It would be very nice to actually use scoped tokens though. Then you could use the project's roles to map up to tenants in openshift and not have to manage memberships in multiple systems.
From: Jordan Liggitt [jliggitt redhat com]
Sent: Thursday, April 14, 2016 10:37 AM
To: Fox, Kevin M
Cc: Scott Seago; Chmouel Boudjnah; OpenShift List Dev
Subject: Re: keystonepasswd auth
We don't use the token to make any other API calls, just to verify the user's auth credentials.
On Thu, Apr 14, 2016 at 1:36 PM, Fox, Kevin M <Kevin Fox pnnl gov> wrote: