de5ild9",
+      "owner_uuid": "962eh-tpzed-000000000000000",
+      "created_at": "2016-11-08T21:38:46.717798000Z",
+      "modified_by_client_uuid": null,
+      "modified_by_user_uuid": "962eh-tpzed-000000000000000",
+      "modified_at": "2016-11-08T21:38:46.717409000Z",
+      "name": null,
+      "description": null,
+      "properties": {},
+      "portable_data_hash": "9d43d4c8328640446f6e252cda584e7e+54",
+      "replication_desired": null,
+      "replication_confirmed": null,
+      "replication_confirmed_at": null,
+      "expires_at": null
+    }
+  ],
+  "items_available": 99
 }
 </pre>
 
-h3. Delete a record
+h3. Update a field
 
 <pre>
-$ curl -X DELETE -v -H "Authorization: OAuth2 oz0os4nyudswvglxhdlnrgnuelxptmj7qu7dpwvyz3g9ocqtr" https://192.168.5.2:8000/arvados/v1/collections/962eh-4zz18-m1ma0mxxfg3mbcc | jq .
-> DELETE /arvados/v1/collections/962eh-4zz18-m1ma0mxxfg3mbcc HTTP/1.1
+$ curl -v -X PUT --data-urlencode 'collection={"name":"rna.SRR948778.bam"}' -H "Authorization: OAuth2 oz0os4nyudswvglxhdlnrgnuelxptmj7qu7dpwvyz3g9ocqtr" https://192.168.5.2:8000/arvados/v1/collections/962eh-4zz18-xi32mpz2621o8km | jq .
+> PUT /arvados/v1/collections/962eh-4zz18-xi32mpz2621o8km HTTP/1.1
 > User-Agent: curl/7.38.0
 > Host: 192.168.5.2:8000
 > Accept: */*
 > Authorization: OAuth2 oz0os4nyudswvglxhdlnrgnuelxptmj7qu7dpwvyz3g9ocqtr
+> Content-Length: 53
+> Content-Type: application/x-www-form-urlencoded
 >
+} [data not shown]
 < HTTP/1.1 200 OK
 < Content-Type: application/json; charset=utf-8
 < Transfer-Encoding: chunked
@@ -291,30 +317,30 @@ $ curl -X DELETE -v -H "Authorization: OAuth2 oz0os4nyudswvglxhdlnrgnuelxptmj7qu
 < Access-Control-Allow-Headers: Authorization
 < Access-Control-Max-Age: 86486400
 < X-UA-Compatible: IE=Edge,chrome=1
-< ETag: "1e8f72802cf1a6d0a5c4a1ebbfcc46a9"
+< ETag: "fbb50d2847426eab793e3fcf346ca9eb"
 < Cache-Control: max-age=0, private, must-revalidate
-< Set-Cookie: _server_session=BAh7BkkiD3Nlc3Npb25faWQGOgZFVEkiJTc2NDYyY2M0NTNlNmU3M2Y2M2E3YmFiMWQ1MTEyZGZkBjsAVA%3D%3D--d28c7dd640bd24e2b12f01e77088072138dcf145; path=/; HttpOnly
-< X-Request-Id: e66fd3ab825bdb87301f5456161fb641
-< X-Runtime: 0.028788
+< Set-Cookie: _server_session=BAh7BkkiD3Nlc3Npb25faWQGOgZFVEkiJWI3NjFjMzVjMGI5OGExYmNjZDg0ZTg5MjZhMzcwMDE1BjsAVA%3D%3D--0e005d71fad15cb366e47361c38474b7447ba155; path=/; HttpOnly
+< X-Request-Id: 76d3cb3c0995af6133b0a73a64f57354
+< X-Runtime: 0.030756
 < X-Powered-By: Phusion Passenger 4.0.41
-< Date: Fri, 28 Oct 2016 19:33:31 GMT
+< Date: Fri, 28 Oct 2016 19:15:16 GMT
 < Server: nginx/1.4.7 + Phusion Passenger 4.0.41
 <
 {
-  "href": "/collections/962eh-4zz18-m1ma0mxxfg3mbcc",
+  "href": "/collections/962eh-4zz18-xi32mpz2621o8km",
   "kind": "arvados#collection",
-  "etag": "c5ifrv1ox2tu6alb559ymtkb7",
-  "uuid": "962eh-4zz18-m1ma0mxxfg3mbcc",
+  "etag": "51509hhxo9qqjxqewnoz1b7og",
+  "uuid": "962eh-4zz18-xi32mpz2621o8km",
   "owner_uuid": "962eh-tpzed-000000000000000",
-  "created_at": "2016-10-28T19:20:09.320771000Z",
+  "created_at": "2016-10-27T14:47:43.792587000Z",
   "modified_by_client_uuid": "962eh-ozdt8-lm5x8emraox8epg",
   "modified_by_user_uuid": "962eh-tpzed-000000000000000",
-  "modified_at": "2016-10-28T19:20:09.319661000Z",
-  "name": "empty collection",
+  "modified_at": "2016-10-28T19:15:16.137814000Z",
+  "name": "rna.SRR948778.bam",
   "description": null,
   "properties": {},
-  "portable_data_hash": "d41d8cd98f00b204e9800998ecf8427e+0",
-  "manifest_text": "",
+  "portable_data_hash": "93a45073511646a5c3e2f4953fcf6f61+116",
+  "manifest_text": ". eff999f3b5158331eb44a9a93e3b36e1+67108864+Acca57af82cc18c5dfa47bdfd16e335fccd09dfa5 at 582618c4 db141bfd11f7da60dce9e5ee85a988b8+34038725+A7764f122f41f92c2d5bde1852fcdd1bea5f8bd78 at 582618c4 0:101147589:rna.SRR948778.bam\n",
   "replication_desired": null,
   "replication_confirmed": null,
   "replication_confirmed_at": null,
diff --git a/doc/api/resources.html.textile.liquid b/doc/api/resources.html.textile.liquid
index 7daa554..7b36f11 100644
--- a/doc/api/resources.html.textile.liquid
+++ b/doc/api/resources.html.textile.liquid
@@ -13,7 +13,7 @@ h2(#resource). Resource
 table(table table-bordered table-condensed).
 |_. Attribute |_. Type |_. Description |_. Example|
 |uuid|string|universally unique object identifier, set on @create@|@mk2qn-4zz18-w3anr2hk2wgfpuo@|
-|owner_uuid|string|UUID of owner (must be a User or Group), set on @create@, may be updated explicitly|@mk2qn-tpzed-a4lcehql0dv2u25@|
+|owner_uuid|string|UUID of owner (must be a User or Group), set on @create@, controls who may access the resource, ownership may be changed explicitly with @update@, see "permission model":{{site.baseurl}}/api/permission-model.html for details.|@mk2qn-tpzed-a4lcehql0dv2u25@|
 |created_at|datetime|When resource was created, set on @create@|@2013-01-21T22:17:39Z@|
 |modified_by_client_uuid|string|API client software which most recently modified the resource, set on @create@ and @update@|@mk2qn-ozdt8-vq8l5qkzj7pr7h7@|
 |modified_by_user_uuid|string|Authenticated user, on whose behalf the client was acting when modifying the resource, set on @create@ and @update@|@mk2qn-tpzed-a4lcehql0dv2u25@|
@@ -32,7 +32,7 @@ Each object is assigned a UUID.  This has the format @aaaaa-bbbbb-cccccccccccccc
 
 h2. Timestamps
 
-All Arvados timestamps follow ISO 8601 datetime format with fractional seconds (microsecond precision).  All timestamps are UTC.  Example date format: @YYYY-mm-ddTHH:MM:SS.SSSSZ@
+All Arvados timestamps follow ISO 8601 datetime format with fractional seconds (microsecond precision).  All timestamps are UTC.  Date format: @YYYY-mm-ddTHH:MM:SS.SSSSZ@ example date: @2016-11-08T21:38:24.124834000Z at .
 
