Support Authenticate Calls using Token.
Current Working
1. User does an authenticate call with his set of credentials without specifying a tenant id.
2. User gets a response that includes Token (ie: Token not tied to any tenant.I am calling this Unscoped Token), service catalog(The catalog would just have keystone listed as a service=> needs confirmation from Ziad.) and the list of roles (roles not tied to any specific tenant).
3. User uses the token and makes the get tenants call.
4. User gets a response that lists all the tenants for which a role relationship exists between the user and a tenant.
5. User again does an authenticate call using his credentials and also specifies any one of the tenants. 1=> User has to use his credentials again.
6. User gets the response that includes a service catalog that is tenant specific and a token that a user could use against the mentioned endpoints.
Proposed Working
1. User does an authenticate call with his set of credentials without specifying a tenant id.
2. User gets a response that includes Token (ie: Token not tied to any tenant.I am calling this Unscoped Token), service catalog(The catalog would just have keystone listed as a service) and the list of roles (roles not tied to any specific tenant).
3. User uses the token and makes the get tenants call.
4. User gets a response that lists all the tenants for which a role relationship exists between the user and a tenant.
5. User again does an authenticate call using his unscoped token and also specifies any one of the tenants. => User doesn't have to use his credentials again.
6. User gets the response that includes a service catalog that is tenant specific and a token that a user could use against the mentioned endpoints.
Blueprint information
- Status:
- Complete
- Approver:
- Ziad Sawalha
- Priority:
- Undefined
- Drafter:
- Yogeshwar
- Direction:
- Approved
- Assignee:
- Yogeshwar
- Definition:
- Approved
- Series goal:
- Accepted for diablo
- Implementation:
- Implemented
- Milestone target:
- None
- Started by
- Ziad Sawalha
- Completed by
- Ziad Sawalha