You were offline when I responded to your query on IRC: http://eavesdrop.openstack.org/irclogs/%23openstack-keystone /%23openstack-keystone.2020-02-27.log.html#t2020-02-27T13:51:49
In short, the support is partially there already in keystoneauth: https://docs.openstack.org/keystoneauth/latest/authentication- plugins.html#multi-factor-with-v3-identity-plugins We just need to close the gap in python-openstackclient, so this bug will need to be filed in storyboard for osc: https://storyboard.openstack.org/#!/project/975 ** Changed in: keystone Status: New => Invalid -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1865121 Title: 'openstack token issue' command doesn't issue token for MFA enabled user Status in OpenStack Identity (keystone): Invalid Bug description: User who has been to configured such that he can only get a token when he presents more than one modes of authentication, say password & totp. In these cases, 'openstack token issue' command gives 401 error as there is no means for providing totp as an argument. Can a option like --totp be added, like 'openstack token issue --totp 123456' so that MFA users can also use this command to generate token? Or is there any other way currently in openstack using which 'openstack token issue' command can be used to generate token for MFA users! like adding some environment variable in openrc & then eexcuting token issue. To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1865121/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp