Identity service (keystone) provides identity, token, catalog, and policy services for use specifically by services in the OpenStack family. Identity service is organized as a group of internal services exposed on one or many endpoints. Many of these services are used in a combined fashion by the front end. For example, an authentication call validates user and project credentials with the identity service. If successful, it will create and return a token with the token service. More information can be found by reading the keystone Developer Documentation.
- Authentication methods
- Federated keystone
- Check-Identity-01: Is user/group ownership of config files set to keystone?
- Check-Identity-02: Are strict permissions set for Identity configuration files?
- Check-Identity-03: is TLS enabled for Identity?
- Check-Identity-04: (Obsolete)
- Check-Identity-05: Is
max_request_body_sizeset to default (114688)?
- Check-Identity-06: Disable admin token in
- Check-Identity-07: insecure_debug false in
- Check-Identity-08: Use fernet token in