[keystone] How to create a session using trust-scoped token

Nikolla, Kristi knikolla at bu.edu
Wed May 6 23:30:43 UTC 2020


Hi Lingxian,

The issue here is that keystoneauth usually treats all authentication methods the same, and uses them to authenticate and get another token. As you see the error in your log, trust scoped tokens can't create another token, so the authentication fails.

Some clients provide a mechanism for you to input the token and endpoint_url directly without requiring keystoneauth. See below and try that.

https://github.com/openstack/python-neutronclient/blob/master/neutronclient/client.py#L61-L62

Best,
Kristi

> On May 6, 2020, at 6:37 PM, Lingxian Kong <anlin.kong at gmail.com> wrote:
> 
> Hi keystone team,
> 
> I met with an issue that can't perform openstack operations using openstack client lib by providing a trust scoped token. However, I can use that token to send HTTP request directly. Here is my code and the error message, http://dpaste.com/1N6AX0R
> 
> I asked several times in #openstack-keystone IRC channel, but got no response.
> 
> ---
> Lingxian Kong
> Senior Software Engineer
> Catalyst Cloud
> www.catalystcloud.nz




More information about the openstack-discuss mailing list