<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div class="">If you use heat creadential for token request it works?</div><div class=""><br class=""></div><div class="">export OS_AUTH_URL=<a href="https://identity.cncloud.com:5000/v2.0" class="">https://identity.cncloud.com:5000/v2.0</a></div><div class="">export OS_REGION_NAME=RegionOne</div><div class="">export OS_USERNAME=heat</div><div class="">export OS_TENANT_NAME=services</div><div class="">export OS_PASSWORD=heat</div><div><br class=""></div><div>keystone token-get </div><div><br class=""></div><div>Davide<br class=""><blockquote type="cite" class=""><div class="">On 01 Feb 2017, at 10:10, NareshA kumar <<a href="mailto:nka@criterionnetworks.com" class="">nka@criterionnetworks.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class="">I have associated heat user to services tenant and gave it a admin role.<div class=""><br class=""></div><div class=""><div class="">keystone user-role-list --user heat --tenant services</div><div class="">+----------------------------------+-------+----------------------------------+----------------------------------+</div><div class="">|                id                |  name |             user_id              |            tenant_id             |</div><div class="">+----------------------------------+-------+----------------------------------+----------------------------------+</div><div class="">| 2b995253c23e4c1db8cd374346a4ecd4 | admin | 645eb7e9f04f4a2b8df65272a23c1394 | 024890084b7642e9b8535b52a86584ea |</div><div class="">+----------------------------------+-------+----------------------------------+----------------------------------+</div></div><div class=""><br class=""></div><div class="">heat --debug stack-list</div><div class=""><br class=""></div><div class=""><div class="">DEBUG (session) REQ: curl -g -i -X GET <a href="https://identity.cncloud.com:5000/v2.0" class="">https://identity.cncloud.com:5000/v2.0</a> -H "Accept: application/json" -H "User-Agent: python-keystoneclient"</div><div class="">DEBUG (session) RESP: [200] x-openstack-request-id: req-2515497e-671b-475e-b48c-0cb6f2ccfe2f content-length: 347 via: 1.1 <a href="http://identity.cncloud.com:5000/" class="">identity.cncloud.com:5000</a> access-control-expose-headers: Accept, Content-Type, X-Auth-Token, X-Subject-Token vary: X-Auth-Token server: Apache/2.4.7 (Ubuntu) connection: close access-control-allow-methods: GET POST OPTIONS PUT DELETE PATCH date: Wed, 01 Feb 2017 09:07:01 GMT access-control-allow-origin: * access-control-allow-headers: Accept, Content-Type, X-Auth-Token, X-Subject-Token content-type: application/json x-distribution: Ubuntu </div><div class="">RESP BODY: {"version": {"status": "stable", "updated": "2014-04-17T00:00:00Z", "media-types": [{"base": "application/json", "type": "application/vnd.openstack.identity-v2.0+json"}], "id": "v2.0", "links": [{"href": "<a href="https://identity.cncloud.com:5000/v2.0/" class="">https://identity.cncloud.com:5000/v2.0/</a>", "rel": "self"}, {"href": "<a href="http://docs.openstack.org/" class="">http://docs.openstack.org/</a>", "type": "text/html", "rel": "describedby"}]}}</div><div class=""><br class=""></div><div class="">DEBUG (v2) Making authentication request to <a href="https://identity.cncloud.com:5000/v2.0/tokens" class="">https://identity.cncloud.com:5000/v2.0/tokens</a></div><div class="">DEBUG (session) REQ: curl -g -i -X GET <a href="http://54.174.88.227:8004/v1/0c28d40bdcf0472d8dfb214a5c0286c4/stacks" class=""><font color="red" class=""><b class="">MailScanner warning: numerical links are often malicious:</b></font> http://54.174.88.227:8004/v1/0c28d40bdcf0472d8dfb214a5c0286c4/stacks</a>? -H "Accept: application/json" -H "User-Agent: python-heatclient" -H "X-Region-Name: RegionOne" -H "X-Auth-Token: {SHA1}9cc75daaff59cdb14a75bfb74ca6d77ebb8d8ac6" -H "Content-Type: application/json" -H "X-Auth-Url: <a href="https://identity.cncloud.com:5000/v2.0" class="">https://identity.cncloud.com:5000/v2.0</a>"</div><div class="">DEBUG (session) RESP:</div><div class="">DEBUG (v2) Making authentication request to <a href="https://identity.cncloud.com:5000/v2.0/tokens" class="">https://identity.cncloud.com:5000/v2.0/tokens</a></div><div class="">DEBUG (session) RESP:</div><div class="">Traceback (most recent call last):</div><div class="">  File "/usr/bin/heat", line 10, in <module></div><div class="">    sys.exit(main())</div><div class="">  File "/usr/lib/python2.7/dist-packages/heatclient/shell.py", line 706, in main</div><div class="">    HeatShell().main(args)</div><div class="">  File "/usr/lib/python2.7/dist-packages/heatclient/shell.py", line 656, in main</div><div class="">    args.func(client, args)</div><div class="">  File "/usr/lib/python2.7/dist-packages/heatclient/v1/shell.py", line 581, in do_stack_list</div><div class="">    utils.print_list(stacks, fields, sortby_index=3)</div><div class="">  File "/usr/lib/python2.7/dist-packages/heatclient/openstack/common/cliutils.py", line 169, in print_list</div><div class="">    for o in objs:</div><div class="">  File "/usr/lib/python2.7/dist-packages/heatclient/v1/stacks.py", line 100, in paginate</div><div class="">    stacks = self._list(url, 'stacks')</div><div class="">  File "/usr/lib/python2.7/dist-packages/heatclient/openstack/common/apiclient/base.py", line 117, in _list</div><div class="">    body = self.client.get(url).json()</div><div class="">  File "/usr/lib/python2.7/dist-packages/heatclient/common/http.py", line 292, in get</div><div class="">    return self.client_request("GET", url, **kwargs)</div><div class="">  File "/usr/lib/python2.7/dist-packages/heatclient/common/http.py", line 285, in client_request</div><div class="">    resp, body = self.json_request(method, url, **kwargs)</div><div class="">  File "/usr/lib/python2.7/dist-packages/heatclient/common/http.py", line 266, in json_request</div><div class="">    resp = self._http_request(url, method, **kwargs)</div><div class="">  File "/usr/lib/python2.7/dist-packages/heatclient/common/http.py", line 361, in _http_request</div><div class="">    raise exc.from_response(resp)</div><div class="">heatclient.exc.HTTPUnauthorized: ERROR: Authentication required</div></div><div class=""><br class=""></div></div><div class="gmail_extra"><br clear="all" class=""><div class=""><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr" class=""><div class="">Regards,<br class=""></div>NareshA.<br class=""></div></div></div>
<br class=""><div class="gmail_quote">On Wed, Feb 1, 2017 at 2:16 PM, Davide Panarese <span dir="ltr" class=""><<a href="mailto:dpanarese@enter.eu" target="_blank" class="">dpanarese@enter.eu</a>></span> wrote:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word" class="">Could you debug heat api call with heat â€”debug stack-list?<div class="">Did you associate heat user to service tenant and give it admin role?</div><div class=""><br class=""></div><div class="">Davide</div><div class=""><div class=""><blockquote type="cite" class=""><div class=""><div class="h5"><div class="">On 31 Jan 2017, at 19:54, NareshA kumar <<a href="mailto:nka@criterionnetworks.com" target="_blank" class="">nka@criterionnetworks.com</a>> wrote:</div><br class="m_5765547782561637881Apple-interchange-newline"></div></div><div class=""><div class=""><div class="h5"><div dir="ltr" class=""><div style="font-size:12.8px" class="">Hi,</div><div style="font-size:12.8px" class="">I am installing heat in kilo with keystone v2 APIs. As per document I have configured the endpoints and heat.conf. "heat stack-list" gives me Authentication required error. In heat-api.log I am seeing "Authorization failed for token" message. </div><div style="font-size:12.8px" class="">Can anyone help me solve this issue?</div><div style="font-size:12.8px" class=""><br class=""></div><div class=""><div class="m_5765547782561637881gmail_signature"><div dir="ltr" class=""><div class="">Regards,<br class=""></div>NareshA.<br class=""></div></div></div>
</div>
<br class=""></div></div><span class="HOEnZb"><font color="#888888" class="">--
<br class=""><font color="#999999" face="Arial, Helvetica, sans-serif" size="1" class=""> Questo messaggio e' stato analizzato con Libra ESVA ed e' risultato non infetto.
<br class=""><a href="http://mx01.enter.it/cgi-bin/learn-msg.cgi?id=32A47402B1.A84A6" target="_blank" class="">Clicca qui per segnalarlo come spam.</a></font>

