Comment 11 for bug 1541656

Browsing through the code I do not see much conditions where the call could execute in a different way - the Openstack client always does "POST" to the /v3/auth/tokens API

        resp = session.post(token_url, json=body, headers=headers,
                            authenticated=False, log=False, **rkwargs)

(in /usr/lib/python2.7/site-packages/keystoneclient/auth/identity/v3/base.py)

..., so I do not see how could we expect for the execution not go through the re-scoping code.