[openstack-dev] [all][keystone][product] api keys/application specific passwords
Monty Taylor
mordred at inaugust.com
Tue May 16 22:21:00 UTC 2017
On 05/16/2017 02:44 PM, Sean Dague wrote:
> On 05/16/2017 03:40 PM, Monty Taylor wrote:
>> On 05/16/2017 10:20 AM, Doug Hellmann wrote:
>>> Excerpts from Chris Dent's message of 2017-05-16 15:16:08 +0100:
>>>> On Tue, 16 May 2017, Monty Taylor wrote:
>>>>
>>>>> FWIW - I'm un-crazy about the term API Key - but I'm gonna just roll
>>>>> with
>>>>> that until someone has a better idea. I'm uncrazy about it for two
>>>>> reasons:
>>>>>
>>>>> a) the word "key" implies things to people that may or may not be
>>>>> true here.
>>>>> If we do stick with it - we need some REALLY crisp language about
>>>>> what it is
>>>>> and what it isn't.
>>>>>
>>>>> b) Rackspace Public Cloud (and back in the day HP Public Cloud) have
>>>>> a thing
>>>>> called by this name. While what's written in the spec is quite
>>>>> similar in
>>>>> usage to that construct, I'm wary of re-using the name without the
>>>>> semantics
>>>>> actually being fully the same for risk of user confusion. "This uses
>>>>> api-key... which one?" Sean's email uses "APPKey" instead of
>>>>> "APIKey" - which
>>>>> may be a better term. Maybe just "ApplicationAuthorization"?
>>>>
>>>> "api key" is a fairly common and generic term for "this magical
>>>> thingie I can create to delegate my authority to some automation".
>>>> It's also sometimes called "token", perhaps that's better (that's
>>>> what GitHub uses, for example)? In either case the "api" bit is
>>>> pretty important because it is the thing used to talk to the API.
>>>>
>>>> I really hope we can avoid creating yet more special language for
>>>> OpenStack. We've got an API. We want to send keys or tokens. Let's
>>>> just call them that.
>>>>
>>>
>>> +1
>>
>> Fair. That's an excellent argument for "api key" - because I certainly
>> don't think we want to overload 'token'.
>
> As someone who accidentally named "API Microversions", I fully cede
> naming territory to others here.
I named "jeepyb" on _purpose_.
For those playing at home, that's a phoneticization of "GPB" which is an
otherwise never-used acronym for "Gerrit Project Builder".
/me hides
More information about the OpenStack-dev
mailing list