 h2. ETags
 
diff --git a/doc/api/schema/ApiClient.html.textile.liquid b/doc/api/schema/ApiClient.html.textile.liquid
deleted file mode 100644
index 0cda1af..0000000
--- a/doc/api/schema/ApiClient.html.textile.liquid
+++ /dev/null
@@ -1,24 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: ApiClient
-
-...
-
-
-An **ApiClient** represents a client program that can issue requests to the API server.
-
-h2. Methods
-
-See "api_clients":{{site.baseurl}}/api/methods/api_clients.html
-
-h2. Resource
-
-Each ApiClient has, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Example|
-|name|string|||
-|url_prefix|string|||
-|is_trusted|boolean|Trusted by users to handle their API tokens (ApiClientAuthorizations).||
diff --git a/doc/api/schema/ApiClientAuthorization.html.textile.liquid b/doc/api/schema/ApiClientAuthorization.html.textile.liquid
deleted file mode 100644
index dc9614a..0000000
--- a/doc/api/schema/ApiClientAuthorization.html.textile.liquid
+++ /dev/null
@@ -1,29 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: ApiClientAuthorization
-
-...
-
-An **ApiClientAuthorization** represents an API client's authorization to make API requests on a user's behalf.
-
-h2. Methods
-
-See "api_client_authorizations":{{site.baseurl}}/api/methods/api_client_authorizations.html
-
-h2. Resource
-
-An ApiClientAuthorization is not a generic Arvados resource.  The full list of properties that belong to an ApiClientAuthorization is:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Example|
-|api_token|string|||
-|api_client_id|integer|||
-|user_id|integer|||
-|created_by_ip_address|string|||
-|last_used_by_ip_address|string|||
-|last_used_at|datetime|||
-|expires_at|datetime|||
-|default_owner_uuid|string|||
-|scopes|array|||
diff --git a/doc/api/schema/AuthorizedKey.html.textile.liquid b/doc/api/schema/AuthorizedKey.html.textile.liquid
deleted file mode 100644
index d9f4354..0000000
--- a/doc/api/schema/AuthorizedKey.html.textile.liquid
+++ /dev/null
@@ -1,24 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: AuthorizedKey
-...
-
-An **AuthorizedKey** represents the public part of an SSH authentication key which can be used to authorize transactions on behalf of the user.
-
-h2. Methods
-
-See "authorized_keys":{{site.baseurl}}/api/methods/authorized_keys.html
-
-h2. Resource
-
-Each AuthorizedKey has, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Example|
-|name|string|||
-|key_type|string|||
-|authorized_user_uuid|string|||
-|public_key|text|||
-|expires_at|datetime|||
diff --git a/doc/api/schema/Collection.html.textile.liquid b/doc/api/schema/Collection.html.textile.liquid
deleted file mode 100644
index 9aa783c..0000000
--- a/doc/api/schema/Collection.html.textile.liquid
+++ /dev/null
@@ -1,39 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: Collection
-
-...
-
-Note: This resource concerns indexing, usage accounting, and integrity checks for data stored in Arvados. Reading and writing the data _per se_ is achieved by the "Keep":{{site.baseurl}}/user/tutorials/tutorial-keep.html storage system.
-
-h2. Methods
-
-See "collections":{{site.baseurl}}/api/methods/collections.html
-
-h3. Conditions of creating a Collection
-
-The @uuid@ and @manifest_text@ attributes must be provided when creating a Collection. The cryptographic digest of the supplied @manifest_text@ must match the supplied @uuid at .
-
-h3. Side effects of creating a Collection
-
-Referenced data can be protected from garbage collection. See the section about "resources" links on the "Links":Link.html page.
-
-Data can be shared with other users via the Arvados permission model.
-
-Clients can request checks of data integrity and storage redundancy.
-
-h2. Resource
-
-Each collection has, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Example|
-|name|string|||
-|description|text|||
-|portable_data_hash|string|||
-|manifest_text|text|||
-|replication_desired|number|Minimum storage replication level desired for each data block referenced by this collection. A value of @null@ signifies that the site default replication level (typically 2) is desired.|@2@|
-|replication_confirmed|number|Replication level most recently confirmed by the storage system. This field is null when a collection is first created, and is reset to null when the manifest_text changes in a way that introduces a new data block. An integer value indicates the replication level of the _least replicated_ data block in the collection.|@2@, null|
-|replication_confirmed_at|datetime|When replication_confirmed was confirmed. If replication_confirmed is null, this field is also null.||
diff --git a/doc/api/schema/Container.html.textile.liquid b/doc/api/schema/Container.html.textile.liquid
deleted file mode 100644
index d29d420..0000000
--- a/doc/api/schema/Container.html.textile.liquid
+++ /dev/null
@@ -1,59 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: Container
-
-...
-
-A Container:
-* Precisely describes the environment in which a Crunch2 process should run. For example, git trees, data collections, and docker images are stored as content addresses. This makes it possible to reason about the difference between two processes, and to replay a process at a different time and place.
-* Container records are created by the system to fulfill container requests.
-
-h2. Methods
-
-See "containers":{{site.baseurl}}/api/methods/containers.html
-
-h2. Resource
-
-Each Container offers the following attributes, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Notes|
-|state|string|The allowed states are "Queued", "Locked", "Running", "Cancelled" and "Complete".|See "Container states":#container_states for more details.|
-|started_at|datetime|When this container started running.|Null if container has not yet started.|
-|finished_at|datetime|When this container finished.|Null if container has not yet finished.|
-|log|string|Portable data hash of the collection containing logs from a completed container run.|Null if the container is not yet finished.|
-|environment|hash|Environment variables and values that should be set in the container environment (@docker run --env@). This augments and (when conflicts exist) overrides environment variables given in the image's Dockerfile.|Must be equal to a ContainerRequest's environment in order to satisfy the ContainerRequest.|
-|cwd|string|Initial working directory.|Must be equal to a ContainerRequest's cwd in order to satisfy the ContainerRequest|
-|command|array of strings|Command to execute.| Must be equal to a ContainerRequest's command in order to satisfy the ContainerRequest.|
-|output_path|string|Path to a directory or file inside the container that should be preserved as this container's output when it finishes.|Must be equal to a ContainerRequest's output_path in order to satisfy the ContainerRequest.|
-|mounts|hash|Must contain the same keys as the ContainerRequest being satisfied. Each value must be within the range of values described in the ContainerRequest at the time the Container is assigned to the ContainerRequest.|See "Mount types":#mount_types for more details.|
-|runtime_constraints|hash|Compute resources, and access to the outside world, that are / were available to the container.
-Generally this will contain additional keys that are not present in any corresponding ContainerRequests: for example, even if no ContainerRequests specified constraints on the number of CPU cores, the number of cores actually used will be recorded here.|e.g.,
-<pre><code>{
-  "ram":12000000000,
-  "vcpus":2,
-  "API":true
-}</code></pre>See "Runtime constraints":#runtime_constraints for more details.|
-|output|string|Portable data hash of the output collection.|Null if the container is not yet finished.|
-|container_image|string|Portable data hash of a collection containing the docker image used to run the container.||
-|progress|number|A number between 0.0 and 1.0 describing the fraction of work done.||
-|priority|integer|Priority assigned by the system, taking into account the priorities of all associated ContainerRequests.||
-|exit_code|integer|Process exit code.|Null if state!="Complete"|
-|auth_uuid|string|UUID of a token to be passed into the container itself, used to access Keep-backed mounts, etc.|Null if state∉{"Locked","Running"}|
-|locked_by_uuid|string|UUID of a token, indicating which dispatch process changed state to Locked. If null, any token can be used to lock. If not null, only the indicated token can modify this container.|Null if state∉{"Locked","Running"}|
-
-h2(#container_states). Container states
-
-table(table table-bordered table-condensed).
-|_. State|_. Sgnificance|_. Allowed next|
-|Queued|Waiting for a dispatcher to lock it and try to run the container.|Locked, Cancelled|
-|Locked|A dispatcher has "taken" the container and is allocating resources for it. The container has not started yet.|Queued, Running, Cancelled|
-|Running|Resources have been allocated and the contained process has been started (or is about to start). Crunch-run _must_ set state to Running _before_ there is any possibility that user code will run in the container.|Complete, Cancelled|
-|Complete|Container was running, and the contained process/command has exited.|-|
-|Cancelled|The container did not run long enough to produce an exit code. This includes cases where the container didn't even start, cases where the container was interrupted/killed before it exited by itself (e.g., priority changed to 0), and cases where some problem prevented the system from capturing the contained process's exit status (exit code and output).|-|
-
-h2(#mount_types). {% include 'mount_types' %}
-
-h2(#runtime_constraints). {% include 'container_runtime_constraints' %}
diff --git a/doc/api/schema/ContainerRequest.html.textile.liquid b/doc/api/schema/ContainerRequest.html.textile.liquid
deleted file mode 100644
index 48c624a..0000000
--- a/doc/api/schema/ContainerRequest.html.textile.liquid
+++ /dev/null
@@ -1,70 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: ContainerRequest
