This session will include the following subject(s):
Keystoneclient discussions:
The session for all things related to interacting with keystone.
Specific points:
- V3 everywhere: Within the Juno cycle v3 keystone should be the default. What's still required and how do we go about making the transition. If you are involved in another python-*client, what do you need to do. Please bring along any of your own experiences.
- Extension handling from the client side: Loading managers with stevedore is becoming popular - do we want to go down this route client side? Are we committing to HATEOAS or should we be listing extensions on the server? Can we see some unity between client side and server side here.
- Auth plugins for federation and discoverability: We no longer just authenticate against /auth/tokens. Now we can have different endpoints with different apache supported mechanisms. As a user how do i find this and what do we expect clients to provide to make this work?
- Token/Endpoint binding: Your endpoints are listed in your tokens but there is no enforcement that your token can only be used with these endpoints. How can we enforce this - or should we even try?