Allow Standalone Trusts without Trustee User
Registered by
Johannes Grassler
Currently, Keystone trusts require a trustee user to delegate the trust to. This way they are only usable in a scenario where they are delegated to a service user or to a dedicated user created by a service user. This adds a lot of user administration overhead with little security benefit. This blueprint adds a way to tie a trust to a standalone API key that can be used to acquire a token scoped to the trust without requiring a user account.
Blueprint information
- Status:
- Complete
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Johannes Grassler
- Direction:
- Needs approval
- Assignee:
- Johannes Grassler
- Definition:
- Obsolete
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
- Morgan Fainberg
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
Added spec on standalone trusts
(?)