Hi All,

Correct me if I am wrong but I don't think you can configure the Keystone 
policy.json to allow public access to an API function, as far as I can tell you 
can allow access to any authenticated user regardless of role assignments but 
not public access.

My use case is a client which allows users to query for a list of supported 
identity providers / protocols so that the user can then select which provider 
to authenticate with - as the user is unauthenticated at the time of the query 
the request needs to allow public access to the 'List Identity Providers' API 

I can remove the protected decorator from the required functions but this is a 
nasty hack.

I suggest that it should be possible to configure this kind of access rule on a 
deployment by deployment basis and I was just hoping to get some thoughts on 

Many thanks,
OpenStack-dev mailing list

Reply via email to