-
-...
-
-A ContainerRequest:
-* Is a client's expression of interest in knowing the outcome of a computational process.
-* The system is responsible for finding suitable containers and assigning them to container_requests.
-* The client's description of the ContainerRequest is less precise than of a Container: a ContainerRequest describes container constraints which can have different interpretations over time. For example, a ContainerRequest with a {"kind":"git_tree","commit_range":"abc123..master",...} mount might be satisfiable by any of several different source trees, and this set of satisfying source trees can change when the repository's "master" branch is updated.
-
-h2. Methods
-
-See "container_requests":{{site.baseurl}}/api/methods/container_requests.html
-
-h2. Resource
-
-Each ContainerRequest offers the following attributes, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-All attributes are optional, unless otherwise marked as required.
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Notes|
-|name|string|The name of the container_request.||
-|description|string|The description of the container_request.||
-|properties|hash|Client-defined structured data that does not affect how the container is run.||
-|state|string|The allowed states are "Uncommitted", "Committed", and "Final".|Once a request is Committed, the only attributes that can be modified are priority, container_uuid, and container_count_max. A request in the "Final" state cannot have any of its functional parts modified (i.e., only name, description, and properties fields can be modified).|
-|requesting_container_uuid|string|The uuid of the parent container that created this container_request, if any. Represents a process tree.|The priority of this container_request is inherited from the parent container, if the parent container is cancelled, this container_request will be cancelled as well.|
-|container_uuid|string|The uuid of the container that satisfies this container_request. The system will find and reuse any preexisting Container that matches this ContainerRequest's criteria. See "Container reuse":#container_reuse for more details.|Currently, container reuse is the default behavior and a mechanism to skip reuse is not supported.|
-|container_count_max|integer|Maximum number of containers to start, i.e., the maximum number of "attempts" to be made.||
-|mounts|hash|Objects to attach to the container's filesystem and stdin/stdout.|See "Mount types":#mount_types for more details.|
-|runtime_constraints|hash|Restrict the container's access to compute resources and the outside world.|Required when in "Committed" state. e.g.,<pre><code>{
-  "ram":12000000000,
-  "vcpus":2,
-  "API":true
-}</code></pre>See "Runtime constraints":#runtime_constraints for more details.|
-|container_image|string|Portable data hash of a collection containing the docker image to run the container.|Required.|
-|environment|hash|Environment variables and values that should be set in the container environment (@docker run --env@). This augments and (when conflicts exist) overrides environment variables given in the image's Dockerfile.||
-|cwd|string|Initial working directory, given as an absolute path (in the container) or a path relative to the WORKDIR given in the image's Dockerfile.|Required.|
-|command|array of strings|Command to execute in the container.|Required. e.g., @["echo","hello"]@|
-|output_path|string|Path to a directory or file inside the container that should be preserved as container's output when it finishes. This path must be, or be inside, one of the mount targets. For best performance, point output_path to a writable collection mount.|Required.|
-|priority|integer|Higher value means spend more resources on this container_request, i.e., go ahead of other queued containers, bring up more nodes etc.|Priority 0 means a container should not be run on behalf of this request. Clients are expected to submit ContainerRequests with zero priority in order to prevew the container that will be used to satisfy it. Priority can be null if and only if state!="Committed".|
-|expires_at|datetime|After this time, priority is considered to be zero.|Not yet implemented.|
-|filters|string|Additional constraints for satisfying the container_request, given in the same form as the filters parameter accepted by the container_requests.list API.||
-
-h2(#mount_types). {% include 'mount_types' %}
-
-h2(#runtime_constraints). {% include 'container_runtime_constraints' %}
-
-h2(#container_reuse). Container reuse
-
-When a ContainerRequest is "Committed", the system will try to find and reuse any preexisting Container with the same exact command, cwd, environment, output_path, container_image, mounts, and runtime_constraints as this ContainerRequest. The serialized fields environment, mounts and runtime_constraints are sorted to facilitate comparison.
-
-The system will use the following scheme to determine which Container to consider for reuse: A Container with the same exact command, cwd, environment, output_path, container_image, mounts, and runtime_constraints as this ContainerRequest and,
-* The oldest successfully finished container, i.e., in state "Complete" with exit_code of 0. If matching containers with different outputs are found, the system will forgo reusing any of these finished containers and instead look for suitable containers in other states
-* The oldest "Running" container with the highest progress, i.e., the container that is most likely to finish first
-* The oldest "Locked" container with the highest priority, i.e., the container that is most likely to start first
-* The oldest "Queued" container with the highest priority, i.e, the container that is most likely to start first
-
-{% include 'notebox_begin' %}
-Currently, container reuse is the default behavior and a mechanism to skip reuse is not supported.
-{% include 'notebox_end' %}
-
-h2(#cancel_container). Canceling a ContainerRequest
-
-A ContainerRequest may be canceled by setting it's priority to 0, using an update call.
-
-When a ContainerRequest is canceled, it will still reflect the state of the Container it is associated with via the container_uuid attribute. If that Container is being reused by any other container_requests that are still active, i.e., not yet canceled, that Container may continue to run or be scheduled to run by the system in future. However, if no other container_requests are using that Contianer, then the Container will get canceled as well.
diff --git a/doc/api/schema/Group.html.textile.liquid b/doc/api/schema/Group.html.textile.liquid
deleted file mode 100644
index 2bf67eb..0000000
--- a/doc/api/schema/Group.html.textile.liquid
+++ /dev/null
@@ -1,25 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: Group
-
-...
-
-A **Group** represents a set of objects. Groups allow you to organize content, define user roles, and apply permissions to sets of objects.
-
-h2. Methods
-
-See "groups":{{site.baseurl}}/api/methods/groups.html
-
-h2. Resource
-
-Each Group has, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Example|
-|name|string|||
-|group_class|string|Type of group. This does not affect behavior, but determines how the group is presented in the user interface. For example, @project@ indicates that the group should be displayed by Workbench and arv-mount as a project for organizing and naming objects.|@"project"@
-null|
-|description|text|||
-|writable_by|array|List of UUID strings identifying Users and other Groups that have write permission for this Group.  Only users who are allowed to administer the Group will receive a full list.  Other users will receive a partial list that includes the Group's owner_uuid and (if applicable) their own user UUID.||
diff --git a/doc/api/schema/Human.html.textile.liquid b/doc/api/schema/Human.html.textile.liquid
deleted file mode 100644
index 361e619..0000000
--- a/doc/api/schema/Human.html.textile.liquid
+++ /dev/null
@@ -1,19 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: Human
-
-...
-
-h2. Methods
-
-See "humans":{{site.baseurl}}/api/methods/humans.html
-
-h2. Resource
-
-Each Human has, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Example|
-|properties|hash|||
diff --git a/doc/api/schema/Job.html.textile.liquid b/doc/api/schema/Job.html.textile.liquid
deleted file mode 100644
index 58b6a51..0000000
--- a/doc/api/schema/Job.html.textile.liquid
+++ /dev/null
@@ -1,69 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: Job
-
-...
-
-Applications submit compute jobs when:
-* Provenance is important, i.e., it is worth recording how the output was produced; or
-* Computation time is significant; or
-* The job management features are convenient (failure detection/recovery, regression testing, etc).
-
-h2. Methods
-
-See "jobs":{{site.baseurl}}/api/methods/jobs.html
-
-h2. Resource
-
-Each job has, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Notes|
-|script|string|The filename of the job script.|This program will be invoked by Crunch for each job task. It is given as a path to an executable file, relative to the @/crunch_scripts@ directory in the Git tree specified by the _repository_ and _script_version_ attributes.|
-|script_parameters|hash|The input parameters for the job.|Conventionally, one of the parameters is called @"input"@. Typically, some parameter values are collection UUIDs. Ultimately, though, the significance of parameters is left entirely up to the script itself.|
-|repository|string|Git repository name or URL.|Source of the repository where the given script_version is to be found. This can be given as the name of a locally hosted repository, or as a publicly accessible URL starting with @git://@, @http://@, or @https://@.
-Examples:
- at yourusername/yourrepo@
- at https://github.com/curoverse/arvados.git@|
-|script_version|string|Git commit|During a **create** transaction, this is the Git branch, tag, or hash supplied by the client. Before the job starts, Arvados updates it to the full 40-character SHA-1 hash of the commit used by the job.
