Hi all, I have the following scenario: 1. On client machine A, a user obtains an auth token with a username and password. 2. The user can use the auth token to do operations on client machine A. 3. A thief steals the auth token, and do operations on client machine B. Can Keystone check the auth token's source IP (which is client machine A in the above example) to prevent thieves to use it? Does this feature exist? Or is it a work in progress? Thanks for the help! John -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160627/8a392eb7/attachment.html>