Remove the tenant-id from the URI
OpenStack projects appear to be moving away from requiring a tenant-id in the URI, as this is redundant information when Keystone authentication is used. This blueprint calls for removing the tenant-id for all Barbican service calls.
In addition, all internal references to 'tenant-id' or 'keystone-id' should be removed at this time, in favor of 'project-id'.
Reconsider the current use of two Python REST verb handler classes per each REST URI/resource.
Blueprint information
- Status:
- Complete
- Approver:
- Douglas Mendizábal
- Priority:
- Medium
- Drafter:
- John Wood
- Direction:
- Approved
- Assignee:
- Venkat Sundaram
- Definition:
- Approved
- Series goal:
- Accepted for juno
- Implementation:
-
Implemented
- Milestone target:
-
juno-3
- Started by
- Douglas Mendizábal
- Completed by
- Douglas Mendizábal
Related branches
Related bugs
Sprints
Whiteboard
I think it is wider scope topic, we need to map our API with Keystone and we should consider Domain and projects etcs.
May be it is time to have new API version
atiwari - Working on API proposal for removing tenant_id from URI and adding support for secret owner. So that user level secret isolation can be defined
Current (v1) barbican APIs URIs has tight binding with tenant_id (context). This need to be removed so that context (mostly tenant) has to be removed from URI path.
Context (tenant_id and user_id) information can be mostly derived from the incoming token. In some cases we can not rely on context from token (e.g. admin is creating secrets on behalf of users), there should be provision for extra header in the API to establish a context in such cases. (X-Owner-Id and X-Project-Id)
https:/
https:/
Comment by jarret-raim on 2014-04-24 13:15 -0500:
I don't think there is any objection to removing the tenant id, so I don't see a need for a session on this topic? Any side discussions can probably happen at our table.
Let me know if you don't agree!
Gerrit topic: https:/
Addressed by: https:/
remove tenant-id from resource URIs