> I think opening a second (public?) bug might be worthwhile.
To be on the safe side, I'd open a private issue for this, because "openstack request token authorize" requires a role definition and "OAuth1 trustor" user expects that oauth1 token will be limited to this role, but it this role is ignored by Keystone: https://bugs.launchpad.net/keystone/+bug/1873290
> I think opening a second (public?) bug might be worthwhile.
To be on the safe side, I'd open a private issue for this, because "openstack request token authorize" requires a role definition and "OAuth1 trustor" user expects that oauth1 token will be limited to this role, but it this role is ignored by Keystone: https:/ /bugs.launchpad .net/keystone/ +bug/1873290