Why does Keystone not reuse tokens?

asked 2017-01-06 13:24:32 -0600

mnparthasarathy gravatar image

Using API, when a user requests a token, Keystone generates a new one instead of first checking whether a valid token exists in the database. Is there a reason why token generation is implemented this way?

Currently, it appears that the onus is on the client to cache tokens and reuse them during the 24hour period. However, it's not always easy to convince a client to implement caching. What are some alternatives to client side caching using PKIZ tokens?

edit retag flag offensive close merge delete


I can't answer your question, but you should tell your client(s) not to use PKIZ anymore. It's deprecated and will disappear in Ocata (source: http://docs.openstack.org/admin-guide...).

Bernd Bausch gravatar imageBernd Bausch ( 2017-01-06 19:59:29 -0600 )edit