There are at least two use cases, when project admin user or barbican secret owner needs to know user ID (in certain cases they are provisioned automatically, e.g. by LDAP): * assign a project role to this user, so he can access the project: https://docs.openstack.org/api-ref/identity/v3/?expanded=assign-role-to-user-on-project-detail#assign-role-to-user-on-project* fine grained barbican ACL permissions: https://docs.openstack.org/barbican/latest/api/reference/acls.html
Therefore it is not clear, whether user IDs or project IDs have to be considered as sensitive.
There are at least two use cases, when project admin user or barbican secret owner needs to know user ID (in certain cases they are provisioned automatically, e.g. by LDAP): /docs.openstack .org/api- ref/identity/ v3/?expanded= assign- role-to- user-on- project- detail# assign- role-to- user-on- project* fine grained barbican ACL permissions: https:/ /docs.openstack .org/barbican/ latest/ api/reference/ acls.html
* assign a project role to this user, so he can access the project: https:/
Therefore it is not clear, whether user IDs or project IDs have to be considered as sensitive.