Add OS-FEDERATION to scoped federation tokens
Bug #1351029 reported by
Steve Martinelli
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Invalid
|
Medium
|
Unassigned |
Bug Description
Currently, when a federated user gets a token, it has an OS-FEDERATION section under 'user', which contains information about the idp and protocol.
However when the same user uses the unscoped token to get a scoped token, we should put the same information in there as well. This will help support revocation events for federated tokens, i.e. revoking all tokens based on IDP id.
Changed in keystone: | |
status: | New → Triaged |
importance: | Undecided → Medium |
Changed in keystone: | |
assignee: | nobody → wanghong (w-wanghong) |
To post a comment you must log in.
This bug has been fixed in https:/ /review. openstack. org/111070