The use case here is to validate the token, so my suggestion is to replace the operation to validate a token from GET /tokens/<id> to POST /tokens/validate with a body that includes the token ID and tenant:
POST /tokens/validate
{
"token": {
"id": "asdasdasd-adsasdads-asdasdasd-adsadsasd",
"tenantId": "1234"
}
That way the id will be encrypted for clients using SSL and not show up in the log.
The calls in question are described in the dev guide here:
http:// docs.openstack. org/incubation/ identity- dev-guide/ content/ Validate_ Token-d1e1914. html
The use case here is to validate the token, so my suggestion is to replace the operation to validate a token from GET /tokens/<id> to POST /tokens/validate with a body that includes the token ID and tenant:
POST /tokens/validate adsasdads- asdasdasd- adsadsasd" ,
{
"token": {
"id": "asdasdasd-
"tenantId": "1234"
}
That way the id will be encrypted for clients using SSL and not show up in the log.