<font color="#999999" face="Arial, Helvetica, sans-serif" size="1" class=""><br class=""><a href="http://mx01.enter.it/cgi-bin/learn-msg.cgi?blacklist=1&id=32A47402B1.A84A6" target="_blank" class="">Clicca qui per metterlo in blacklist</a></font>

______________________________<wbr class="">_________________</font></span><span class=""><br class="">Mailing list: <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" target="_blank" class="">http://lists.openstack.org/<wbr class="">cgi-bin/mailman/listinfo/<wbr class="">openstack</a><br class="">Post to     : <a href="mailto:openstack@lists.openstack.org" target="_blank" class="">openstack@lists.openstack.org</a><br class="">Unsubscribe : <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" target="_blank" class="">http://lists.openstack.org/<wbr class="">cgi-bin/mailman/listinfo/<wbr class="">openstack</a><br class=""></span></div></blockquote></div><br class=""></div></div></blockquote></div><br class=""></div>
<br class="">--
<br class=""><font color="#999999" face="Arial, Helvetica, sans-serif" size="1" class=""> Questo messaggio e' stato analizzato con Libra ESVA ed e' risultato non infetto.
<br class=""><a href="http://mx01.enter.it/cgi-bin/learn-msg.cgi?id=557444011D.A905A" class="">Clicca qui per segnalarlo come spam.</a></font>

<font color="#999999" face="Arial, Helvetica, sans-serif" size="1" class=""><br class=""><a href="http://mx01.enter.it/cgi-bin/learn-msg.cgi?blacklist=1&id=557444011D.A905A" class="">Clicca qui per metterlo in blacklist</a></font>

_______________________________________________<br class="">Mailing list: <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" class="">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br class="">Post to     : <a href="mailto:openstack@lists.openstack.org" class="">openstack@lists.openstack.org</a><br class="">Unsubscribe : <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" class="">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br class=""></div></blockquote></div><br class=""></body></html>