Public bug reported:
In the API guide about "GET /v3/auth/projects", request param
"X-Subject-Token" is needed and the description is "The authentication token.
An authentication response returns the token ID in this header rather than in
the response body.".
But, this API call returns the list of projects that are available to be
scoped to based on the X-Auth-Token provided in the request, "X-Subject-Token"
is needless.Otherwise, the description about request param "X-Auth-Token" says
"A valid authentication token for an administrative user.", it is wrong, this
API need not admin permission.
** Affects: keystone
Importance: Undecided
Status: New
** Description changed:
- In the API guide about "GET /v3/auth/projects", request param
"X-Subject-Token" is needed and the description is "The authentication token.
An authentication response returns the token ID in this header rather than in
the response body.".
- But, this API call returns the list of projects that are available to be
scoped to based on the X-Auth-Token provided in the request, "X-Subject-Token"
is needless.Otherwise, the description about request param "X-Auth-Token" says
"A valid authentication token for an administrative user.", it is wrong, this
API need not admin permission.
+ In the API guide about "GET /v3/auth/projects", request param
"X-Subject-Token" is needed and the description is "The authentication token.
An authentication response returns the token ID in this header rather than in
the response body.".
+ But, this API call returns the list of projects that are available to be
scoped to based on the X-Auth-Token provided in the request, "X-Subject-Token"
is needless.Otherwise, the description about request param "X-Auth-Token" says
"A valid authentication token for an administrative user.", it is wrong, this
API need not admin permission.
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1667194
Title:
[api] The param "X-Subject-Token" is not needed in API "GET
/v3/auth/projects"
Status in OpenStack Identity (keystone):
New
Bug description:
In the API guide about "GET /v3/auth/projects", request param
"X-Subject-Token" is needed and the description is "The authentication token.
An authentication response returns the token ID in this header rather than in
the response body.".
But, this API call returns the list of projects that are available to be
scoped to based on the X-Auth-Token provided in the request, "X-Subject-Token"
is needless.Otherwise, the description about request param "X-Auth-Token" says
"A valid authentication token for an administrative user.", it is wrong, this
API need not admin permission.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1667194/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
