← Back to team overview

openstack team mailing list archive

Re: Should the OpenStack API re-use the EC2 credentials?

 

>
>
> However, I think we want the same credentials for users ('username' &
> 'password'), irrespective of the API (or auth protocol) they're using.  I
> think the weird terminology is what got us into the odd situation in which
> we now find ourselves where there are two sets of credentials (and one set
> exposes the secret of the other set!)
>
>
The exposing of the secret is not true, they are just named differently.
 Lets pretend you want to generalize the naming of everything via the EC2
api (api_key, api_secret).  If you switch to using OpenStack auth, then you
would send the api_key as the username, and the api_secret as the api_key.
There is no exposure of the secret key.

--
Chuck

Follow ups

References