1
votes

I am writing one app which does authentication using keystone v2.0 APIs, now while authentication /v2.0/tokens, I get the token for all the projects which the user does have access to.

Now when a project is added using horizon how I can get the token for that project, as I am not storing userid/password for the logged in user, and to get the token for the project, I need to send the /v2.0/tokens with the below POST data,

{"auth": {"tenantName": "admin", "passwordCredentials": {"username": "user", "password": "password"}}}

But as I am not storing the userid/password, once user is logged in, then after wards how I can get token for the new project?

Is it necessary to store the user id/password somewhere which can be used later? If yes, then usually what is the best way to store user credentials?

Regards, -M-

2

2 Answers

0
votes

After looking into the keystoneclient code of v2, I got the answer, we can get the token of a new project using existing token itself

data = {"auth": {"token": {"id": token}}}
data['auth']['tenantName'] = tenantName;

Regards, -M-

0
votes

There are various modes of authentication , it can be token , password , oauth etc. If you have requested unscoped token previously then you can use the unscoped token to get a scoped one (for a project/tenant).