Validate Federation Mapping Remotely
Registered by
Adam Young
Tokenless operations to remote service could be performed by the following steps:
1. Direct auth to remote service (SAML, Kerberos, X509 Client cert OpenID Connect)
2. Remote Service makes call to Keystone that gets back the same values as the Token Validation response.
Blueprint information
- Status:
- Complete
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Adam Young
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- Obsolete
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
- Lance Bragstad
Related branches
Related bugs
Sprints
Whiteboard
(lbragstad) 19-02-12: Marking this as obsolete until we can get agreement or reviews on the proposed specification [0]. If/when we come to agreement on an approach we can open a blueprint to track the work. This approach reduces duplication between Launchpad and specs.openstack
(?)