[rfe] Expiring User Group Memberships
Bug #1809116 reported by
Kristi Nikolla
This bug affects 6 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
High
|
Kristi Nikolla |
Bug Description
This bug is used for tracking the progress of the application credential feature in keystone.
Summary
=======
Allow creation of applications credentials based on the authorization of mapped group assignments. The application credentials will require the user who created the application credential to log in with the same authorization in the external identity provider, in order to renew it.
Changed in keystone: | |
status: | New → In Progress |
Changed in keystone: | |
assignee: | Kristi Nikolla (knikolla) → Morgan Fainberg (mdrnstm) |
Changed in keystone: | |
importance: | Undecided → High |
Changed in keystone: | |
assignee: | Morgan Fainberg (mdrnstm) → Kristi Nikolla (knikolla) |
tags: | added: rfe |
summary: |
- Renewable Application Credentials + [rfe] Renewable Application Credentials |
summary: |
- [rfe] Renewable Application Credentials + [rfe] Expiring User Group Memberships |
To post a comment you must log in.
Reviewed: https:/ /review. opendev. org/604201 /git.openstack. org/cgit/ openstack/ keystone- specs/commit/ ?id=11885fcd929 420ef4b4a652476 5392296cdba8ab
Committed: https:/
Submitter: Zuul
Branch: master
commit 11885fcd929420e f4b4a6524765392 296cdba8ab
Author: Kristi Nikolla <email address hidden>
Date: Thu Sep 20 15:48:33 2018 -0400
Expiring Group Membership Through Mapping Rules
Add federated users to the groups that they receive from the mapping rules.
This membership is only carried by the token and not persisted in the
database. The membership expires, but can be renewed when the user
authenticates with the same group.
Partial-Bug: 1809116
Change-Id: If376a1ce18f9b6 28f429f3cac957c 76dacd00a34