The unscoped token keystone returns to you allows you to call GET /tenants and exchange your unscoped token for one scoped to a tenant. This is documented in the API developer guide, but the following functional test illustrates the flow from a client perspective pretty well: keystone.test.functional.test_auth.TestServiceAuthentication test_user_auth_with_role_on_tenant() Link: https://github.com/openstack/keystone/blob/master/keystone/test/functional/test_auth.py See line ~119 -Dolph On Tue, Dec 6, 2011 at 5:34 AM, heut2008 <heut2008 at gmail.com> wrote: > hi,all > > when use crendentials to ask for a unscoped token,should keystone offers > more info such as endpoints and user info? is it a bug or for other use? > > > > > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > Post to : openstack at lists.launchpad.net > Unsubscribe : https://launchpad.net/~openstack > More help : https://help.launchpad.net/ListHelp > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack/attachments/20111206/2dcc2422/attachment.html>