-See "Specifying Git versions":#script_version below for more detail about acceptable ways to specify a commit.|
-|cancelled_by_client_uuid|string|API client ID|Is null if job has not been cancelled|
-|cancelled_by_user_uuid|string|Authenticated user ID|Is null if job has not been cancelled|
-|cancelled_at|datetime|When job was cancelled|Is null if job has not been cancelled|
-|started_at|datetime|When job started running|Is null if job has not [yet] started|
-|finished_at|datetime|When job finished running|Is null if job has not [yet] finished|
-|running|boolean|Whether the job is running||
-|success|boolean|Whether the job indicated successful completion|Is null if job has not finished|
-|is_locked_by_uuid|string|UUID of the user who has locked this job|Is null if job is not locked. The system user locks the job when starting the job, in order to prevent job attributes from being altered.|
-|node_uuids|array|List of UUID strings for node objects that have been assigned to this job||
-|log|string|Collection UUID|Is null if the job has not finished. After the job runs, the given collection contains a text file with log messages provided by the @arv-crunch-job@ task scheduler as well as the standard error streams provided by the task processes.|
-|tasks_summary|hash|Summary of task completion states.|Example: @{"done":0,"running":4,"todo":2,"failed":0}@|
-|output|string|Collection UUID|Is null if the job has not finished.|
-|nondeterministic|boolean|The job is expected to produce different results if run more than once.|If true, this job will not be considered as a candidate for automatic re-use when submitting subsequent identical jobs.|
-|submit_id|string|Unique ID provided by client when job was submitted|Optional. This can be used by a client to make the "jobs.create":{{site.baseurl}}/api/methods/jobs.html#create method idempotent.|
-|priority|string|||
-|arvados_sdk_version|string|Git commit hash that specifies the SDK version to use from the Arvados repository|This is set by searching the Arvados repository for a match for the arvados_sdk_version runtime constraint.|
-|docker_image_locator|string|Portable data hash of the collection that contains the Docker image to use|This is set by searching readable collections for a match for the docker_image runtime constraint.|
-|runtime_constraints|hash|Constraints that must be satisfied by the job/task scheduler in order to run the job.|See below.|
-|components|hash|Name and uuid pairs representing the child work units of this job. The uuids can be of different object types.|Example components hash: @{"name1": "zzzzz-8i9sb-xyz...", "name2": "zzzzz-d1hrv-xyz...",}@|
-
-h3(#script_version). Specifying Git versions
-
-The script_version attribute and arvados_sdk_version runtime constraint are typically given as a branch, tag, or commit hash, but there are many more ways to specify a Git commit. The "specifying revisions" section of the "gitrevisions manual page":http://git-scm.com/docs/gitrevisions.html has a definitive list. Arvados accepts Git versions in any format listed there that names a single commit (not a tree, a blob, or a range of commits). However, some kinds of names can be expected to resolve differently in Arvados than they do in your local repository. For example, <code>HEAD@{1}</code> refers to the local reflog, and @origin/master@ typically refers to a remote branch: neither is likely to work as desired if given as a Git version.
-
-h3. Runtime constraints
-
-table(table table-bordered table-condensed).
-|_. Key|_. Type|_. Description|_. Implemented|
-|arvados_sdk_version|string|The Git version of the SDKs to use from the Arvados git repository.  See "Specifying Git versions":#script_version for more detail about acceptable ways to specify a commit.  If you use this, you must also specify a @docker_image@ constraint (see below).  In order to install the Python SDK successfully, Crunch must be able to find and run virtualenv inside the container.|✓|
-|docker_image|string|The Docker image that this Job needs to run.  If specified, Crunch will create a Docker container from this image, and run the Job's script inside that.  The Keep mount and work directories will be available as volumes inside this container.  The image must be uploaded to Arvados using @arv keep docker at .  You may specify the image in any format that Docker accepts, such as @arvados/jobs@, @debian:latest@, or the Docker image id.  Alternatively, you may specify the portable data hash of the image Collection.|✓|
-|min_nodes|integer||✓|
-|max_nodes|integer|||
-|min_cores_per_node|integer|Require that each node assigned to this Job have the specified number of CPU cores|✓|
-|min_ram_mb_per_node|integer|Require that each node assigned to this Job have the specified amount of real memory (in MiB)|✓|
-|min_scratch_mb_per_node|integer|Require that each node assigned to this Job have the specified amount of scratch storage available (in MiB)|✓|
-|max_tasks_per_node|integer|Maximum simultaneous tasks on a single node|✓|
-|keep_cache_mb_per_task|integer|Size of file data buffer for per-task Keep directory ($TASK_KEEPMOUNT), in MiB.  Default is 256 MiB.  Increase this to reduce cache thrashing in situtations such as accessing multiple large (64+ MiB) files at the same time, or accessing different parts of a large file at the same time.|✓|
-|min_ram_per_task|integer|Minimum real memory (KiB) per task||
diff --git a/doc/api/schema/JobTask.html.textile.liquid b/doc/api/schema/JobTask.html.textile.liquid
deleted file mode 100644
index fbd4343..0000000
--- a/doc/api/schema/JobTask.html.textile.liquid
+++ /dev/null
@@ -1,47 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: JobTask
-
-...
-
-A Job Task is a well defined independently-computable portion of a "Job":Job.html.
-
-Job tasks are created two ways:
-* When a job starts, it is seeded with a job task with @sequence=0@ and an empty @parameters{}@ list.
-* Job task A can create additional job tasks B, C, D, which will belong to the same job. Tasks B, C, D will not be performed until job task A is complete. If job task A fails, tasks B, C, D will be deleted.
-
-Job tasks have particular update semantics:
-* Progress reporting: A job task should only be <code>PATCH</code>ed by a worker process which has been dispatched to work on that task and is reporting progress or completion status — and by the job manager itself.
-* Completion: When a job task process terminates, the task is considered complete only if its most recent @PATCH@ transaction had @progress=1.0@ and @success=true at .
-* Temporary failure: If a job task process terminates without updating @success@ to @true@ or @false@, it is assumed that the task failed but is worth re-attempting (at a different time, on a different node, etc).
-
-
-h2. Methods
-
-See "job_tasks":{{site.baseurl}}/api/methods/job_tasks.html
-
-h2. Resource
-
-Each JobTask has, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Example|
-|sequence|integer|Execution sequence.
-A step cannot be run until all steps with lower sequence numbers have completed.
-Job steps with the same sequence number can be run in any order.||
-|parameters|hash|||
-|output|text|||
-|progress|float|||
-|success|boolean|Is null if the task has neither completed successfully nor failed permanently.||
-
-The following attributes should not be updated by anyone other than the job manager:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Notes|
-|qsequence|integer|Order of arrival|0-based|
-|job_uuid|string|||
-|created_by_job_task_uuid|string|||
-
-
diff --git a/doc/api/schema/KeepDisk.html.textile.liquid b/doc/api/schema/KeepDisk.html.textile.liquid
deleted file mode 100644
index c128c3e..0000000
--- a/doc/api/schema/KeepDisk.html.textile.liquid
+++ /dev/null
@@ -1,31 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: KeepDisk
-
-...
-
-A **KeepDisk** is a filesystem volume used by a Keep storage server to store data blocks.
-
-h2. Methods
-
-See "keep_disks":{{site.baseurl}}/api/methods/keep_disks.html
-
-h2. Resource
-
-Each KeepDisk has, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Example|
-|ping_secret|string|||
-|node_uuid|string|||
-|filesystem_uuid|string|||
-|bytes_total|integer|||
-|bytes_free|integer|||
-|is_readable|boolean|||
-|is_writable|boolean|||
-|last_read_at|datetime|||
-|last_write_at|datetime|||
-|last_ping_at|datetime|||
-|keep_service_uuid|string|||
diff --git a/doc/api/schema/KeepService.html.textile.liquid b/doc/api/schema/KeepService.html.textile.liquid
deleted file mode 100644
index ac1d974..0000000
--- a/doc/api/schema/KeepService.html.textile.liquid
+++ /dev/null
@@ -1,24 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: KeepService
-
-...
-
-A **KeepService** is a service endpoint that supports the Keep protocol.
-
-h2. Methods
-
-See "keep_services":{{site.baseurl}}/api/methods/keep_services.html
-
-h2. Resource
-
-Each KeepService has, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Example|
-|service_host|string|||
-|service_port|integer|||
-|service_ssl_flag|boolean|||
-|service_type|string|||
\ No newline at end of file
diff --git a/doc/api/schema/Link.html.textile.liquid b/doc/api/schema/Link.html.textile.liquid
deleted file mode 100644
index 4abfdbc..0000000
--- a/doc/api/schema/Link.html.textile.liquid
+++ /dev/null
@@ -1,83 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: Link
-
-...
-
-**Links** describe relationships between Arvados objects, and from objects to primitives.
-
-Links are directional: each metadata object has a tail (the "subject" being described), class, name, properties, and head (the "object" that describes the "subject").  A Link may describe a relationship between two objects in an Arvados database: e.g. a _permission_ link between a User and a Group defines the permissions that User has to read or modify the Group.  Other Links simply represent metadata for a single object, e.g. the _identifier_ Link, in which the _name_ property represents a human-readable identifier for the object at the link's head.
