Ask Your Question

Revision history [back]

With Keystone v3 you could use the Domains concept to isolate users from projects. You could have an admin user in Domain1 and they can create projects, users, etc. but they would not be able to do that in Domain2.

This Post provides more information and examples.

Also, the Identity API docs provide more information.