Ask Your Question

jeffdeville's profile - activity

2015-10-30 10:59:13 -0500 answered a question Refresh revoked token in horizon/keystone

Haneef Ali is correct in that you can get a scoped token from an unscoped token. You could do it by calling


Unfortunately, it won't work for you in this case, because the unscoped token is being invalidated along with the scoped tokens, at least with my version of keystone. See: /keystone/token/

As a result, trying this call just 401's on the call to Keystone. I've validated that this is the problem by revalidating the token (update the valid column back to 1 in the unscoped_token's record), and then calling authenticate, which then succeeds.

I think Keystone would need to be altered such that the unscoped tokens were not invalidated.