-
-For links that don't make sense to share between API clients, a _link_class_ that begins with @client@ (like @client.my_app_id@ or @client.my_app_id.anythinghere@) should be used.
-
-h2. Methods
-
-See "links":{{site.baseurl}}/api/methods/links.html
-
-h2. Resource
-
-Each link has, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|
-|tail_uuid|string|Object UUID at the tail (start, source, origin) of this link|
-|link_class|string|Class (see below)|
-|name|string|Link type (see below)|
-|head_uuid|string|Object UUID at the head (end, destination, target) of this link|
-|properties|hash|Additional information, expressed as a key→value hash. Key: string. Value: string, number, array, or hash.|
-
-h2. Link classes
-
-Some classes are pre-defined by convention and have standard meanings attached to names.
-
-h3. provenance
-
-table(table table-bordered table-condensed).
-|_. tail_type→head_type|_. name→head_uuid {properties}|_. Notes|
-|→Collection  |provided → _collection uuid_
-{url→http://example.com/foo.tgz, retrieved_at→1352616640.000}||
-|Job→Collection     |provided → _collection uuid_||
-|Specimen→Collection|provided → _collection uuid_||
-|Human→Specimen     |provided → _specimen uuid_||
-|Human→Collection   |provided → _collection uuid_||
-
-h3. permission
-
-table(table table-bordered table-condensed).
-|_. tail_type→head_type|_. name→head_uuid {properties}|_. Notes|
-|User→Group  |{white-space:nowrap}. can_manage → _group uuid_|The User can read, write, and control permissions on the Group itself, every object owned by the Group, and every object on which the Group has _can_manage_ permission.|
-|User→Group  |can_read → _group uuid_  |The User can retrieve the Group itself and every object that is readable by the Group.|
-|User→Job|can_write → _job uuid_  |The User can read and update the Job. (This works for all objects, not just jobs.)|
-|User→Job|can_manage → _job uuid_  |The User can read, update, and change permissions for the Job. (This works for all objects, not just jobs.)|
-|Group→Job|can_manage → _job uuid_  |Anyone with _can_manage_ permission on the Group can also read, update, and change permissions for the Job. Anyone with _can_read_ permission on the Group can read the Job. (This works for all objects, not just jobs.)|
-
-h3. resources
-
-table(table table-bordered table-condensed).
-|_. tail_type→head_type|_. name→head_uuid {properties}|_. Notes|
-|User→Collection|wants → _collection uuid_    |Determines whether data can be deleted|
-|User→Job       |wants → _job uuid_    |Determines whether a job can be cancelled|
-
-h3. tag
-
-A **tag** link describes an object using an unparsed plain text string. Tags can be used to annotate objects that are not editable, like collections and objects shared as read-only.
-
-table(table table-bordered table-condensed).
-|_. tail_type→head_type|_. name→head_uuid {properties}|
-|→Collection           | _tag name_ → _collection uuid_|
-|→Job                  | _tag name_ → _job uuid_|
-
-h3. human_trait
-
-table(table table-bordered table-condensed).
-|_. tail_type→head_type|_. name→head_uuid {properties}|_. Notes|
-|Human→Trait  |measured → _trait uuid_ {value→1.83, unit→metre, measured_at→1352616640.000}||
-
-h3. identifier
-
-table(table table-bordered table-condensed).
-|_. tail_type→head_type|_. name→head_uuid {properties}|_. Notes|
-|→Human        |hu123456 → _human uuid_||
-
diff --git a/doc/api/schema/Log.html.textile.liquid b/doc/api/schema/Log.html.textile.liquid
deleted file mode 100644
index 425246a..0000000
--- a/doc/api/schema/Log.html.textile.liquid
+++ /dev/null
@@ -1,33 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: Log
-
-...
-
-**Log** objects record events that occur in an Arvados cluster. Both user-written pipelines and the Arvados system itself may generate Log events.
-
-h2. Methods
-
-See "logs":{{site.baseurl}}/api/methods/logs.html
-
-h2. Creation
-
-Any user may create Log entries for any event they find useful. User-generated Logs have no intrinsic meaning to other users or to the Arvados system itself; it is up to each user to choose appropriate log event types and summaries for their project.
-
-h3. System Logs
-
-Arvados uses Logs to record creation, deletion, and updates of other Arvados resources.
-
-h2. Resource
-
-Each Log has, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Example|
-|object_uuid|string|||
-|event_at|datetime|||
-|event_type|string|A user-defined category or type for this event.|@LOGIN@|
-|summary|text|||
-|properties|hash|||
diff --git a/doc/api/schema/Node.html.textile.liquid b/doc/api/schema/Node.html.textile.liquid
deleted file mode 100644
index ff9e882..0000000
--- a/doc/api/schema/Node.html.textile.liquid
+++ /dev/null
@@ -1,28 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: Node
-
-...
-
-A **Node** represents a host that can be used to run Crunch job tasks.
-
-h2. Methods
-
-See "nodes":{{site.baseurl}}/api/methods/nodes.html
-
-h2. Resource
-
-Each Node has, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Example|
-|slot_number|integer|||
-|hostname|string|||
-|domain|string|||
-|ip_address|string|||
-|job_uuid|string|The UUID of the job that this node is assigned to work on.  If you do not have permission to read the job, this will be null.||
-|first_ping_at|datetime|||
-|last_ping_at|datetime|||
-|info|hash|||
diff --git a/doc/api/schema/PipelineInstance.html.textile.liquid b/doc/api/schema/PipelineInstance.html.textile.liquid
deleted file mode 100644
index 75c7885..0000000
--- a/doc/api/schema/PipelineInstance.html.textile.liquid
+++ /dev/null
@@ -1,26 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: PipelineInstance
-
-...
-
-A **PipelineInstance** is the act or record of applying a pipeline template to a specific set of inputs; generally, a pipeline instance refers to a set of jobs that have been run to satisfy the pipeline components.
-
-h2. Methods
-
-See "pipeline_instances":{{site.baseurl}}/api/methods/pipeline_instances.html
-
-h2. Resource
-
-Each PipelineInstance has, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Example|
-|pipeline_template_uuid|string|||
-|name|string|||
-|components|hash|||
-|success|boolean|||
-|active|boolean|||
-|properties|Hash|||
diff --git a/doc/api/schema/PipelineTemplate.html.textile.liquid b/doc/api/schema/PipelineTemplate.html.textile.liquid
deleted file mode 100644
index 244e67e..0000000
--- a/doc/api/schema/PipelineTemplate.html.textile.liquid
+++ /dev/null
@@ -1,161 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: PipelineTemplate
-...
-
-h2. Resource
-
-Each PipelineTemplate has, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Example|
-|name|string|||
-|components|hash|||
-
-The pipeline template consists of "name" and "components".
-
-table(table table-bordered table-condensed).
-|_. Attribute    |_. Type |_. Accepted values                           |_. Required|_. Description|
-|name            |string  |any                                          |yes        |The human-readable name of the pipeline template.|
-|components      |object  |JSON object containing job submission objects|yes        |The component jobs that make up the pipeline, with the component name as the key. |
-
-h3. Components
-
-The components field of the pipeline template is a JSON object which describes the individual steps that make up the pipeline.  Each component is an Arvados job submission.  "Parameters for job submissions are described on the job method page.":{{site.baseurl}}/api/methods/jobs.html#create  In addition, a component can have the following parameters:
-
-table(table table-bordered table-condensed).
-|_. Attribute    |_. Type          |_. Accepted values |_. Required|_. Description|
-|output_name     |string or boolean|string or false    |no         |If a string is provided, use this name for the output collection of this component.  If the value is false, do not create a permanent output collection (an temporary intermediate collection will still be created).  If not provided, a default name will be assigned to the output.|
-
-h3. Script parameters
-
-When used in a pipeline, each parameter in the 'script_parameters' attribute of a component job can specify that the input parameter must be supplied by the user, or the input parameter should be linked to the output of another component.  To do this, the value of the parameter should be JSON object containing one of the following attributes:
-
-table(table table-bordered table-condensed).
-|_. Attribute    |_. Type |_. Accepted values                               |_. Description|
-|default         |any     |any                                              |The default value for this parameter.|
-|required        |boolean |true or false                                    |Specifies whether the parameter is required to have a value or not.|
-|dataclass       |string  |One of 'Collection', 'File' [1], 'number', or 'text' |Data type of this parameter.|
-|search_for      |string  |any string                                       |Substring to use as a default search string when choosing inputs.|
-|output_of       |string  |the name of another component in the pipeline    |Specifies that the value of this parameter should be set to the 'output' attribute of the job that corresponds to the specified component.|
-|title           |string  |any string                                       |User friendly title to display when choosing parameter values|
-|description     |string  |any string                                       |Extended text description for describing expected/valid values for the script parameter|
-|link_name       |string  |any string                                       |User friendly name to display for the parameter value instead of the actual parameter value|
-
