14b25bc5d1
When using role assignment through groups, the user cannot use the application credentials created. This allows to look up the membership by checking inherited and group assignments. Change-Id: If1bf5bd785a494923303265797311d42018ba7af Closes-Bug: #1773967
10 lines
420 B
YAML
10 lines
420 B
YAML
---
|
|
fixes:
|
|
- |
|
|
[`bug 1773967 <https://bugs.launchpad.net/keystone/+bug/1773967>`_]
|
|
Fixes an issue where users who had role assignments only via a group
|
|
membership and not via direct assignment could create but not use
|
|
application credentials. It is important to note that federated users who
|
|
only have role assignments via a mapped group membership still cannot
|
|
create application credentials.
|