=> On internal URL he gets list of all tenants that key stone has.However he cannot authenticate against each of those tenants and get a token for them. His authenticate call would be applicable only for tenants on which he has a role membership.
=> On public URL just like every other user he would get the list of tenants which have a role association.He could authenticate against each of his tenant that is returned.
Hi Anthony
This is how I am planning to fix.
User performs Get Tenants call using Admin Token.
=> On internal URL he gets list of all tenants that key stone has.However he cannot authenticate against each of those tenants and get a token for them. His authenticate call would be applicable only for tenants on which he has a role membership.
=> On public URL just like every other user he would get the list of tenants which have a role association.He could authenticate against each of his tenant that is returned.