-The 'output_of' parameter is especially important, as this is how components are actually linked together to form a pipeline.  Component jobs that depend on the output of other components do not run until the parent job completes and has produced output.  If the parent job fails, the entire pipeline fails.
-
-fn1. The 'File' type refers to a specific file within a Keep collection in the form 'collection_hash/filename', for example '887cd41e9c613463eab2f0d885c6dd96+83/bob.txt'.
-
-The 'search_for' parameter is meaningful only when input dataclass of type Collection or File is used. If a value is provided, this will be preloaded into the input data chooser dialog in Workbench. For example, if your input dataclass is a File and you are interested in a certain filename extention, you can preconfigure it in this attribute.
-
-h3. Examples
-
-This is a pipeline named "Filter MD5 hash values" with two components, "do_hash" and "filter".  The "input" script parameter of the "do_hash" component is required to be filled in by the user, and the expected data type is "Collection".  This also specifies that the "input" script parameter of the "filter" component is the output of "do_hash", so "filter" will not run until "do_hash" completes successfully.  When the pipeline runs, past jobs that meet the criteria described above may be substituted for either or both components to avoid redundant computation.
-
-<notextile><pre>
-{
-  "name": "Filter MD5 hash values",
-  "components": {
-    "do_hash": {
-      "script": "hash.py",
-      "repository": "<b>you</b>/<b>you</b>",
-      "script_version": "master",
-      "script_parameters": {
-        "input": {
-          "required": true,
-          "dataclass": "Collection",
-          "search_for": ".fastq.gz",
-          "title":"Please select a fastq file"
-        }
-      },
-    },
-    "filter": {
-      "script": "0-filter.py",
-      "repository": "<b>you</b>/<b>you</b>",
-      "script_version": "master",
-      "script_parameters": {
-        "input": {
-          "output_of": "do_hash"
-        }
-      },
-    }
-  }
-}
-</pre></notextile>
-
-This pipeline consists of three components.  The components "thing1" and "thing2" both depend on "cat_in_the_hat".  Once the "cat_in_the_hat" job is complete, both "thing1" and "thing2" can run in parallel, because they do not depend on each other.
-
-<notextile><pre>
-{
-  "name": "Wreck the house",
-  "components": {
-    "cat_in_the_hat": {
-      "script": "cat.py",
-      "repository": "<b>you</b>/<b>you</b>",
-      "script_version": "master",
-      "script_parameters": { }
-    },
-    "thing1": {
-      "script": "thing1.py",
-      "repository": "<b>you</b>/<b>you</b>",
-      "script_version": "master",
-      "script_parameters": {
-        "input": {
-          "output_of": "cat_in_the_hat"
-        }
-      },
-    },
-    "thing2": {
-      "script": "thing2.py",
-      "repository": "<b>you</b>/<b>you</b>",
-      "script_version": "master",
-      "script_parameters": {
-        "input": {
-          "output_of": "cat_in_the_hat"
-        }
-      },
-    },
-  }
-}
-</pre></notextile>
-
-This pipeline consists of three components.  The component "cleanup" depends on "thing1" and "thing2".  Both "thing1" and "thing2" are started immediately and can run in parallel, because they do not depend on each other, but "cleanup" cannot begin until both "thing1" and "thing2" have completed.
-
-<notextile><pre>
-{
-  "name": "Clean the house",
-  "components": {
-    "thing1": {
-      "script": "thing1.py",
-      "repository": "<b>you</b>/<b>you</b>",
-      "script_version": "master",
-      "script_parameters": { }
-    },
-    "thing2": {
-      "script": "thing2.py",
-      "repository": "<b>you</b>/<b>you</b>",
-      "script_version": "master",
-      "script_parameters": { }
-    },
-    "cleanup": {
-      "script": "cleanup.py",
-      "repository": "<b>you</b>/<b>you</b>",
-      "script_version": "master",
-      "script_parameters": {
-        "mess1": {
-          "output_of": "thing1"
-        },
-        "mess2": {
-          "output_of": "thing2"
-        }
-      }
-    }
-  }
-}
-</pre></notextile>
-
-h2. Methods
-
-See "pipeline_templates":{{site.baseurl}}/api/methods/pipeline_templates.html
diff --git a/doc/api/schema/Repository.html.textile.liquid b/doc/api/schema/Repository.html.textile.liquid
deleted file mode 100644
index 0f9b25e..0000000
--- a/doc/api/schema/Repository.html.textile.liquid
+++ /dev/null
@@ -1,25 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: Repository
-
-...
-
-A **Repository** represents a git repository hosted in an Arvados installation.
-
-h2. Methods
-
-See "repositories":{{site.baseurl}}/api/methods/repositories.html
-
-h2. Resource
-
-Each Repository has, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Example|
-|name|string|The name of the repository on disk.  Repository names must begin with a letter and contain only alphanumerics.  Unless the repository is owned by the system user, the name must begin with the owner's username, then be separated from the base repository name with @/@.  You may not create a repository that is owned by a user without a username.|@username/project1@|
-|clone_urls|array|URLs from which the repository can be cloned. Read-only.|@["git at git.zzzzz.arvadosapi.com:foo/bar.git",
- "https://git.zzzzz.arvadosapi.com/foo/bar.git"]@|
-|fetch_url|string|URL suggested as a fetch-url in git config. Deprecated. Read-only.||
-|push_url|string|URL suggested as a push-url in git config. Deprecated. Read-only.||
diff --git a/doc/api/schema/Specimen.html.textile.liquid b/doc/api/schema/Specimen.html.textile.liquid
deleted file mode 100644
index 1a7e483..0000000
--- a/doc/api/schema/Specimen.html.textile.liquid
+++ /dev/null
@@ -1,22 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: Specimen
-
-...
-
-A **Specimen** represents a tissue sample or similar material obtained from a human that has some biomedical significance or interest.
-
-h2. Methods
-
-See "specimens":{{site.baseurl}}/api/methods/specimens.html
-
-h2. Resource
-
-Each Specimen has, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Example|
-|material|string|||
-|properties|hash|||
diff --git a/doc/api/schema/Trait.html.textile.liquid b/doc/api/schema/Trait.html.textile.liquid
deleted file mode 100644
index 80c74ab..0000000
--- a/doc/api/schema/Trait.html.textile.liquid
+++ /dev/null
@@ -1,22 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: Trait
-
-...
-
-A **Trait** represents a measured or observed characteristic of a human.
-
-h2. Methods
-
-See "traits":{{site.baseurl}}/api/methods/traits.html
-
-h2. Resource
-
-Each Trait has, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Example|
-|name|string|||
-|properties|hash|||
diff --git a/doc/api/schema/User.html.textile.liquid b/doc/api/schema/User.html.textile.liquid
deleted file mode 100644
index 335b6c1..0000000
--- a/doc/api/schema/User.html.textile.liquid
+++ /dev/null
@@ -1,30 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: User
-
-...
-
-A **User** represents a person who interacts with Arvados via an ApiClient.
-
-h2. Methods
-
-See "users":{{site.baseurl}}/api/methods/users.html
-
-h2. Resource
-
-Each User has, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Example|
-|email|string|||
-|username|string|The username used for the user's git repositories and virtual machine logins.  Usernames must start with a letter, and contain only alphanumerics.  When a new user is created, a default username is set from their e-mail address.  Only administrators may change the username.||
-|first_name|string|||
-|last_name|string|||
-|identity_url|string|||
-|is_admin|boolean|||
-|prefs|hash|||
-|default_owner_uuid|string|||
-|is_active|boolean|||
-|writable_by|array|List of UUID strings identifying Groups and other Users that can modify this User object.  This will include the user's owner_uuid and, for administrators and users requesting their own User object, the requesting user's UUID.||
diff --git a/doc/api/schema/VirtualMachine.html.textile.liquid b/doc/api/schema/VirtualMachine.html.textile.liquid
deleted file mode 100644
index 1c6a4b6..0000000
--- a/doc/api/schema/VirtualMachine.html.textile.liquid
+++ /dev/null
@@ -1,21 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: VirtualMachine
-
-...
-
-A **VirtualMachine** represents a network host, running within an Arvados installation, on which Arvados users are given login accounts.
-
-h2. Methods
-
-See "virtual_machines":{{site.baseurl}}/api/methods/virtual_machines.html
-
-h2. Resource
-
-Each VirtualMachine has, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Example|
-|hostname|string|||
diff --git a/doc/api/schema/Workflow.html.textile.liquid b/doc/api/schema/Workflow.html.textile.liquid
deleted file mode 100644
index 05cd998..0000000
--- a/doc/api/schema/Workflow.html.textile.liquid
+++ /dev/null
@@ -1,23 +0,0 @@
----
-layout: default
-navsection: api
-navmenu: Schema
-title: Workflow
-
-...
-
-A *Workflow* is a definition of work to be performed by a Crunch2 process. It defines the steps and inputs for the process.
-
-h2. Methods
-
-See "workflows":{{site.baseurl}}/api/methods/workflows.html
-
-h2. Resource
-
-Each Workflow offers the following optional attributes, in addition to the usual "attributes of Arvados resources":{{site.baseurl}}/api/resources.html:
-
-table(table table-bordered table-condensed).
-|_. Attribute|_. Type|_. Description|_. Example|
-|name|string|If not specified, will be set to any "name" from the "definition" attribute.||
-|description|string|If not specified, will be set to any "description" from the "definition" attribute.||
-|definition|string|A "Common Workflow Language" document.|Visit "Common Workflow Language":http://www.commonwl.org/ for details.|
diff --git a/doc/api/storage.html.textile.liquid b/doc/api/storage.html.textile.liquid
index c03a456..1ac222a 100644
--- a/doc/api/storage.html.textile.liquid
+++ b/doc/api/storage.html.textile.liquid
@@ -4,9 +4,9 @@ navsection: api
 title: Storage in Keep
 ...
 
