2017-06-13 03:23:01 |
sanjana |
description |
I am trying to configure OIDC with keystone.
I have followed the below steps to create the federated resources.
source accr/admin/admin
export OS_IDENTITY_API_VERSION=3
openstack domain create federated_domain
openstack group create federated_users
openstack role add --group federated_users --domain federated_domain admin
openstack identity provider create --remote-id https://accounts.google.com myidp
export remote_type=REMOTE_USER
export remote_type=HTTP_OIDC_EMAIL
cat > rules.json <<EOF
[
{
"local": [
{
"user": {
"name": "{0}"
},
"group": {
"domain": {
"name": "Default"
},
"name": "federated_users"
}
}
],
"remote": [
{
"type": "${remote_type}"
}
]
}
]
EOF
openstack mapping create --rules rules.json myidp_mapping
however the step to create the federation protocol is giving me errors
openstack federation protocol create mapped --mapping myidp_mapping --identity-provider myidp
I'm getting the below error:
string indices must be integers (HTTP 400) (Request-ID: req-85e59791-fc09-49ab-9204-4363b12f95e1)
The first time i created a mapping and a protocol things were fine. But when i deleted the older mapping and re-created new rules for mapping and tried creating the protocol, i got the above error |
I am trying to configure OIDC with keystone.
I have followed the below steps to create the federated resources.
source accr/admin/admin
export OS_IDENTITY_API_VERSION=3
openstack domain create federated_domain
openstack group create federated_users
openstack role add --group federated_users --domain federated_domain admin
openstack identity provider create --remote-id https://accounts.google.com myidp
export remote_type=HTTP_OIDC_EMAIL
cat > rules.json <<EOF
[
{
"local": [
{
"user": {
"name": "{0}"
},
"group": {
"domain": {
"name": "Default"
},
"name": "federated_users"
}
}
],
"remote": [
{
"type": "${remote_type}"
}
]
}
]
EOF
openstack mapping create --rules rules.json myidp_mapping
however the step to create the federation protocol is giving me errors
openstack federation protocol create mapped --mapping myidp_mapping --identity-provider myidp
I'm getting the below error:
string indices must be integers (HTTP 400) (Request-ID: req-85e59791-fc09-49ab-9204-4363b12f95e1)
The first time i created a mapping and a protocol things were fine. But when i deleted the older mapping and re-created new rules for mapping and tried creating the protocol, i got the above error |
|