OpenStack Keystone Charm

OpenID connect authentication provider support

Bug #1859883 reported by Calvin Hartwell on 2020-01-15

This bug affects 3 people

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Keystone Charm	Triaged	Wishlist	Felipe Reyes

Bug Description

Hi all,

We have the requirement to integrate keystone with an OIDC (OpenID connect) authentication provider, similar to what was done for SAML using the SAML Mellon Charm (https://jaas.ai/u/openstack-charmers/keystone-saml-mellon/3).

I believe this will require a new charm, or modifications to the SAML Mellon Charm.

Cheers,

- Calvin

Tags:

Revision history for this message

Alex Kavanagh (ajkavanagh) wrote on 2020-01-16:

Yes, this would be a feature request. I don't think we should modify the existing SAML mellon charm; it would probably be better to create a new charm to allow a specific name (e.g. keystone-oidc or keystone-openid-connect) which would make it more recognisable.

Changed in charm-keystone:
importance:	Undecided → Wishlist
status:	New → Triaged

Revision history for this message

Felipe Reyes (freyes) wrote on 2021-11-08:

Proposed spec to implemente Keystone OpenID support: https://review.opendev.org/c/openstack/charm-specs/+/817036

Changed in charm-keystone:
assignee:	nobody → Felipe Reyes (freyes)

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.