-h2. Storing data
+Keep clients are applications such as @arv-get@, @arv-put@ and @arv-mount@ which store and retrieve data from Keep.  In doing so, these programs interact with both the API server (which stores file metadata in form of Collection objects) and individual Keep servers (which store the actual data blocks).
 
-Storing data in Keep follows this process:
+h2. Storing files in Keep
 
 # The client fetches a list of keep servers (or proxies) using the @accessible@ method on "keep_services":{{site.baseurl}}/api/methods/keep_services.html
 # Data is split into 64 MiB blocks and the MD5 hash is computed for each block.
@@ -16,10 +16,10 @@ Storing data in Keep follows this process:
 # The client creates a "collection":{{site.baseurl}}/api/methods/collections.html and provides the @manifest_text@
 # The API server accepts the collection after validating the signed tokens (proof of knowledge) for each block.
 
-h2. Fetching data
+h2. Fetching files from Keep
 
 # The client requests a @collection@ object including @manifest_text@
-# The server adds "token signatures" which provide proof of access for each block
+# The server adds "token signatures" to the @manifest_text@, these signatures are used to prove to Keep servers that the client is permitted to read a given block
 # The client fetches a list of keep servers (or proxies) using the @accessible@ method on "keep_services":{{site.baseurl}}/api/methods/keep_services.html
 # For each data block, the client chooses the highest priority server using rendezvous hashing, described below.
 # The client sends the data block request to the keep server, including the token signature (proof of access).
@@ -41,42 +41,38 @@ h2. Rendezvous hashing
 
 Each @keep_service@ resource has an assigned uuid.  To determine priority assignments of blocks to servers, for each keep service compute the MD5 sum of the string concatenation of the block locator (hex-coded hash part only) and service uuid, then sort this list in descending order.  Blocks are preferentially placed on servers at the beginning of the list.
 
