User tenants in keystone v2

asked 2015-06-24 01:54:44 -0600

Hi, i was thinking if there is a way to know in which tenants an user it is? Probably there is a way, because in the dashboard you can choose which tenant you want to use. For example, i want that my user can choose in which of his tenants want to use in my app. I'm using keystone v2. Thanks

edit retag flag offensive close merge delete

4 answers

Sort by ยป oldest newest most voted

answered 2015-06-24 11:33:59 -0600

Assuming you have a valid token you can do

curl -ki - H "X-Auth-Token:UsersToken" http://<keystone_endpoint>:5000/v2.0/tenants will list all the tenants available for that user

curl -ki - H "X-Auth-Token:UsersToken" http://<keystone_endpoint>:35357/v2.0/tenants will list all the tenants available in the system.

Note: Depenending on the port the response changes

edit flag offensive delete link more


Thank you, that's what i was looking for

Eduardo Gonzalez gravatar imageEduardo Gonzalez ( 2015-06-25 02:15:44 -0600 )edit

answered 2015-06-24 02:57:43 -0600

uts9 gravatar image

updated 2015-06-24 02:59:35 -0600

While authenticating you need to mention the tenant name. Hope this is what you are looking for

'{"auth": {"tenantName": "'admin'", "passwordCredentials": {"username": "'<username>'", "password": "'<password>'"}}}'

If you are using curl

$ curl -s -X POST http://<ipaddress>:5000/v2.0/tokens \
            -H "Content-Type: application/json" \
            -d '{"auth": {"tenantName": "<tenantname>", "passwordCredentials":
            {"username": "<username>", "password": "<password>"}}}' \
            | python -m json.tool
edit flag offensive delete link more

answered 2015-06-24 04:10:08 -0600

nethawk gravatar image

You can use the API below: GET /v2.0/users

The respone includes the tenant IDs of every user.

edit flag offensive delete link more


And you can also use this command line: keystone user-get <user_id>

nethawk gravatar imagenethawk ( 2015-06-24 04:22:17 -0600 )edit

answered 2015-06-24 09:48:51 -0600

None of the answers so far list all the tenants that a user is a member of. I don't think there is a single API that accomplishes this. You would have to list all tenants, then the roles this user has in each tenant. For example:

for tenant in $(keystone tenant-list | awk 'NR>3 && /^|/ { print $2 }')
    echo $tenant
    keystone user-role-list --user foobar --tenant $tenant

(I didn't test this)

Or use the equivalent commands of the new openstack client.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2015-06-24 01:54:44 -0600

Seen: 361 times

Last updated: Jun 24 '15