Hello, 

Does application credentials created as member role with access rule need any special permissions to list hypervisors via cli? 
Here is the access rule i created for my application credentials 

[
    {
        "path": "/v2.1/**",
        "method": "GET",
        "service": "compute"
    }
]


+--------------------------------+---------+--------+-------------------+

| ID                             | Service | Method | Path              |

+--------------------------------+---------+--------+-------------------+

| f2417b29f8394281aaa088d7c01059 | compute | POST   | /v2.1/hypervisors |

| 0cacd63becc04db086cd070db978c5 | compute | POST   | /v2.1/servers     |

| 366abc32faf543b9ab047a83eafe83 | compute | GET    | /v2.1/servers     |

| 4a4258b6a37c49f3816b708efa179f | compute | GET    | /v2.1/**          |

+--------------------------------+---------+--------+-------------------+
I tried to use other access rule too.

After sourcing the credentials if i would like to list any of the openstack resources it simply does not work 

openstack volume list                                                                                                                      
openstack The request you have made requires authentication. (HTTP 401)

openstack hypervisor list                                                                                                                 
The request you have made requires authentication. (HTTP 401) (Request-ID: req-c4532458-5606-4c85-8f93-20e61f57e2c9)

i think this could be a bug in keystone or it might need any special permissions with access rule.

Please help will be really appreciated. 
--
Thanks and Regards,

Hemant Sonawane