-h1. Keep locator format
+h2. Keep locator format
 
-<pre>
-locator       ::= sized-digest hint*
-
-sized-digest  ::= digest size-hint
-
-digest        ::= <32 lowercase hexadecimal digits>
-
-size-hint     ::= "+" [0-9]+
-
-hint          ::= "+" hint-type hint-content
-
-hint-type     ::= [A-Z]+
-
-hint-content  ::= [A-Za-z0-9 at _-]*
+BNF notation for a valid Keep locator string (with hints).  For example @d41d8cd98f00b204e9800998ecf8427e+0+Z+Ada39a3ee5e6b4b0d3255bfef95601890afd80709 at 53bed294@
 
+<pre>
+locator        ::= sized-digest hint*
+sized-digest   ::= digest size-hint
+digest         ::= <32 lowercase hexadecimal digits>
+size-hint      ::= "+" [0-9]+
+hint           ::= "+" hint-type hint-content
+hint-type      ::= [A-Z]+
+hint-content   ::= [A-Za-z0-9 at _-]*
 sign-hint      ::= "+A" <40 lowercase hexadecimal digits> "@" sign-timestamp
-
 sign-timestamp ::= <8 lowercase hexadecimal digits>
 </pre>
 
-h2. Regular expressions to validat locator
+h3. Regular expression to validate locator
 
 <pre>
 /^([0-9a-f]{32})\+([0-9]+)(\+[A-Z][-A-Za-z0-9 at _]*)*$/
 </pre>
 
-h2. Valid examples
+h3. Valid locators
 
+table(table table-bordered table-condensed).
 |@d41d8cd98f00b204e9800998ecf8427e+0@|
 |@d41d8cd98f00b204e9800998ecf8427e+0+Z@|
 |@d41d8cd98f00b204e9800998ecf8427e+0+Z+Ada39a3ee5e6b4b0d3255bfef95601890afd80709 at 53bed294@|
 
-h2. Invalid examples
+h3. Invalid locators
 
+table(table table-bordered table-condensed).
 ||Why|
 |@d41d8cd98f00b204e9800998ecf8427e@|No size hint|
 |@d41d8cd98f00b204e9800998ecf8427e+Z+0@|Other hint before size hint|
@@ -94,7 +90,7 @@ Each stream consists of three or more space-delimited tokens:
 ** No path component is empty.
 ** No path component is "." or "..".
 ** The stream name never begins or ends with @"/"@.
-* The second token is a data blob locator (see [[Keep locator format]]).
+* The second token is a keep locator, described above
 * ...possibly followed by more data blob locators...
 * The first token that is not a block locator, and all subsequent tokens, are file tokens.
 ** A file token has three parts, delimited by @":"@: position, size, filename.
@@ -106,6 +102,28 @@ A manifest contains no TAB characters, nor other ASCII whitespace characters oth
 
 A manifest always ends with a newline -- except the empty (zero-length) string, which is a valid manifest.
 
+h2. Example manifests
+
+A signed manifest with four files in two directories:
+
+<pre>
+. 930625b054ce894ac40596c3f5a0d947+33+A1f27a35dd9af37191d63ad8eb8985624451e7b79 at 5835c8bc 0:0:a 0:0:b 0:33:output.txt
+./c d41d8cd98f00b204e9800998ecf8427e+0+A27117dcd30c013a6e85d6d74c9a50179a1446efa at 5835c8bc 0:0:d
+</pre>
+
+The same manifest without block signatures:
+
+<pre>
+. 930625b054ce894ac40596c3f5a0d947+33 0:0:a 0:0:b 0:33:output.txt
+./c d41d8cd98f00b204e9800998ecf8427e+0 0:0:d
+</pre>
+
+A manifest containing a large file consisting of multiple blocks:
+
+<pre>
+. c449ed86671e4a34a8b8b9430850beba+67108864 74376cb0283a3d9cc1b613f624600745+67108864 cef3ba09db65559a671deff0a9f4edd9+67108864+A6e4832dd8d6df80cef080225a8d74e7a1bab2726 at 5835c92c f660cf00b5f23544f330572224600a99+67108864+A9de655fb05f387821503be7e6f1562dc3185167d at 5835c92c 36331288ca1387eb7aa5684505d59eae+67108864+A4bf1bbdbf66fa43005712cb5bdcd88a7963a1ed8 at 5835c92c 7ce9fd55a8b39036bd1fa7b4645ef582+67108864+A07fcb24b256a6f5e5234055f12ccdb4b5c241e0a at 5835c92c b8c32af7dd2d00ae3958dacb1cabdaa8+67108864+A7493b72649b8de4f8c754cb38a4ec0b9617f6129 at 5835c92c 1ec3958e4e80f6cbdb69920c6921df90+67108864+Ac49d991d55041626ece414881ce5d967670dca8c at 5835c92c 09fcfea01c3a141b89dd0dcfa1b7768e+22534144+Aaca28860ddc16d7ba144909f54168376c90b224a at 5835c92c 0:559405056:393fb89a2ac7757aca9902dc1286049eecab7b9afd89a9bb6d5b9402e350b280.tar
+</pre>
+
 h2. Normalized manifest v1
 
 A normalized manifest has the following additional restrictions.
diff --git a/doc/api/tokens.html.textile.liquid b/doc/api/tokens.html.textile.liquid
index c8dafd9..17fb2a8 100644
--- a/doc/api/tokens.html.textile.liquid
+++ b/doc/api/tokens.html.textile.liquid
@@ -4,11 +4,11 @@ navsection: api
 title: API Authorization
 ...
 
-All requests to the API server must have an API token.  API tokens can be issued by going though the login flow, or created via the API.  At this time, only browser based applications can perform login from email/password.  Command line applications and services must have an API token provided via the @ARVADOS_API_TOKEN@ environment variable or configuration file.
+All requests to the API server must have an API token.  API tokens can be issued by going though the login flow, or created via the API.  At this time, only browser based applications can perform login from email/password.  Command line applications and services must use an API token provided via the @ARVADOS_API_TOKEN@ environment variable or configuration file.
 
 h2. Browser login
 
-Browser based applications can perform log in via the following flow:
+Browser based applications can perform log in via the following highlevel flow:
 
 # The web application presents a "login" link to @/login@ on the API server with a @return_to@ parameter provided in the query portion of the URL.  For example @https://{{ site.arvados_api_host }}/login?return_to=XXX@ , where  @return_to=XXX@ is the URL of the login page for the web application.
 # The "login" link takes the browser to the login page (this may involve several redirects)
@@ -16,17 +16,19 @@ Browser based applications can perform log in via the following flow:
 # The browser is redirected to the login page URL provided in @return_to=XXX@ with the addition of @?api_token=xxxxapitokenxxxx at .
 # The web application gets the login request with the included authorization token.
 
+The "browser authentication process is documented in detail on the Aravdos wiki.":https://dev.arvados.org/projects/arvados/wiki/Workbench_authentication_process
+
 h2. Creating tokens via the API
 
-Use the @create@ method of the "API client authorizations":{{site.baseurl}}/api/methods/api_client_authorizations.html resource.
+The browser login method above issues a new token.  Using that token, it is possible to make API calls to create additional tokens.  To do so, use the @create@ method of the "API client authorizations":{{site.baseurl}}/api/methods/api_client_authorizations.html resource.
 
 h2. Trusted API clients
 
-The "api_clients" resource determines if web applications that have gone through the browser login flow may create or list or API tokens.
+The "api_clients":{{site.baseurl}}/api/methods/api_clients.html resource determines if web applications that have gone through the browser login flow may create or list API tokens.
 
-After the user has authenticated, but before an authorization token is issued and browser redirect sent (sending the browser back to the @return_to@ login page bearing @api_token@), the server strips the path and query portion from @return_to@ to get @url_prefix@ finds or creates an ApiClient object.  The newly issued API client authorization (API token) is associated with this ApiClient object.
+After the user has authenticated, but before an authorization token is issued and browser redirect sent (sending the browser back to the @return_to@ login page bearing @api_token@), the server strips the path and query portion from @return_to@ to get @url_prefix at .  The @url_prefix@ is used to find or create an ApiClient object.  The newly issued API client authorization (API token) is associated with this ApiClient object.
 
-API clients may be marked as "trusted".  An authorization token associated with a "trusted" client is permitted to list authorization tokens on "API client authorizations":{{site.baseurl}}/api/methods/api_client_authorizations.html .
+API clients may be marked as "trusted" by making an API call to create or update an "api_clients":{{site.baseurl}}/api/methods/api_clients.html resource and set the @is_trusted@ flag to @true at . An authorization token associated with a "trusted" client is permitted to list authorization tokens on "API client authorizations":{{site.baseurl}}/api/methods/api_client_authorizations.html .
 
 A authorization token which is not associated with a trusted client may only use the @current@ method to query its own api_client_authorization object.  The "untrusted" token is forbidden performing any other operations on API client authorizations, such as listing other authorizations or creating new authorizations.
 

-----------------------------------------------------------------------


hooks/post-receive
-- 




More information about the arvados-commits mailing list