Yes there is. Refer the endpoint section of the Identity v3 documentation: https://github.com/openstack/identity-api/blob/master/openstack-identity-api/v3/src/markdown/identity-api-v3.md Mark From: Kuo Hugo [mailto:tonytkdk at gmail.com] Sent: Wednesday, August 14, 2013 1:37 AM To: openstack at lists.openstack.org Subject: [Openstack] [Keystone] How to restrict the returned service endpoints to client ? Hi folks, Is there a way to specify the particular service endpoints been returned to user? [Scenario 1] There're Nova / Glance / Swift / Keystone services defined in service table. Also the relevant endpoints for each service. Let's say User:foo Tenant: tenant-foo Is it possible to return only Nova's endpoint in the json to the user foo ? I don't want foo to get other service's endpoint. [Scenario 2] There're multiple Swift clusters authenticate users by a single keystone. Swift clusters: name:swift1 name:swift2 Let's say User:foo Tenant: tenant-foo User:bar Tenant: tenant-bar Is there a way to return swift1's endpoint to foo and swift2's endpoint to bar ? I'm not sure if keystoneI should have two regions of endpoints for each swift cluster or two services. Appreciate~ +Hugo Kuo+ hugo at swiftstack.com<mailto:hugo at swiftstack.com> tonytkdk at gmail.com <mailto:tonytkdk at gmail.com> +886 935004793 -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack/attachments/20130814/32198e7a/attachment.html>