Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1053722

Summary: [RFE][keystone]: External Identity Providers
Product: Red Hat OpenStack Reporter: RHOS Integration <rhos-integ>
Component: openstack-keystoneAssignee: RHOS Maint <rhos-maint>
Status: CLOSED ERRATA QA Contact: Ami Jeain <ajeain>
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: aberezin, ayoung, breeler, markmc, nkinder, ukalifon, yeylon
Target Milestone: ---Keywords: FutureFeature, Triaged
Target Release: 6.0 (Juno)   
Hardware: Unspecified   
OS: Unspecified   
URL: https://blueprints.launchpad.net/keystone/+spec/identity-providers
Whiteboard: upstream_milestone_icehouse-3 upstream_status_implemented upstream_definition_pending-approval
Fixed In Version: openstack-keystone-2014.1-4.el7ost Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-07-08 15:25:02 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1041881, 1082414    

Description RHOS Integration 2014-01-15 17:01:19 UTC 
Cloned from launchpad blueprint https://blueprints.launchpad.net/keystone/+spec/identity-providers.

Description:

As OpenStack gains enterprise traction, the need to allow non-Keystone identities to log-in to Horizon or execute APIs becomes more relevant. Consider the following use-cases:


    Acme has their own cloud setup running Keystone against their back-end Active Directory. They would like to automatically burst VM provisioning and/or utilization to a public cloud service provider according to capacity and usage rules.
They would like to enable identity federation so there is only one credential set needed between the 2 clouds.

Specification URL (additional information):

https://wiki.openstack.org/wiki/Keystone_Virtual_Identity_Providers
Comment 2 Nathan Kinder 2014-03-13 14:55:14 UTC 
*** Bug 1041870 has been marked as a duplicate of this bug. ***
Comment 3 Udi Kalifon 2014-03-31 07:00:18 UTC 
What external providers are there, for example? Is this feature the same as federation, or the integration with LDAP?
Comment 4 Nathan Kinder 2014-04-08 15:12:56 UTC 
(In reply to Udi from comment #3)
> What external providers are there, for example? Is this feature the same as
> federation, or the integration with LDAP?

This is covered by federation, so you should fovcus on the federation API doc instead of the referenced blueprint:

  https://github.com/openstack/identity-api/blob/master/openstack-identity-api/v3/src/markdown/identity-api-v3-os-federation-ext.md
Comment 9 errata-xmlrpc 2014-07-08 15:25:02 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHEA-2014-0854.html