Service tokens

Registered by Stuart McLaren

A new form of composite token auth.

A service token can be required in addition to a standard user token to allow them to perform
operations that they cannot typically do; and potentially operations that no holder
of just a standard token can do.

The typical use case is likely to be services assigning additional roles to users.

Blueprint information

Status:
Complete
Approver:
Dolph Mathews
Priority:
Medium
Drafter:
Stuart McLaren
Direction:
Approved
Assignee:
Stuart McLaren
Definition:
Approved
Series goal:
Accepted for 1.x.x
Implementation:
Implemented
Milestone target:
milestone icon 1.2.0
Started by
Morgan Fainberg
Completed by
Morgan Fainberg

Related branches

Sprints

Whiteboard

Should this be pushed to k*-1? It's getting late in juno-2 to see progress on such a large feature :-/

Use Cases:
Barbican:
Glance->Swift
Cinder->Swift
nova+docker

Gerrit topic: https://review.openstack.org/#q,topic:bp/service-tokens,n,z

Addressed by: https://review.openstack.org/108384 (merged)
    Add composite auth support (service token)

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.