OpenStack Identity (keystone)

Use unscoped token to obtain scoped token

Bug #855184 reported by Ziad Sawalha on 2011-09-21

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Identity (keystone)	Fix Released	Medium	Unassigned	OpenStack Identity (keystone) diablo-4

Bug Description

Having to pass in credentials twice (first to get an unstopped token, call GET /tenants, and second to get a token for a specific tenant) is undesirable. Support using the first token to authenticate against a specific tenant.

Revision history for this message

Ziad Sawalha (ziad-sawalha) wrote on 2011-09-21:

The second token's expiration date should not exceed the supplied token's expiration date. That guarantees that no token is valid after the expiration date since the submission of valid credentials.

Revision history for this message

Ziad Sawalha (ziad-sawalha) wrote on 2011-09-21:

Also: https://blueprints.launchpad.net/keystone/+spec/auth-using-global-token

Yogeshwar (yogesh-srikrishnan) on 2011-10-13

Changed in keystone:
status:	New → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.