When a federated user authenticates, they are added to their
mapped groups during shadowing.
Closes-Bug: 1809116
Change-Id: I19dc400b2a7aa46709b242cdeef82beaca975ff3
This change updates the minor API version for the new access rules
feature for application credentials, and also adds documentation for
the new feature to the API reference as well as a release note.
bp whitelist-extension-for-app-creds
Change-Id: I8a03223df63877a4f86fbe7e9fa382fdd96c5934
Since PKI tokens are removed and OS-PKI API
is deprecated, updating api-ref for it [1].
[1] https://review.opendev.org/#/c/672334
Change-Id: I06a9d07225977469341851ea604df75976b105ca
These urls in the docs are invalid probably because of the renaming
that happened with commit ccb3d340e49da88bb01ad2d2bb40f00280932aec
Change-Id: Ie3dc315c8b7ff7faa2a6c24d9c074a6fc42a54a8
In Pike we didn't make any significant API additions. In Queens we ended
up bumping the release version twice, once in ba61e84 for project tags
and again in a50fafd2 for system scope. Update the v3.9 identifier to
refer to Queens to avoid misinforming people.
This unfortunately might read more confusingly as now there are two
Queens additions.
Change-Id: I9a0ba7ad713a3c9eb6b0464ed30ff4e6d62d3c74
Add the corresponding release cycle name to the API version number to
assist in correlating new API features with releases.
Change-Id: I24bf0d9d654436338e1ffc688278a5a93eb1e219
This should have been done before the queens release. I noticed it
when looking at the API reference and only seeing application
credentials listed under 3.10 information.
Change-Id: I6f2d9551d15061dbe99e9228c097e735910a41db
Hot off the press! This commit contains all the API reference
documentation for using system role assignments. It is also
consistent with the api-reference conventions we established
during the Queens PTG in Denver.
bp system-scope
Change-Id: Ic49555423d7ca7415d7c8546c5dfa7368ad8fe7e
This change creates a new page describing the usage of project tags
as well as adds in project tag information into existing projects
refs. The added document highlights the properties of a project
tag, the new API calls created, filtering/searching uses, and examples
for each.
This change also creates a release note for the changes made
that add project tags.
Change-Id: Icff11da9412378ae59c6f392f98b05475c7c501d
Partially-Implements: bp project-tags
This adds a section within the index file that describes what a
relationship link is and what it is used for in terms of each
operation within keystone. There will be a relationships section
in both v3 and v3-ext.
This should help clarify any confusion that may arise when a user is
viewing the api-ref about what the relationship links are.
Change-Id: I9c6b7959ed6ea682c565c515af0cf509b6a64e5d
Closes-Bug: #1674676
With the docs migration and re-arrangement, some docs
have been shifted to new places, however the referenced
links are still old. Some of them give 404 error or
just point to the home page. This patch fixes those URLs.
Change-Id: Ie6b18ab3d4aa346dac8436dd426277fee4f07fcd
Currently in the keystone API documentation page located at,
https://developer.openstack.org/api-ref/identity/index.html
all the sections and sub-sections appear at the same depth.
This makes the ordering very untidy and confusing.
This patch reorganises the appearance of sections and
sub-sections at the index page.
Change-Id: I55ae0102236805591e653c153618dec2af510c63
Now that all GET APIs have a corresponding HEAD API, we can add a
formal statement about support and a release note.
Change-Id: Ia5569311f91d87b40d064595ce2c8d69461fbab7
Closes-Bug: 1696574
The openstack.org pages now support https and our references to
the site should by default be one signed by the organization.
Change-Id: I30a462e03d1fd7852511e22cac34c6bc0e8917f4
New proposal on how we document the password_expires_at query.
bp pci-dss-query-password-expired-users
Co-Authored-By: Samuel Pilla <sp516w@att.com>
Change-Id: I81facd0a84f5c05f72294eb1a143c7632b2406e1
A service user from auth_token middleware should be able to fetch a
token that has expired within a certain window so that long running
operations can finish.
Implements bp: allow-expired
Change-Id: I784f719be88481048f5aa7a79d34a54907438cf3
The v3 endpoint documentation /v3/auth/tokens/OS-PKI/revoked is missing
in /api-ref. This patch set adds the documentation for v3.
A separate patch set will be submitted for v2.
Change-Id: I3db3356d24cc8885012756016a90a0996fcf14f5
Partial-Bug: #1626778
Move inheritance API-ref to main Identity API-ref [1]. The docs need to
be updated, though. I think it's better to move them first, then update to
match keystone-specs docs.
[1] Ia838dff1863b1b77472079b32783ae31557b1ef5
Change-Id: I6a6a59bba9c15ac7678e0b20d248dfb4c03881c7
currntly, no index.html file is generated for any of the APIs,
which should be required to migrate over to the api-site.
check the generated build.
Change-Id: Ib290c7412ff426b3061c5ad7535c8cb8310500fa