endpoint-scoped-tokens

Registered by Arvind Tiwari

In a large scale cloud deployments, a service has to support multiple endpoints (regions) and it has to support endpoints specific to particular use case or endpoints managed by admin/group of admins.

To have better access control, we need capability to scope auth token to a particular endpoint and get endpoint scoped roles. This will stop unauthorized access of user/admin from one region to another region.

Blueprint information

Status:
Complete
Approver:
None
Priority:
Undefined
Drafter:
Arvind Tiwari
Direction:
Needs approval
Assignee:
Arvind Tiwari
Definition:
Superseded
Series goal:
None
Implementation:
Unknown
Milestone target:
None
Completed by
Morgan Fainberg

Related branches

Sprints

Whiteboard

This is being superseded by the more overarching token constraints spec being proposed: https://review.openstack.org/#/c/123726/

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.