Which authentication methods are available?

asked 2013-08-29 08:29:13 -0600

Celor gravatar image

updated 2013-08-29 08:30:16 -0600

I know that you can authenticate using HTTP sending a text like this:


Is it possible to use any other message non-based in user-password model to authenticate users?

For example, sending a X.501 cert along with the username or just asking a logging petition without data, that the server could redirect to other authentication server like oauth.

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2015-08-25 03:14:47 -0600

jianzj gravatar image

Hi, maybe you could find all supported authenticate plugins from Keystone source code, location in "./keystone/auth/plugins/".

As I am just learning Keystone, and as I know, Keystone supports a list of plugins :

1) Password : authenticate user identity with a username and password;

2) Token : authenticate user identity with an available token ;

3) SAML/OPENID : authenticate user with federated identity provider , such as you could use another Keystone as an Identity Provider using SAML, and you could also Google as Identity Provider using openid connect;

4) External : authenticate user identity with external methods, delegated authentication to external plugins, such as Kerberos.

Password is the easiest way to obtain user authentication and fetch a token, and you could use one curl command with credential infors offered. Other auth methods may be more complex, and maybe need more then one http request to do this.

Thanks very much !

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools


Asked: 2013-08-29 08:29:13 -0600

Seen: 222 times

Last updated: Aug 25 '15