openstack-ansible/doc/source/developer-docs/configure-federation.rst
daz 238257b312 [docs] Migrate deployment configuration options
Migrate optional deployment configuration options to the developer docs

Change-Id: Ia615cb0c0e8108dfb121d4d7c6c029faa71344e7
Implements: blueprint osa-install-guide-overhaul
2016-06-15 12:07:47 +10:00

1.9 KiB

Home OpenStack-Ansible Installation Guide

Configuring Identity service (keystone) federation (optional)

configure-federation-wrapper configure-federation-sp-overview.rst configure-federation-sp.rst configure-federation-idp.rst configure-federation-idp-adfs.rst configure-federation-mapping.rst configure-federation-use-case.rst

In keystone federation, the identity provider (IdP) and service provider (SP) exchange information securely to enable a user on the IdP cloud to access resources of the SP cloud.

Note

For the Kilo release of OpenStack, federation is only partially supported. It is possible to perform a federated login using command line clients and scripting, but Dashboard (horizon) does not support this functionality.

The following procedure describes how to set up federation.

  1. Configure Identity Service (keystone) service providers.

  2. Configure the identity provider:

  3. Configure the service provider:

  4. Run the authentication wrapper to use Identity Service to Identity Service federation.

    For examples of how to set up keystone to keystone federation, see the Identity Service to Identity Service federation example use-case.