Hi All, Correct me if I am wrong but I don't think you can configure the Keystone policy.json to allow public access to an API function, as far as I can tell you can allow access to any authenticated user regardless of role assignments but not public access.
My use case is a client which allows users to query for a list of supported identity providers / protocols so that the user can then select which provider to authenticate with - as the user is unauthenticated at the time of the query the request needs to allow public access to the 'List Identity Providers' API function. I can remove the protected decorator from the required functions but this is a nasty hack. I suggest that it should be possible to configure this kind of access rule on a deployment by deployment basis and I was just hoping to get some thoughts on this. Many thanks, Kristy _______________________________________________ OpenStack-dev mailing list OpenStackemail@example.com http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev