← Back to team overview

openstack team mailing list archive

[keystone] How to validate token without admin privileges

 

Hi,

I'm new to OpenStack. I'm looking at deploying two 3rd party services along
OpenStack and would like to use Keystone for they authentication mechanism.
Service A will authenticate and get a token from keystone and use it for
REST requests to service B. Those two services don't use WSGI, just the
REST API. Is there a way for service B to validate the token with keystone
without having an admin role or the admin token?

Sorry for the noob question. The only thing I found in the doc is the GET
method that requires admin permissions:
http://docs.openstack.org/api/openstack-identity-service/2.0/content/GET_validateToken_v2.0_tokens__tokenId__Token_Operations.html
And from what I read in the compute admin docs the OpenStack services seem
to rely on admin credentials or token.

Regards,

Janus

Follow ups