Check the Trust token and OAuth token in Keystone ( although currently, OAuth Token support is minimal) ...shohel On Monday, March 3, 2014 7:09 PM, Lichao Yin <lichaoyin at gmail.com> wrote: Hi stackers, Our group are doing research on OpenStack. One of our scenario is like this: There are two users on cloud: user A and user B. User A has some resources like volumes or object storage on cloud. We hope these resource could belong to some certain user, not one tenant. User A wants to verify user B and grant user B the access to user A's resource (maybe by token, but we hope this token is not bare token and could only be used by user B). So does anyone have idea about it or about what part of Keystone should we modify? If you have any idea, I would appreciate any feedback. Thanks, Lichao Yin _______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack at lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140303/e69bc1ca/attachment.html>