On Thu, May 3, 2018 at 9:49 PM, Eric K <ekcs.openst...@gmail.com> wrote: > Question to the projects which send or consume webhook notifications > (telemetry, monasca, senlin, vitrage, etc.), what are your > supported/preferred authentication mechanisms? Bearer token (e.g. > Keystone)? Signing? > > Any pointers to past discussions on the topic? My interest here is having > Congress consume and send webhook notifications. > > I know some people are working on adding the keystone auth option to > Monasca's webhook framework. If there is a project that already does it, > it could be a very helpful reference.
Hi, I'll add a few that you didn't mention which consume such webhooks. * Heat has been using EC2 signatures basically since forever. It creates EC2 credentials for a Keystone user, and signs URL that way. * Zaqar has signed URLs (https://developer.openstack.org/api-ref/message/#pre-signed-queue) which allows sharing queues without authentication. * Swift temp URLs (https://docs.openstack.org/swift/latest/middleware.html#tempurl) is a good mechanism to share information as well. I'd say application credentials would make those operations a bit nicer, but they are not completely there yet. Everybody not reinventing its own wheel would be nice too :). -- Thomas __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev