Hi, Is it possible to use username/password for authentication of Tacker REST API calls? In the tacker.conf, I see both BASIC and OAUTH2 methods for authentication. If I set the auth_type to BASIC and configure the user_name and password values, will I be able to make the REST calls with these username and password? Thanks and regards, Ravichandran
Hi Ravichandran, Thanks for your question,
Is it possible to use username/password for authentication of Tacker REST API calls? No, it is not able to use username/password for authentication of Tacker REST API calls.
You may have seen the following configurations, https://docs.openstack.org/tacker/latest/configuration/config.html#authentic... https://docs.openstack.org/tacker/latest/configuration/config.html#authentic... https://docs.openstack.org/tacker/latest/configuration/config.html#authentic... but the configuration above is not the configuration that Tacker as server. This is the authentication configuration that Tacker uses for the external connection as the client as described in the description. Regards, Ayumu From: Ravichandran Venkataraman (veravich) <veravich@cisco.com> Sent: Saturday, March 16, 2024 12:11 AM To: openstack-discuss@lists.openstack.org Subject: Tacker REST API Authentication Hi, Is it possible to use username/password for authentication of Tacker REST API calls? In the tacker.conf, I see both BASIC and OAUTH2 methods for authentication. If I set the auth_type to BASIC and configure the user_name and password values, will I be able to make the REST calls with these username and password? Thanks and regards, Ravichandran
Thanks Ayumu. Hence the only authentication method for Tacker server should be using OAUTH2 token. Is this right? Regards, Ravichandran From: Ayumu Ueha (Fujitsu) <ueha.ayumu@fujitsu.com> Date: Tuesday, 19 March 2024 at 3:10 PM To: Ravichandran Venkataraman (veravich) <veravich@cisco.com>, openstack-discuss@lists.openstack.org <openstack-discuss@lists.openstack.org> Subject: RE: Tacker REST API Authentication Hi Ravichandran, Thanks for your question,
Is it possible to use username/password for authentication of Tacker REST API calls? No, it is not able to use username/password for authentication of Tacker REST API calls.
You may have seen the following configurations, https://docs.openstack.org/tacker/latest/configuration/config.html#authentic... https://docs.openstack.org/tacker/latest/configuration/config.html#authentic... https://docs.openstack.org/tacker/latest/configuration/config.html#authentic... but the configuration above is not the configuration that Tacker as server. This is the authentication configuration that Tacker uses for the external connection as the client as described in the description. Regards, Ayumu From: Ravichandran Venkataraman (veravich) <veravich@cisco.com> Sent: Saturday, March 16, 2024 12:11 AM To: openstack-discuss@lists.openstack.org Subject: Tacker REST API Authentication Hi, Is it possible to use username/password for authentication of Tacker REST API calls? In the tacker.conf, I see both BASIC and OAUTH2 methods for authentication. If I set the auth_type to BASIC and configure the user_name and password values, will I be able to make the REST calls with these username and password? Thanks and regards, Ravichandran
Hi Ravichandran, Because Tacker is a component of OpenStack, you can also use “Keystone Token authentication”. So, “Keystone Token Authentication” or “Oauth2.0 Token Authentication” can be used as the authentication method for Tacker REST API calls. You can also use an external authorization server such as Keycloak. please refer for datails: https://docs.openstack.org/tacker/latest/admin/index.html Regards, Ayumu From: Ravichandran Venkataraman (veravich) <veravich@cisco.com> Sent: Tuesday, March 19, 2024 5:53 PM To: Ueha, Ayumu/植波 歩 <ueha.ayumu@fujitsu.com>; openstack-discuss@lists.openstack.org Subject: Re: Tacker REST API Authentication Thanks Ayumu. Hence the only authentication method for Tacker server should be using OAUTH2 token. Is this right? Regards, Ravichandran From: Ayumu Ueha (Fujitsu) <ueha.ayumu@fujitsu.com<mailto:ueha.ayumu@fujitsu.com>> Date: Tuesday, 19 March 2024 at 3:10 PM To: Ravichandran Venkataraman (veravich) <veravich@cisco.com<mailto:veravich@cisco.com>>, openstack-discuss@lists.openstack.org<mailto:openstack-discuss@lists.openstack.org> <openstack-discuss@lists.openstack.org<mailto:openstack-discuss@lists.openstack.org>> Subject: RE: Tacker REST API Authentication Hi Ravichandran, Thanks for your question,
Is it possible to use username/password for authentication of Tacker REST API calls? No, it is not able to use username/password for authentication of Tacker REST API calls.
You may have seen the following configurations, https://docs.openstack.org/tacker/latest/configuration/config.html#authentic... https://docs.openstack.org/tacker/latest/configuration/config.html#authentic... https://docs.openstack.org/tacker/latest/configuration/config.html#authentic... but the configuration above is not the configuration that Tacker as server. This is the authentication configuration that Tacker uses for the external connection as the client as described in the description. Regards, Ayumu From: Ravichandran Venkataraman (veravich) <veravich@cisco.com<mailto:veravich@cisco.com>> Sent: Saturday, March 16, 2024 12:11 AM To: openstack-discuss@lists.openstack.org<mailto:openstack-discuss@lists.openstack.org> Subject: Tacker REST API Authentication Hi, Is it possible to use username/password for authentication of Tacker REST API calls? In the tacker.conf, I see both BASIC and OAUTH2 methods for authentication. If I set the auth_type to BASIC and configure the user_name and password values, will I be able to make the REST calls with these username and password? Thanks and regards, Ravichandran
participants (2)
-
Ayumu Ueha (Fujitsu)
-
Ravichandran Venkataraman (veravich)