openstack client integration to fetch and provide OIDC access tokens (v3oidcaccesstoken)?

Jonathan Rosser jonathan.rosser at rd.bbc.co.uk
Mon Jan 23 10:09:49 UTC 2023


On 20/01/2023 21:22, Christian Rohmann wrote:
>
> I found that Fedcloud.eu (https://www.fedcloud.eu/) does something 
> like this (see 
> https://fedcloudclient.fedcloud.eu/usage.html#authentication) via 
> OIDC-Agent. But most platforms making use of OIDC seem to configure 
> the openstack client with client_id and secret and have it 
> authenticate directly with the IdP.
>
My team contributed patches to https://github.com/IFCA/keystoneauth-oidc 
to use PKCE so that a client ID and client secret do not need to be 
given to users.

Hope this is useful,
Jon.




More information about the openstack-discuss mailing list