OpenStack Identity (keystone)

  1. Bug #1694589
  2. Activity log

Activity log for bug #1694589

Date Who What changed Old value New value Message
2017-05-31 04:34:10 sanjana bug added bug
2017-06-09 18:47:32 Lance Bragstad tags federation
2017-06-13 03:23:01 sanjana description I am trying to configure OIDC with keystone. I have followed the below steps to create the federated resources. source accr/admin/admin export OS_IDENTITY_API_VERSION=3 openstack domain create federated_domain openstack group create federated_users openstack role add --group federated_users --domain federated_domain admin openstack identity provider create --remote-id https://accounts.google.com myidp export remote_type=REMOTE_USER export remote_type=HTTP_OIDC_EMAIL cat > rules.json <<EOF [ { "local": [ { "user": { "name": "{0}" }, "group": { "domain": { "name": "Default" }, "name": "federated_users" } } ], "remote": [ { "type": "${remote_type}" } ] } ] EOF openstack mapping create --rules rules.json myidp_mapping however the step to create the federation protocol is giving me errors openstack federation protocol create mapped --mapping myidp_mapping --identity-provider myidp I'm getting the below error: string indices must be integers (HTTP 400) (Request-ID: req-85e59791-fc09-49ab-9204-4363b12f95e1) The first time i created a mapping and a protocol things were fine. But when i deleted the older mapping and re-created new rules for mapping and tried creating the protocol, i got the above error I am trying to configure OIDC with keystone. I have followed the below steps to create the federated resources. source accr/admin/admin export OS_IDENTITY_API_VERSION=3 openstack domain create federated_domain openstack group create federated_users openstack role add --group federated_users --domain federated_domain admin openstack identity provider create --remote-id https://accounts.google.com myidp export remote_type=HTTP_OIDC_EMAIL cat > rules.json <<EOF [     {         "local": [             {                 "user": {                     "name": "{0}"                 },                 "group": {                     "domain": {                         "name": "Default"                     },                     "name": "federated_users"                 }             }         ],         "remote": [             {                 "type": "${remote_type}"             }         ]     } ] EOF openstack mapping create --rules rules.json myidp_mapping however the step to create the federation protocol is giving me errors openstack federation protocol create mapped --mapping myidp_mapping --identity-provider myidp I'm getting the below error: string indices must be integers (HTTP 400) (Request-ID: req-85e59791-fc09-49ab-9204-4363b12f95e1) The first time i created a mapping and a protocol things were fine. But when i deleted the older mapping and re-created new rules for mapping and tried creating the protocol, i got the above error
2017-07-18 19:07:53 Lance Bragstad keystone: status New Invalid