On 01/06/2015 06:27 PM, Ratnadeep Bhattacharjee wrote: > Hi, > > > > I am trying to make a HTTP PUT request to assign admin role to a given > user in a given domain: > > http://host:port/keystone/v3/domains/16faa0dcebc94ca0ad83807d5c628754/users/bd0bf9040f0a47ce9cd09610f4c7dc17/roles/52580a3e2e164aca9e46b8c013bc7e18 > <http://10.0.1.87:8000/v1/openstack/keystone/v3/domains/16faa0dcebc94ca0ad83807d5c628754/users/bd0bf9040f0a47ce9cd09610f4c7dc17/roles/52580a3e2e164aca9e46b8c013bc7e18> as > per the documentation in > http://developer.openstack.org/api-ref-identity-v3.html but *I get a > HTTP 403 error*. I am quite sure the domain, user and role IDs are > valid. Any idea what I might be doing wrong? Do I have to set any > special flags in keystone for this to succeed? No special flags, but the user making the call needs permissions to do it. If you are using an admin token to make the call, then one of your other assumptions is false. > > Regards, > -Deep. > > > > > > _______________________________________________ > Openstack-security mailing list > Openstack-security at lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-security/attachments/20150106/39b7e0cd/attachment.html>